Solved Win64:Patched-A [Trj] Assistance Requested

System Log:

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7600 Windows 7 x64

Account is Administrative

Internet Explorer version: 8.0.7600.16385

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED, I:\ DRIVE_FIXED, K:\ DRIVE_FIXED
CPU speed: 3.300000 GHz
Memory total: 8539295744, free: 6190432256

Downloaded database version: v2014.01.25.09
Downloaded database version: v2013.12.18.01
=======================================
Initializing...
------------ Kernel report ------------
01/25/2014 12:26:32
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\DRIVERS\ACPI.sys
\SystemRoot\system32\DRIVERS\WMILIB.SYS
\SystemRoot\system32\DRIVERS\msisadrv.sys
\SystemRoot\system32\DRIVERS\pci.sys
\SystemRoot\system32\DRIVERS\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\DRIVERS\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\DRIVERS\atapi.sys
\SystemRoot\system32\DRIVERS\ataport.SYS
\SystemRoot\system32\DRIVERS\msahci.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\DRIVERS\mvs91xx.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\mvxxmm.sys
\SystemRoot\system32\DRIVERS\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vmstorfl.sys
\SystemRoot\system32\DRIVERS\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\dtsoftbus01.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\drivers\ctaud2k.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ctoss2k.sys
\SystemRoot\system32\drivers\ctprxy2k.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\SteelBus64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\drivers\ha20x2k.sys
\SystemRoot\system32\drivers\emupia2k.sys
\SystemRoot\system32\drivers\ctsfm2k.sys
\SystemRoot\system32\drivers\ctac32k.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\drivers\CTHWIUT.SYS
\SystemRoot\System32\drivers\CT20XUT.SYS
\SystemRoot\System32\drivers\CTEXFIFX.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys
\??\C:\Windows\system32\drivers\DDCDrv.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\SAlpham64.sys
\SystemRoot\system32\DRIVERS\umpass.sys
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\System32\Drivers\ajqycgbe.SYS
\SystemRoot\System32\Drivers\aswVmm.SYS
\??\C:\Windows\system32\drivers\aswRdr2.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\aswSnx.sys
\??\C:\Windows\system32\drivers\aswStm.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\clbcatq.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\user32.dll
\Windows\System32\kernel32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\wininet.dll
\Windows\System32\difxapi.dll
\Windows\System32\ws2_32.dll
\Windows\System32\sechost.dll
\Windows\System32\ole32.dll
\Windows\System32\lpk.dll
\Windows\System32\usp10.dll
\Windows\System32\psapi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\shell32.dll
\Windows\System32\msctf.dll
\Windows\System32\oleaut32.dll
\Windows\System32\nsi.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\imm32.dll
\Windows\System32\normaliz.dll
\Windows\System32\gdi32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\advapi32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\crypt32.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa80089da060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-2\
Lower Device Object: 0xfffffa8007525060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa80089d9060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP3T0L0-3\
Lower Device Object: 0xfffffa8007531060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa80089d8060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP4T0L0-4\
Lower Device Object: 0xfffffa800753e060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80089d7060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xfffffa8007519060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80089d6060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa800750c060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80089d6060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80089d6b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80089d6060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800750c060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A4743AC5

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 117219328

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 117221376 Numsec = 117217280

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 120034123776 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-234421648-234441648)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa80089d7060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80089d7b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80089d7060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007519060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 3217EDB5

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 488392704

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa80089d8060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800880e990, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80089d8060, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800753e060, DeviceName: \Device\Ide\IdeDeviceP4T0L0-4\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 97BBA4FB

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 117225472
Partition file system is NTFS
Partition is not bootable

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 60022480896 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 3, DevicePointer: 0xfffffa80089d9060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80089d9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80089d9060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007531060, DeviceName: \Device\Ide\IdeDeviceP3T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 5DDE4087

Partition information:

Partition 0 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 488392704

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 4, DevicePointer: 0xfffffa80089da060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80089dab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80089da060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8007525060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: B7CEB7CE

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 268206080

Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 268412928 Numsec = 129882112

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 203928109056 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-2048-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-4-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-4-0-2048-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-4-r.mbam...
Removal finished
 
Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
ComboFix Log:

ComboFix 14-01-23.02 - Genetic Styles 01/25/2014 12:42:40.2.4 - x64
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.8144.6422 [GMT -7:00]
Running from: c:\users\Genetic Styles\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\GENETI~1\AppData\Local\Temp\10d2ca4a-28d7-4d81-8c1e-dc42bb6c83fc\CliSecureRT64.dll
c:\users\Genetic Styles\AppData\Local\Temp\10d2ca4a-28d7-4d81-8c1e-dc42bb6c83fc\CliSecureRT64.dll
.
.
((((((((((((((((((((((((( Files Created from 2013-12-25 to 2014-01-25 )))))))))))))))))))))))))))))))
.
.
2014-01-25 19:44 . 2014-01-25 19:44 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-25 19:28 . 2014-01-25 19:28 -------- d-----w- c:\windows\system32\appmgmt
2014-01-25 19:26 . 2014-01-25 19:30 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-25 19:26 . 2014-01-25 19:26 119000 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-01-25 19:26 . 2014-01-25 19:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-01-25 19:01 . 2014-01-25 19:01 -------- d-----w- c:\program files\AVAST Software
2014-01-25 18:14 . 2014-01-25 18:14 -------- d-----w- C:\FRST
2014-01-25 06:51 . 2014-01-25 19:01 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-01-25 06:51 . 2014-01-25 19:01 80184 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-01-25 06:51 . 2014-01-25 19:01 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-01-25 06:51 . 2014-01-25 19:01 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-01-25 06:51 . 2014-01-25 19:01 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-01-25 06:51 . 2014-01-25 19:01 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-01-25 06:51 . 2014-01-25 19:01 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-01-25 06:51 . 2014-01-25 19:01 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-01-25 06:51 . 2014-01-25 06:51 43152 ----a-w- c:\windows\avastSS.scr
2014-01-25 06:51 . 2014-01-25 06:51 -------- d-----w- c:\programdata\AVAST Software
2014-01-25 06:21 . 2014-01-25 06:21 -------- d-----w- c:\windows\ERUNT
2014-01-25 06:17 . 2014-01-25 06:19 -------- d-----w- C:\AdwCleaner
2014-01-17 05:38 . 2014-01-17 05:38 283064 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2014-01-17 05:38 . 2014-01-17 05:38 -------- d-----w- c:\program files (x86)\DAEMON Tools Lite
2014-01-17 05:38 . 2014-01-17 05:48 -------- d-----w- c:\programdata\DAEMON Tools Lite
2014-01-17 05:18 . 2014-01-17 05:18 -------- d-----w- c:\program files\CCleaner
2014-01-15 06:20 . 2014-01-15 06:20 -------- d-----w- c:\program files\Core Temp
2014-01-15 06:07 . 2013-12-10 02:15 982232 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-01-15 06:07 . 2013-12-10 02:14 1100248 ----a-w- c:\windows\system32\nvspcap64.dll
2014-01-15 05:29 . 2014-01-15 05:29 -------- d-----w- c:\programdata\Malwarebytes
2014-01-15 05:29 . 2014-01-15 05:29 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2014-01-15 05:29 . 2013-04-04 21:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-01-11 20:22 . 2014-01-11 20:22 -------- d-----w- c:\program files\OBS
2014-01-11 20:22 . 2014-01-11 20:22 -------- d-----w- c:\program files (x86)\OBS
2014-01-10 06:48 . 2014-01-10 06:48 -------- d-----w- c:\program files\Microsoft Xbox 360 Accessories
2014-01-09 12:22 . 2014-01-09 12:22 -------- d--h--w- c:\program files (x86)\Common Files\EAInstaller
2014-01-09 12:22 . 2014-01-09 12:22 -------- d-----w- c:\program files (x86)\Battlelog Web Plugins
2014-01-09 12:22 . 2014-01-09 12:22 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-01-09 12:22 . 2014-01-09 12:22 281872 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-01-09 12:22 . 2014-01-09 12:22 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-01-09 12:22 . 2014-01-09 12:22 -------- d-----w- c:\programdata\Package Cache
2014-01-09 05:57 . 2014-01-09 05:57 -------- d-----w- c:\program files (x86)\RocketDock
2014-01-09 05:57 . 2014-01-09 05:57 -------- d-----w- c:\program files (x86)\MPC-HC
2014-01-09 05:57 . 2014-01-09 05:57 -------- d-----w- c:\program files (x86)\Mumble
2014-01-09 05:54 . 2014-01-17 00:41 -------- d-----w- c:\program files\FolderSize
2014-01-09 05:40 . 2014-01-09 05:40 -------- d-----w- c:\program files (x86)\Pidgin
2014-01-09 05:36 . 2014-01-09 05:36 20832 ----a-w- c:\windows\system32\drivers\ddcdrv.sys
2014-01-09 05:36 . 2014-01-09 05:36 155528 ----a-w- c:\windows\system32\DDCHELPER.dll
2014-01-09 05:15 . 2014-01-09 05:15 -------- d-----w- c:\program files\WinRAR
2014-01-09 05:15 . 2014-01-09 05:15 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-01-09 05:04 . 2014-01-09 05:04 -------- d-----w- c:\program files\Ventrilo
2014-01-09 05:03 . 2014-01-09 05:03 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-01-09 04:48 . 2014-01-09 04:48 -------- d-----w- c:\program files (x86)\Combined Community Codec Pack
2014-01-09 04:47 . 2014-01-09 04:47 -------- d-----w- c:\programdata\Realtime Soft
2014-01-09 04:47 . 2014-01-09 04:47 -------- d-----w- c:\program files\UltraMon
2014-01-09 04:47 . 2014-01-09 04:47 -------- d-----w- c:\program files (x86)\Common Files\Realtime Soft
2014-01-09 04:47 . 2014-01-09 04:47 -------- d-----w- c:\program files (x86)\DAMN NFO Viewer
2014-01-09 04:45 . 2014-01-17 05:18 -------- d-----w- c:\windows\Panther
2014-01-09 04:41 . 2013-12-16 08:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1EEE24E7-491B-44C4-88FB-0BD4B8A085F6}\mpengine.dll
2014-01-09 04:41 . 2013-11-26 19:25 267936 ------w- c:\windows\system32\MpSigStub.exe
2014-01-09 04:41 . 2014-01-09 04:41 -------- d-----w- c:\program files (x86)\Common Files\Skype
2014-01-09 04:41 . 2014-01-09 04:41 -------- d-----r- c:\program files (x86)\Skype
2014-01-09 04:41 . 2014-01-09 04:41 -------- d-----w- c:\programdata\Skype
2014-01-09 04:40 . 2014-01-09 04:40 -------- d-----w- c:\program files (x86)\Origin Games
2014-01-09 04:39 . 2014-01-09 04:41 -------- d-----w- c:\programdata\Origin
2014-01-09 04:39 . 2014-01-09 04:39 -------- d-----w- c:\programdata\Electronic Arts
2014-01-09 04:38 . 2014-01-25 02:16 -------- d-----w- c:\program files (x86)\Origin
2014-01-09 04:36 . 2014-01-09 04:36 -------- d-----w- c:\program files (x86)\VideoLAN
2014-01-09 04:29 . 2014-01-09 04:29 -------- d-----w- c:\programdata\SteelSeries
2014-01-09 04:28 . 2014-01-09 04:28 -------- d-----w- c:\program files\SteelSeries
2014-01-09 04:27 . 2014-01-25 18:57 -------- d-----w- c:\program files (x86)\Google
2014-01-09 04:25 . 2012-06-12 14:00 74344 ----a-w- c:\windows\system32\RtNicProp64.dll
2014-01-09 04:25 . 2012-06-12 14:00 726160 ----a-w- c:\windows\system32\drivers\Rt64win7.sys
2014-01-09 04:25 . 2012-06-12 14:00 107552 ----a-w- c:\windows\system32\RTNUninst64.dll
2014-01-09 04:18 . 2011-12-06 07:55 53248 ----a-r- c:\windows\SysWow64\CSVer.dll
2014-01-09 04:18 . 2014-01-09 04:18 -------- d-----w- c:\programdata\InstallShield
2014-01-09 04:17 . 2003-06-13 06:25 7062 ----a-w- c:\windows\SysWow64\audiopid.vxd
2014-01-09 04:13 . 2012-05-20 16:25 19264 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-01-09 04:13 . 2012-05-20 16:25 789824 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-01-09 04:13 . 2012-05-20 16:25 357184 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-01-09 04:13 . 2014-01-09 04:13 -------- d-----w- c:\program files (x86)\Marvell
2014-01-09 04:13 . 2014-01-09 04:13 -------- d-----w- c:\program files (x86)\ASM104xUSB3
2014-01-09 04:11 . 2014-01-09 05:38 -------- d-----w- c:\program files (x86)\Realtek
2014-01-09 04:11 . 2014-01-09 05:39 -------- d--h--w- c:\program files (x86)\Temp
2014-01-09 04:11 . 2014-01-09 04:11 -------- d-----w- c:\program files (x86)\Common Files\InstallShield
2014-01-09 04:09 . 2014-01-09 04:09 -------- d-----w- C:\Intel
2014-01-09 04:09 . 2014-01-09 05:38 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information
2014-01-09 04:09 . 2014-01-09 04:18 -------- d-----w- c:\program files (x86)\Intel
2014-01-09 04:08 . 2012-10-30 03:21 -------- d-----w- c:\windows\Chipset
2014-01-09 04:08 . 2014-01-09 04:08 16896 ----a-w- c:\windows\AsTaskSched.dll
2014-01-09 04:08 . 2011-02-25 06:36 295296 ----a-w- c:\windows\system32\drivers\volsnap.sys
2014-01-09 04:07 . 2014-01-25 19:28 -------- d-sh--w- c:\windows\Installer
2014-01-09 04:07 . 2014-01-09 04:07 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-01-09 04:06 . 2014-01-15 06:07 -------- d-----w- c:\programdata\NVIDIA Corporation
2014-01-09 04:06 . 2014-01-15 06:07 -------- d-----w- c:\program files (x86)\NVIDIA Corporation
2014-01-09 04:06 . 2014-01-15 06:07 -------- d-----w- c:\program files\NVIDIA Corporation
2014-01-09 04:04 . 2014-01-16 05:39 -------- d-----w- c:\users\Genetic Styles
2014-01-09 04:03 . 2014-01-09 04:03 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-19 19:20 . 2013-12-19 19:20 590112 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2013-10-30 16:15 . 2013-10-30 16:15 140800 ----a-w- c:\windows\system32\drivers\SteelBus64.sys
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SteelSeries Engine"="c:\program files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe" [2013-11-05 242688]
"RocketDock"="c:\program files (x86)\RocketDock\RocketDock.exe" [2007-09-02 495616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-10-28 3675352]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"CTxfiHlp"="CTXFIHLP.EXE" [2011-08-22 25600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-09-05 958576]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-01-25 3767096]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
UltraMon.lnk - c:\windows\Installer\{9069EE0A-7615-4D86-AD80-CA263E936DA6}\IcoUltraMon.ico /auto [2014-1-8 29310]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
R3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
R3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UltraMonUtility;UltraMon Utility Driver;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys;c:\program files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys [x]
S2 WinI2C-DDC;WinI2C-DDC Kernel Mode Driver;c:\windows\system32\drivers\DDCDrv.sys;c:\windows\SYSNATIVE\drivers\DDCDrv.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 busenum;SteelBusSvc;c:\windows\system32\DRIVERS\SteelBus64.sys;c:\windows\SYSNATIVE\DRIVERS\SteelBus64.sys [x]
S3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\System32\drivers\CT20XUT.SYS;c:\windows\SYSNATIVE\drivers\CT20XUT.SYS [x]
S3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\System32\drivers\CTEXFIFX.SYS;c:\windows\SYSNATIVE\drivers\CTEXFIFX.SYS [x]
S3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\System32\drivers\CTHWIUT.SYS;c:\windows\SYSNATIVE\drivers\CTHWIUT.SYS [x]
S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SAlphamHid;SteelHIDSvc;c:\windows\system32\DRIVERS\SAlpham64.sys;c:\windows\SYSNATIVE\DRIVERS\SAlpham64.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - AJQYCGBE
*NewlyCreated* - ASWMONFLT
*NewlyCreated* - ASWRDR
*NewlyCreated* - ASWSNX
*NewlyCreated* - ASWSTM
*NewlyCreated* - ASWVMM
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-25 18:57 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-25 18:57]
.
2014-01-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-25 18:57]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-01-25 19:01 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 8.8.8.8 8.8.4.4 68.105.28.12
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-25 12:45:25
ComboFix-quarantined-files.txt 2014-01-25 19:45
ComboFix2.txt 2014-01-25 06:28
ComboFix3.txt 2014-01-17 00:57
.
Pre-Run: 29,108,908,032 bytes free
Post-Run: 29,054,607,360 bytes free
.
- - End Of File - - 2073D7258309F14B6F67482264C561E1
A36C5E4F47E84449FF07ED3517B43A31
 
Looks good.

Any current issues?

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

redtarget.gif
Download OTL to your Desktop.
Alternate download: http://www.itxassociates.com/OT-Tools/OTL.exe
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Scan All Users checkbox.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows: OTL.txt and Extras.txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post them back here.
 
ADWCleaner:

# AdwCleaner v3.017 - Report created 24/01/2014 at 23:19:31
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Genetic Styles - GENETICSTYLES
# Running from : C:\Users\Genetic Styles\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\InstallIQ

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [812 octets] - [24/01/2014 23:17:55]
AdwCleaner[R1].txt - [871 octets] - [24/01/2014 23:18:56]
AdwCleaner[S0].txt - [795 octets] - [24/01/2014 23:19:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [854 octets] ##########
# AdwCleaner v3.017 - Report created 25/01/2014 at 12:53:49
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate (64 bits)
# Username : Genetic Styles - GENETICSTYLES
# Running from : C:\Users\Genetic Styles\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\Software\InstallIQ

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385


-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1744 octets] - [24/01/2014 23:17:55]
AdwCleaner[R1].txt - [871 octets] - [24/01/2014 23:18:56]
AdwCleaner[S0].txt - [1729 octets] - [24/01/2014 23:19:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1789 octets] ##########
 
Junkware Log:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x64
Ran by Genetic Styles on Sat 01/25/2014 at 12:55:49.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\asktoolbar_StubInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\asktoolbar_StubInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\asktoolbar_StubInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\asktoolbar_StubInstaller_RASMANCS



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 01/25/2014 at 12:58:57.15
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
OTL.txt PART 1:

OTL logfile created on: 1/25/2014 1:05:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Genetic Styles\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.94 Gb Available Physical Memory | 74.70% Memory free
15.90 Gb Paging File | 13.58 Gb Available in Paging File | 85.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55.89 Gb Total Space | 27.19 Gb Free Space | 48.65% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 173.67 Gb Free Space | 74.57% Space Free | Partition Type: NTFS
Drive E: | 232.88 Gb Total Space | 135.41 Gb Free Space | 58.14% Space Free | Partition Type: NTFS
Drive F: | 55.90 Gb Total Space | 34.73 Gb Free Space | 62.14% Space Free | Partition Type: NTFS
Drive G: | 55.89 Gb Total Space | 36.82 Gb Free Space | 65.88% Space Free | Partition Type: NTFS
Drive H: | 127.89 Gb Total Space | 27.36 Gb Free Space | 21.40% Space Free | Partition Type: NTFS
Drive I: | 61.93 Gb Total Space | 20.88 Gb Free Space | 33.72% Space Free | Partition Type: NTFS
Drive K: | 100.00 Mb Total Space | 64.32 Mb Free Space | 64.32% Space Free | Partition Type: NTFS

Computer Name: GENETICSTYLES | User Name: Genetic Styles | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/25 12:56:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Genetic Styles\Downloads\OTL.exe
PRC - [2014/01/25 12:01:36 | 003,767,096 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/25 12:01:36 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/11 03:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/01/09 05:22:28 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2013/12/09 19:22:32 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/12/09 19:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/09/05 07:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012/08/24 16:45:00 | 000,084,360 | ---- | M] (Realtime Soft Ltd) -- C:\Program Files (x86)\Common Files\Realtime Soft\RTSHookInterop\x32\RTSHookInterop.exe
PRC - [2012/05/20 09:26:26 | 000,291,648 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2011/08/22 12:57:30 | 000,025,600 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\Ctxfihlp.exe
PRC - [2011/08/22 12:52:46 | 001,212,928 | ---- | M] (Creative Technology Ltd) -- C:\Windows\SysWOW64\CTxfispi.exe
PRC - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/25 12:01:36 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/01/11 03:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014/01/11 03:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014/01/11 03:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 03:28:15 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
MOD - [2014/01/11 03:28:14 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
MOD - [2014/01/11 03:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2011/08/22 12:57:32 | 000,002,560 | ---- | M] () -- C:\Windows\SysWOW64\CTXFIRES.DLL
MOD - [2009/03/26 14:46:42 | 000,148,480 | ---- | M] () -- C:\Windows\SysWOW64\APOMngr.DLL
MOD - [2007/09/02 13:58:52 | 000,495,616 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.exe
MOD - [2007/09/02 13:57:36 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\RocketDock\RocketDock.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/01/25 12:01:36 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/12/09 19:20:28 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2009/07/13 18:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009/07/13 18:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/01/09 05:22:28 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2013/12/19 12:20:16 | 000,411,936 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/12/09 19:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/10/23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/09/05 07:04:00 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2009/06/10 14:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/01/25 12:01:36 | 001,038,072 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/01/25 12:01:36 | 000,421,704 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/01/25 12:01:36 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/01/25 12:01:36 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/01/25 12:01:36 | 000,080,184 | ---- | M] (AVAST Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
DRV:64bit: - [2014/01/25 12:01:36 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/01/25 12:01:36 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/01/16 22:38:27 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2014/01/08 22:36:47 | 000,020,832 | ---- | M] (Nicomsoft Ltd.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ddcdrv.sys -- (WinI2C-DDC)
DRV:64bit: - [2013/12/05 01:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/28 06:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/30 09:15:32 | 000,140,800 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SteelBus64.sys -- (busenum)
DRV:64bit: - [2013/05/31 07:19:10 | 000,038,016 | ---- | M] (SteelSeries Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SAlpham64.sys -- (SAlphamHid)
DRV:64bit: - [2012/08/20 10:38:12 | 000,416,072 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2012/08/20 10:38:12 | 000,138,568 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/12 07:00:48 | 000,726,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/05/20 09:25:32 | 000,789,824 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/05/20 09:25:32 | 000,357,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/05/20 09:25:32 | 000,019,264 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/09/20 23:22:34 | 000,315,696 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mvs91xx.sys -- (mvs91xx)
DRV:64bit: - [2011/08/22 14:26:46 | 001,561,688 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ha20x2k.sys -- (ha20x2k)
DRV:64bit: - [2011/08/22 14:26:34 | 000,118,360 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\emupia2k.sys -- (emupia)
DRV:64bit: - [2011/08/22 14:26:24 | 000,213,080 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctsfm2k.sys -- (ctsfm2k)
DRV:64bit: - [2011/08/22 14:26:12 | 000,015,960 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctprxy2k.sys -- (ctprxy2k)
DRV:64bit: - [2011/08/22 14:26:02 | 000,179,288 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctoss2k.sys -- (ossrv)
DRV:64bit: - [2011/08/22 14:25:50 | 000,687,192 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctaud2k.sys -- (ctaud2k)
DRV:64bit: - [2011/08/22 14:25:40 | 000,580,696 | ---- | M] (Creative Technology Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ctac32k.sys -- (ctac32k)
DRV:64bit: - [2011/08/22 14:25:30 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX.SYS)
DRV:64bit: - [2011/08/22 14:25:30 | 001,417,304 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTEXFIFX.sys -- (CTEXFIFX)
DRV:64bit: - [2011/08/22 14:25:16 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT.SYS)
DRV:64bit: - [2011/08/22 14:25:16 | 000,094,808 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CTHWIUT.sys -- (CTHWIUT)
DRV:64bit: - [2011/08/22 14:25:06 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT.SYS)
DRV:64bit: - [2011/08/22 14:25:06 | 000,202,840 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CT20XUT.sys -- (CT20XUT)
DRV:64bit: - [2009/08/21 01:52:10 | 000,079,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009/07/13 18:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009/07/13 18:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009/07/13 18:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 18:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 18:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 18:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 18:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 13:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 13:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 13:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 13:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2012/08/24 16:45:54 | 000,020,512 | ---- | M] (Realtime Soft Ltd) [Kernel | Auto | Running] -- C:\Program Files (x86)\Common Files\Realtime Soft\UltraMonMirrorDrv\x64\UltraMonUtility.sys -- (UltraMonUtility)
DRV - [2009/07/13 18:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = EA 46 4B C2 FE 19 CF 01 [binary data]
IE - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.3.0: C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)



========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
CHR - Extension: Google Docs = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Turn Off the Lights = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.5_0\
CHR - Extension: YouTube = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Firebug Lite for Google Chrome\u2122 = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: Google Search = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Center Image = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkiklnjkgjkmamgoaggongdmekajdlki\2.1_0\
CHR - Extension: AdBlock = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: avast! Online Security = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Speed Dial 2 = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfpebmajhhopeonhlcgidhclcccjcik\1.7.7_0\
CHR - Extension: Reddit Enhancement Suite = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb\4.3.1.2_0\
CHR - Extension: Google Wallet = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Users\Genetic Styles\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/25 12:44:42 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [XboxStat] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe (Microsoft Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CTxfiHlp] C:\Windows\SysWow64\Ctxfihlp.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000..\Run: [RocketDock] C:\Program Files (x86)\RocketDock\RocketDock.exe ()
O4 - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000..\Run: [SteelSeries Engine] C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe (SteelSeries ApS)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-2625745199-2251527326-1194638530-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 8.8.8.8 8.8.4.4 68.105.28.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F7BE16A-AB82-4EBB-AC6F-37A20B9CB750}: DhcpNameServer = 8.8.8.8 8.8.4.4 68.105.28.12
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/25 12:56:57 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\CrashDumps
[2014/01/25 12:45:28 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/01/25 12:45:27 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2014/01/25 12:28:32 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/01/25 12:26:32 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/25 12:26:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/01/25 12:26:00 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/01/25 12:25:59 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\Desktop\mbar
[2014/01/25 12:01:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/25 12:01:29 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/25 11:57:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/01/25 11:14:43 | 000,000,000 | ---D | C] -- C:\FRST
[2014/01/24 23:51:42 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\AVAST Software
[2014/01/24 23:51:35 | 001,038,072 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/24 23:51:35 | 000,421,704 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/24 23:51:35 | 000,334,136 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/24 23:51:35 | 000,092,544 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/24 23:51:35 | 000,080,184 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/01/24 23:51:35 | 000,078,648 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/24 23:51:34 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/24 23:51:14 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/24 23:24:22 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Realtime Soft
[2014/01/24 23:21:21 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/24 23:17:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/24 23:15:31 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\Desktop\RK_Quarantine
[2014/01/23 00:09:44 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2014/01/22 23:52:30 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\TheBannerSaga
[2014/01/16 22:38:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
[2014/01/16 22:38:27 | 000,283,064 | ---- | C] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/01/16 22:38:26 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\DAEMON Tools Lite
[2014/01/16 22:38:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAEMON Tools Lite
[2014/01/16 22:38:09 | 000,000,000 | ---D | C] -- C:\ProgramData\DAEMON Tools Lite
[2014/01/16 22:18:21 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2014/01/16 17:54:25 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2014/01/16 17:54:25 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2014/01/16 17:54:25 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2014/01/16 17:54:23 | 000,000,000 | ---D | C] -- C:\Qoobox
[2014/01/16 17:54:18 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2014/01/16 16:55:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Sophos
[2014/01/16 16:51:22 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/01/16 16:44:37 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\WinZip
[2014/01/16 16:43:11 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\The Weather Channel
[2014/01/16 16:43:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2014/01/16 16:43:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FileZilla FTP Client
[2014/01/16 16:42:30 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/01/16 16:42:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/01/16 16:42:29 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Notepad++
[2014/01/16 16:42:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Notepad++
[2014/01/16 10:42:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/01/16 10:42:52 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2014/01/16 10:42:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2014/01/15 17:44:43 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\NVIDIA
[2014/01/15 09:16:22 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\gtk-2.0
[2014/01/15 00:03:24 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2014/01/14 23:20:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
[2014/01/14 23:20:17 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp
[2014/01/14 23:08:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2014/01/14 23:07:05 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\NVIDIA
[2014/01/14 23:06:49 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2014/01/14 23:06:29 | 000,061,216 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2014/01/14 23:06:29 | 000,053,024 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2014/01/14 22:29:11 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Malwarebytes
[2014/01/14 22:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/14 22:29:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
 
OTL.txt PART TWO:

[2014/01/14 22:29:07 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/01/14 22:29:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014/01/12 00:23:08 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Warframe
[2014/01/11 15:13:33 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Mumble
[2014/01/11 13:22:28 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\OBS
[2014/01/11 13:22:26 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
[2014/01/11 13:22:26 | 000,000,000 | ---D | C] -- C:\Program Files\OBS
[2014/01/11 13:22:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OBS
[2014/01/09 23:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
[2014/01/09 23:48:12 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Xbox 360 Accessories
[2014/01/09 23:45:37 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\Documents\MGR
[2014/01/09 05:22:55 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Common Files\EAInstaller
[2014/01/09 05:22:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battlelog Web Plugins
[2014/01/09 05:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/01/09 01:10:21 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\Documents\my games
[2014/01/08 23:59:38 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\vlc
[2014/01/08 23:23:11 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\LolClient
[2014/01/08 23:23:10 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Macromedia
[2014/01/08 23:23:09 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Adobe
[2014/01/08 22:57:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2014/01/08 22:57:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock
[2014/01/08 22:57:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC
[2014/01/08 22:57:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MPC-HC
[2014/01/08 22:57:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
[2014/01/08 22:57:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mumble
[2014/01/08 22:54:13 | 000,000,000 | ---D | C] -- C:\Program Files\FolderSize
[2014/01/08 22:40:37 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\.purple
[2014/01/08 22:40:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pidgin
[2014/01/08 22:36:47 | 000,155,528 | ---- | C] (Nicomsoft Ltd.) -- C:\Windows\SysNative\DDCHELPER.dll
[2014/01/08 22:36:47 | 000,020,832 | ---- | C] (Nicomsoft Ltd.) -- C:\Windows\SysNative\drivers\ddcdrv.sys
[2014/01/08 22:36:38 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\WinRAR
[2014/01/08 22:15:49 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/08 22:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/01/08 22:15:47 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2014/01/08 22:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2014/01/08 22:15:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2014/01/08 22:15:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2014/01/08 22:14:49 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Adobe
[2014/01/08 22:07:43 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Ventrilo
[2014/01/08 22:04:14 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ventrilo
[2014/01/08 22:04:14 | 000,000,000 | ---D | C] -- C:\Program Files\Ventrilo
[2014/01/08 22:03:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
[2014/01/08 21:48:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2014/01/08 21:48:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Combined Community Codec Pack
[2014/01/08 21:48:22 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Programs
[2014/01/08 21:47:54 | 000,000,000 | ---D | C] -- C:\Program Files\UltraMon
[2014/01/08 21:47:54 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Realtime Soft
[2014/01/08 21:47:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Realtime Soft
[2014/01/08 21:47:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Realtime Soft
[2014/01/08 21:47:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DAMN NFO Viewer
[2014/01/08 21:46:23 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2014/01/08 21:46:16 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014/01/08 21:45:41 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2014/01/08 21:41:17 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Skype
[2014/01/08 21:41:15 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2014/01/08 21:41:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2014/01/08 21:41:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014/01/08 21:41:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2014/01/08 21:40:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin Games
[2014/01/08 21:39:45 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\uTorrent
[2014/01/08 21:39:39 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Origin
[2014/01/08 21:39:38 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Origin
[2014/01/08 21:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2014/01/08 21:39:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
[2014/01/08 21:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Origin
[2014/01/08 21:36:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/01/08 21:36:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2014/01/08 21:30:15 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\SteelSeries_ApS
[2014/01/08 21:30:09 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\SteelSeries
[2014/01/08 21:29:22 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
[2014/01/08 21:29:22 | 000,000,000 | ---D | C] -- C:\ProgramData\SteelSeries
[2014/01/08 21:28:52 | 000,000,000 | ---D | C] -- C:\Program Files\SteelSeries
[2014/01/08 21:27:10 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Google
[2014/01/08 21:27:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014/01/08 21:26:51 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Deployment
[2014/01/08 21:26:51 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Apps
[2014/01/08 21:25:54 | 000,726,160 | ---- | C] (Realtek ) -- C:\Windows\SysNative\drivers\Rt64win7.sys
[2014/01/08 21:22:17 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Marvell
[2014/01/08 21:18:54 | 000,053,248 | R--- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2014/01/08 21:18:19 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2014/01/08 21:16:50 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Creative Installation Information
[2014/01/08 21:16:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative
[2014/01/08 21:16:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Creative
[2014/01/08 21:16:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Creative Labs Shared
[2014/01/08 21:16:47 | 000,000,000 | ---D | C] -- C:\Windows\AsDmiHtm
[2014/01/08 21:16:45 | 000,000,000 | ---D | C] -- C:\Program Files\Creative
[2014/01/08 21:16:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Creative
[2014/01/08 21:16:36 | 000,466,520 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2014/01/08 21:16:36 | 000,445,016 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2014/01/08 21:16:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2014/01/08 21:16:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Data
[2014/01/08 21:16:23 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Data
[2014/01/08 21:16:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Creative
[2014/01/08 21:15:20 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\ElevatedDiagnostics
[2014/01/08 21:13:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Marvell
[2014/01/08 21:13:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ASM104xUSB3
[2014/01/08 21:11:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2014/01/08 21:11:51 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\Temp
[2014/01/08 21:11:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2014/01/08 21:09:59 | 000,000,000 | ---D | C] -- C:\Intel
[2014/01/08 21:09:19 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2014/01/08 21:09:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2014/01/08 21:09:18 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\InstallShield
[2014/01/08 21:08:22 | 000,000,000 | ---D | C] -- C:\Windows\Chipset
[2014/01/08 21:08:21 | 000,016,896 | ---- | C] (ASUS) -- C:\Windows\AsTaskSched.dll
[2014/01/08 21:07:21 | 000,000,000 | -HSD | C] -- C:\Windows\Installer
[2014/01/08 21:07:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2014/01/08 21:06:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2014/01/08 21:06:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2014/01/08 21:06:16 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2014/01/08 21:06:08 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2014/01/08 21:05:09 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014/01/08 21:05:09 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Searches
[2014/01/08 21:05:09 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/01/08 21:05:09 | 000,000,000 | -H-D | C] -- C:\Users\Genetic Styles\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2014/01/08 21:05:03 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Identities
[2014/01/08 21:05:02 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Contacts
[2014/01/08 21:05:01 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\VirtualStore
[2014/01/08 21:04:58 | 000,000,000 | --SD | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Videos
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Saved Games
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Pictures
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Music
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Links
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Favorites
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Downloads
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Documents
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\Desktop
[2014/01/08 21:04:58 | 000,000,000 | R--D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\AppData\Local\Temporary Internet Files
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Templates
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Start Menu
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\SendTo
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Recent
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\PrintHood
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\NetHood
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Documents\My Videos
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Documents\My Pictures
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Documents\My Music
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\My Documents
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Local Settings
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\AppData\Local\History
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Cookies
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\Application Data
[2014/01/08 21:04:58 | 000,000,000 | -HSD | C] -- C:\Users\Genetic Styles\AppData\Local\Application Data
[2014/01/08 21:04:58 | 000,000,000 | -H-D | C] -- C:\Users\Genetic Styles\AppData
[2014/01/08 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Temp
[2014/01/08 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Local\Microsoft
[2014/01/08 21:04:58 | 000,000,000 | ---D | C] -- C:\Users\Genetic Styles\AppData\Roaming\Media Center Programs
[2014/01/08 21:03:55 | 000,000,000 | ---D | C] -- C:\Recovery

========== Files - Modified Within 30 Days ==========

[2014/01/25 13:01:46 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 13:01:46 | 000,016,944 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/25 13:00:38 | 000,713,888 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/01/25 13:00:38 | 000,615,122 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/01/25 13:00:38 | 000,103,496 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/01/25 12:54:53 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/25 12:54:42 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/25 12:54:41 | 2109,501,439 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/25 12:54:10 | 000,062,476 | ---- | M] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx
[2014/01/25 12:54:10 | 000,062,476 | ---- | M] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx
[2014/01/25 12:54:10 | 000,000,788 | ---- | M] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx
[2014/01/25 12:45:28 | 000,002,283 | ---- | M] () -- C:\Users\Genetic Styles\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/25 12:44:42 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/01/25 12:26:32 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/01/25 12:26:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/01/25 12:09:15 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/25 12:01:36 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/01/25 12:01:36 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/01/25 12:01:36 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/01/25 12:01:36 | 000,207,904 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/25 12:01:36 | 000,092,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2014/01/25 12:01:36 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
[2014/01/25 12:01:36 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/01/25 12:01:36 | 000,065,776 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/25 11:56:49 | 000,001,441 | ---- | M] () -- C:\Users\Genetic Styles\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/24 23:51:34 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/24 00:43:06 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settingsbkup.sfm
[2014/01/24 00:43:06 | 000,001,080 | ---- | M] () -- C:\Windows\SysNative\settings.sfm
[2014/01/23 00:09:43 | 594,265,273 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/01/20 22:05:25 | 000,007,935 | ---- | M] () -- C:\Users\Genetic Styles\Desktop\denzel_intro.jpg
[2014/01/16 22:38:27 | 000,283,064 | ---- | M] (Disc Soft Ltd) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys
[2014/01/16 22:24:47 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/16 22:20:08 | 000,084,694 | ---- | M] () -- C:\Users\Genetic Styles\Documents\cc_20140116_221934.reg
[2014/01/16 22:19:21 | 000,183,296 | ---- | M] () -- C:\Users\Genetic Styles\Documents\cc_20140116_221916.reg
[2014/01/15 22:39:45 | 000,000,218 | ---- | M] () -- C:\Users\Genetic Styles\.recently-used.xbel
[2014/01/15 09:16:40 | 000,000,992 | ---- | M] () -- C:\Users\Genetic Styles\Desktop\Core Temp.lnk
[2014/01/12 14:29:23 | 000,000,202 | ---- | M] () -- C:\Users\Genetic Styles\Desktop\Strike Vector.url
[2014/01/12 01:06:26 | 000,000,202 | ---- | M] () -- C:\Users\Genetic Styles\Desktop\Insurgency.url
[2014/01/12 00:24:15 | 000,000,202 | ---- | M] () -- C:\Users\Genetic Styles\Desktop\Warframe.url
[2014/01/11 15:13:38 | 000,002,379 | ---- | M] () -- C:\Users\Genetic Styles\Documents\MumbleAutomaticCertificateBackup.p12
[2014/01/11 13:22:26 | 000,000,939 | ---- | M] () -- C:\Users\Genetic Styles\Desktop\Open Broadcaster Software.lnk
[2014/01/10 00:17:44 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014/01/09 05:22:36 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/01/09 05:22:29 | 000,281,872 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/01/09 05:22:28 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/01/08 23:00:26 | 000,000,472 | ---- | M] () -- C:\Users\Genetic Styles\Desktop\Desktop.lnk
[2014/01/08 22:36:47 | 000,155,528 | ---- | M] (Nicomsoft Ltd.) -- C:\Windows\SysNative\DDCHELPER.dll
[2014/01/08 22:36:47 | 000,020,832 | ---- | M] (Nicomsoft Ltd.) -- C:\Windows\SysNative\drivers\ddcdrv.sys
[2014/01/08 22:04:15 | 000,000,262 | ---- | M] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2014/01/08 21:49:01 | 000,274,320 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/01/08 21:47:54 | 000,042,045 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2014/01/08 21:47:54 | 000,042,045 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2014/01/08 21:47:54 | 000,002,585 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2014/01/08 21:34:47 | 000,001,908 | ---- | M] () -- C:\Windows\diagwrn.xml
[2014/01/08 21:34:47 | 000,001,908 | ---- | M] () -- C:\Windows\diagerr.xml
[2014/01/08 21:25:27 | 000,045,437 | ---- | M] () -- C:\Windows\Ascd_tmp.ini
[2014/01/08 21:16:36 | 000,466,520 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2014/01/08 21:16:36 | 000,445,016 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2014/01/08 21:16:36 | 000,000,159 | RH-- | M] () -- C:\Windows\ctfile.rfc
[2014/01/08 21:13:52 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2014/01/08 21:08:21 | 000,016,896 | ---- | M] (ASUS) -- C:\Windows\AsTaskSched.dll
[2014/01/08 21:07:39 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini

========== Files Created - No Company Name ==========

[2014/01/25 11:57:38 | 000,002,283 | ---- | C] () -- C:\Users\Genetic Styles\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/01/25 11:57:19 | 000,000,914 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/25 11:57:19 | 000,000,910 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/24 23:51:35 | 000,207,904 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2014/01/24 23:51:35 | 000,065,776 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2014/01/23 00:09:43 | 594,265,273 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2014/01/20 22:05:25 | 000,007,935 | ---- | C] () -- C:\Users\Genetic Styles\Desktop\denzel_intro.jpg
[2014/01/16 22:24:47 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_09_00.Wdf
[2014/01/16 22:19:36 | 000,084,694 | ---- | C] () -- C:\Users\Genetic Styles\Documents\cc_20140116_221934.reg
[2014/01/16 22:19:19 | 000,183,296 | ---- | C] () -- C:\Users\Genetic Styles\Documents\cc_20140116_221916.reg
[2014/01/16 17:54:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/01/16 17:54:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/01/16 17:54:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/01/16 17:54:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/01/16 17:54:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/01/15 22:39:45 | 000,000,218 | ---- | C] () -- C:\Users\Genetic Styles\.recently-used.xbel
[2014/01/14 23:20:17 | 000,000,992 | ---- | C] () -- C:\Users\Genetic Styles\Desktop\Core Temp.lnk
[2014/01/14 23:06:33 | 003,539,040 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/01/14 23:06:00 | 000,357,152 | ---- | C] () -- C:\Windows\SysNative\NvIFROpenGL.dll
[2014/01/14 23:06:00 | 000,314,656 | ---- | C] () -- C:\Windows\SysWow64\NvIFROpenGL.dll
[2014/01/14 23:06:00 | 000,023,754 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2014/01/12 14:20:43 | 000,000,202 | ---- | C] () -- C:\Users\Genetic Styles\Desktop\Strike Vector.url
[2014/01/12 01:06:26 | 000,000,202 | ---- | C] () -- C:\Users\Genetic Styles\Desktop\Insurgency.url
[2014/01/12 00:24:15 | 000,000,202 | ---- | C] () -- C:\Users\Genetic Styles\Desktop\Warframe.url
[2014/01/11 15:13:38 | 000,002,379 | ---- | C] () -- C:\Users\Genetic Styles\Documents\MumbleAutomaticCertificateBackup.p12
[2014/01/11 13:22:26 | 000,000,939 | ---- | C] () -- C:\Users\Genetic Styles\Desktop\Open Broadcaster Software.lnk
[2014/01/10 00:17:44 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_xusb21_01009.Wdf
[2014/01/09 09:15:14 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settingsbkup.sfm
[2014/01/09 09:15:14 | 000,001,080 | ---- | C] () -- C:\Windows\SysNative\settings.sfm
[2014/01/09 05:22:29 | 000,281,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2014/01/09 05:22:29 | 000,281,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2014/01/09 05:22:28 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2014/01/08 23:00:18 | 000,000,472 | ---- | C] () -- C:\Users\Genetic Styles\Desktop\Desktop.lnk
[2014/01/08 22:40:14 | 000,000,995 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
[2014/01/08 22:15:20 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2014/01/08 22:04:14 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2014/01/08 21:47:54 | 000,002,585 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\UltraMon.lnk
[2014/01/08 21:47:54 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UltraMon.lnk
[2014/01/08 21:47:50 | 000,001,345 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[2014/01/08 21:47:49 | 000,001,326 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[2014/01/08 21:46:16 | 2109,501,439 | -HS- | C] () -- C:\hiberfil.sys
[2014/01/08 21:34:40 | 000,001,908 | ---- | C] () -- C:\Windows\diagwrn.xml
[2014/01/08 21:34:40 | 000,001,908 | ---- | C] () -- C:\Windows\diagerr.xml
[2014/01/08 21:17:22 | 000,062,476 | ---- | C] () -- C:\Windows\SysNative\BMXStateBkp-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx
[2014/01/08 21:17:22 | 000,062,476 | ---- | C] () -- C:\Windows\SysNative\BMXState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx
[2014/01/08 21:17:22 | 000,000,788 | ---- | C] () -- C:\Windows\SysNative\DVCState-{00000005-00000000-00000001-00001102-00000005-00311102}.rfx
[2014/01/08 21:17:01 | 000,007,062 | ---- | C] () -- C:\Windows\SysWow64\audiopid.vxd
[2014/01/08 21:16:48 | 000,001,441 | ---- | C] () -- C:\Users\Genetic Styles\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/08 21:16:36 | 000,190,976 | ---- | C] () -- C:\Windows\SysNative\APOMgr64.DLL
[2014/01/08 21:16:36 | 000,148,480 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2014/01/08 21:16:36 | 000,089,088 | ---- | C] () -- C:\Windows\SysNative\CmdRtr64.DLL
[2014/01/08 21:16:36 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2014/01/08 21:16:36 | 000,000,159 | RH-- | C] () -- C:\Windows\ctfile.rfc
[2014/01/08 21:13:52 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_iusb3hcs_01009.Wdf
[2014/01/08 21:07:39 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2014/01/08 21:07:34 | 000,045,437 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2014/01/08 21:05:12 | 000,001,413 | ---- | C] () -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2014/01/08 21:05:10 | 000,001,447 | ---- | C] () -- C:\Users\Genetic Styles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/01/08 21:04:58 | 000,000,290 | ---- | C] () -- C:\Users\Genetic Styles\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/01/08 21:04:58 | 000,000,272 | ---- | C] () -- C:\Users\Genetic Styles\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk

========== ZeroAccess Check ==========

[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2009/07/13 18:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2009/07/13 18:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 18:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2014/01/25 12:41:35 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\.purple
[2014/01/24 23:51:42 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\AVAST Software
[2014/01/16 22:48:12 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\DAEMON Tools Lite
[2014/01/08 23:23:11 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\LolClient
[2014/01/14 20:45:16 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\Mumble
[2014/01/16 22:44:28 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\Notepad++
[2014/01/11 13:22:28 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\OBS
[2014/01/08 23:14:08 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\Origin
[2014/01/08 21:30:09 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\SteelSeries
[2014/01/22 23:52:31 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\TheBannerSaga
[2014/01/25 12:40:16 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\uTorrent
[2014/01/16 16:44:37 | 000,000,000 | ---D | M] -- C:\Users\Genetic Styles\AppData\Roaming\WinZip

========== Purity Check ==========



< End of report >
 
Extras.txt:

OTL Extras logfile created on: 1/25/2014 1:05:04 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Genetic Styles\Downloads
64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 5.94 Gb Available Physical Memory | 74.70% Memory free
15.90 Gb Paging File | 13.58 Gb Available in Paging File | 85.38% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 55.89 Gb Total Space | 27.19 Gb Free Space | 48.65% Space Free | Partition Type: NTFS
Drive D: | 232.88 Gb Total Space | 173.67 Gb Free Space | 74.57% Space Free | Partition Type: NTFS
Drive E: | 232.88 Gb Total Space | 135.41 Gb Free Space | 58.14% Space Free | Partition Type: NTFS
Drive F: | 55.90 Gb Total Space | 34.73 Gb Free Space | 62.14% Space Free | Partition Type: NTFS
Drive G: | 55.89 Gb Total Space | 36.82 Gb Free Space | 65.88% Space Free | Partition Type: NTFS
Drive H: | 127.89 Gb Total Space | 27.36 Gb Free Space | 21.40% Space Free | Partition Type: NTFS
Drive I: | 61.93 Gb Total Space | 20.88 Gb Free Space | 33.72% Space Free | Partition Type: NTFS
Drive K: | 100.00 Mb Total Space | 64.32 Mb Free Space | 64.32% Space Free | Partition Type: NTFS

Computer Name: GENETICSTYLES | User Name: Genetic Styles | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2625745199-2251527326-1194638530-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0109ECFA-0A4D-4B7B-BDDC-B7F81E711EE1}" = lport=47991 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{153AADF1-87F4-4E08-8F38-7376ACDACD1E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C88B94A-4C6B-4674-A343-820ACBA5B774}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{470E835E-A6EB-49AA-811F-06FDCC9CDFE9}" = rport=445 | protocol=6 | dir=out | app=system |
"{73EFB8EC-D360-4608-B570-3359D86E81C9}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9E01B4CC-AFCD-479F-A2A0-63A6A7E40038}" = lport=47987 | protocol=6 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B1705FC7-7B82-471F-AD5A-D6D8610630D1}" = rport=139 | protocol=6 | dir=out | app=system |
"{B73090AD-CC44-4C05-940A-8A2C82865F4B}" = lport=5353 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe |
"{B83C5448-C693-4C5D-AF23-5FD59C8C830B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BB0EA69A-8017-48C8-99CC-81AF4558EA73}" = lport=445 | protocol=6 | dir=in | app=system |
"{BBE5D22E-9290-4709-B0C7-91D2E74A74E4}" = lport=137 | protocol=17 | dir=in | app=system |
"{BC14878B-F27A-4548-A5B6-CCFC4716C7D7}" = rport=137 | protocol=17 | dir=out | app=system |
"{BFF82277-4F5A-4D51-A4F2-E3C42FD7894B}" = lport=80 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |
"{CAD08D40-F9B4-4665-A7F6-013399D715CB}" = lport=139 | protocol=6 | dir=in | app=system |
"{CB0F5E9A-C3AB-49CE-8DEA-5CECD28A4E5B}" = lport=138 | protocol=17 | dir=in | app=system |
"{D1F6E75B-8087-45A6-B2DF-9463C28B21B0}" = rport=138 | protocol=17 | dir=out | app=system |
"{D35EF892-9870-44AA-BD0E-3623B50D661D}" = lport=48000 | protocol=17 | dir=in | app=c:\program files\nvidia corporation\nvstreamsrv\nvstreamer.exe |
"{ED1F3F00-E0CD-4EAC-B244-05909DBF38B4}" = lport=443 | protocol=6 | dir=in | app=c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00282342-5030-4800-A04B-FE76D6DB372E}" = protocol=17 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{01AE092B-CA14-4B4E-9870-4B66A9C4F535}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\deadlight\binaries\win32\lotdgame.exe |
"{053FC30D-1304-45AB-B3FB-C9AD3400CDFD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{09003686-E4D6-4450-852F-9BFD2341F812}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{096F5F6D-ADEC-4C09-A8AB-4FB823D021CE}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{0A6A0699-CA87-4478-838C-EB167F0F3BC7}" = protocol=17 | dir=in | app=e:\origin games\battlefield 4\bf4.exe |
"{111504F7-D3AD-4E9A-87C1-2321A19A1FA1}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{1745A0CB-EDC0-414D-9EEF-89E9FBBAE473}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\strikesuitzero\pc\main\binary\launcher.exe |
"{17F85E59-B711-47A8-9793-51B0FC3F28FD}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{1965C9F5-CA1B-42A4-88D8-5A2AAA3C6B8F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\godus\windows\godus.exe |
"{2C8E4D47-3645-457B-80A5-B674EC0DD439}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dota 2 beta\dota.exe |
"{34855ECA-52B4-459F-8139-FBDBD4E75137}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\warframe\tools\launcher.exe |
"{35ABD557-32C8-4710-86EE-19561C7F8A11}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\strikevector\binaries\win32\udk.exe |
"{38C6A987-6985-4D31-933A-AE21864A0A53}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{43D846BF-7037-4792-B249-B83343205DF9}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\dayz\dayz.exe |
"{458BEC9A-379F-4DD2-A8E7-D506178533E1}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\metal gear rising revengeance\metal gear rising revengeance.exe |
"{593D4008-6DC5-43DB-8188-6AF4C7A7465F}" = protocol=6 | dir=in | app=c:\program files\ventrilo\ventrilo.exe |
"{593D55D0-B5C4-44A5-9BEC-B36696F46371}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\warframe\tools\launcher.exe |
"{5C9A2C78-2892-4BD9-B7C5-324D429A6A1D}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\insurgency2\insurgency.exe |
"{682FFF97-6637-4137-A246-9EC2765E2288}" = protocol=6 | dir=in | app=e:\origin games\battlefield 4\bf4.exe |
"{6BB669FA-BBE8-43D2-A5CE-A7DB3AC71E03}" = protocol=17 | dir=in | app=c:\users\genetic styles\appdata\roaming\utorrent\utorrent.exe |
"{6DBEED60-978B-4FA9-9D86-B8F17C31E466}" = protocol=6 | dir=in | app=e:\origin games\battlefield 4\bf4_x86.exe |
"{75D7B879-A1DC-4F0F-BBD3-2FD58A5B9F9B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{844E2EB7-EF2F-4BEF-BDBD-1946BB8654B1}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\godus\windows\godus.exe |
"{8BFBE32E-1318-4ED5-9489-ADA03BE2C931}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{91FBB3DB-DE5F-4AD8-B9AC-1684371095A2}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\the swapper\theswapper.exe |
"{9403BC9F-0B7F-4EBF-A503-4547934D94E9}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\strike suit infinity\pc\main\binary\ssz.exe |
"{9C234FDE-9BB0-4B75-912F-B8D8CD057E7D}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\stonehearth\stonehearth.exe |
"{A4654EE1-7601-4645-88F4-49E6CB4ED105}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{A9808641-9586-4B15-B5DE-409D5D7B9EAA}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\strikesuitzero\pc\main\binary\launcher.exe |
"{A997A047-F760-44F7-BEA4-CB0B027E50B9}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{AA0D2B06-20A5-4069-93D4-3460D28B6081}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\the swapper\theswapper.exe |
"{ABEBC483-33DB-4165-9D1A-08A716204E9B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{B0226B20-C98B-4035-A0D4-6450F557A6E8}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\insurgency2\insurgency.exe |
"{B1205B1E-0821-4557-BFB8-19A1752BEE02}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\strike suit infinity\pc\main\binary\ssz.exe |
"{B8B8491F-9576-4674-939A-824DEB15A116}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\strikevector\binaries\win32\udk.exe |
"{BE6FB3F0-17E0-4B3A-A1BC-013AD908AC02}" = protocol=6 | dir=in | app=c:\users\genetic styles\appdata\roaming\utorrent\utorrent.exe |
"{CA17BE1C-6508-4541-B5AA-309B6499C02C}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{DB5BE450-A8B9-4F95-9200-3EE8A0801E51}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\deadlight\binaries\win32\lotdgame.exe |
"{E8C00059-D0D8-474D-B63D-B900BB85EB17}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\stonehearth\stonehearth.exe |
"{E9112EC3-98B8-4349-8172-F8FD43E531CA}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dota 2 beta\dota.exe |
"{F4422121-10EA-4015-899D-20267DF4ED42}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\metal gear rising revengeance\metal gear rising revengeance.exe |
"{F7C354FF-5339-4833-B9CE-FCBEB410D253}" = protocol=17 | dir=in | app=e:\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame.exe |
"{FCAAC436-6EF2-4B71-A6AA-092EAC172ED1}" = protocol=17 | dir=in | app=e:\origin games\battlefield 4\bf4_x86.exe |
"{FCF29DF7-6FA8-47AB-B66F-78252C2E514F}" = protocol=6 | dir=in | app=e:\steam\steamapps\common\dayz\dayz.exe |
"TCP Query User{95DC577F-BD8D-486F-A209-ECAC1F900730}F:\steam\steam.exe" = protocol=6 | dir=in | app=f:\steam\steam.exe |
"UDP Query User{04DF87FB-EB5C-4B7D-88C9-FE5C0D0238A7}F:\steam\steam.exe" = protocol=17 | dir=in | app=f:\steam\steam.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1" = Core Temp 1.0 RC6
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2EDC2FA3-1F34-34E5-9085-588C9EFD1CC6}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610
"{764384C5-BCA9-307C-9AAC-FD443662686A}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{9069EE0A-7615-4D86-AD80-CA263E936DA6}" = UltraMon
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 332.21
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.13.0725
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC" = GeForce Experience NvStream Client Components
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv" = SHIELD Streaming
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.30.1
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Network.Service" = NVIDIA Network Service
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShadowPlay" = NVIDIA ShadowPlay 10.11.15
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Update.Core" = NVIDIA Update Core
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver" = NVIDIA Virtual Audio 1.2.19
"{D9C50188-12D5-4D3E-8F00-682346C2AA5F}" = Microsoft Xbox 360 Accessories 1.2
"{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}" = Ventrilo Client for Windows x64
"{F24FF688-7138-4CCF-A83F-71E9FB01170E}" = Folder Size (64-bit)
"CCleaner" = CCleaner
"SteelSeries Engine" = SteelSeries Engine
"WinRAR archiver" = WinRAR 5.01 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1" = MPC-HC 1.7.1
"{3D6AD258-61EA-35F5-812C-B7A02152996E}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{7B5AA67E-FEA0-40BB-BAB5-CA56645A589C}" = NVIDIA PhysX
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABADE36E-EC37-413B-8179-B432AD3FACE7}" = Battlefield 4™
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.04)
"{E0955568-4353-4C85-8988-285A8C0F5E87}" = Mumble 1.2.4
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E7D4E834-93EB-351F-B8FB-82CDAE623003}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"AudioCS" = Creative Audio Control Panel
"Avast" = avast! Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2013-11-27
"Creative Software AutoUpdate" = Creative Software AutoUpdate
"Creative Sound Blaster Properties x64 Edition" = Creative Sound Blaster Properties x64 Edition
"DAEMON Tools Lite" = DAEMON Tools Lite
"ESN Sonar-0.70.4" = ESN Sonar
"FileZilla Client" = FileZilla Client 3.7.3
"Google Chrome" = Google Chrome
"MagniDriver" = marvell 91xx driver
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Open Broadcaster Software" = Open Broadcaster Software
"OpenAL" = OpenAL
"Origin" = Origin
"Pidgin" = Pidgin
"PunkBusterSvc" = PunkBuster Services
"RocketDock_is1" = RocketDock 1.3.5
"Steam App 200510" = XCOM: Enemy Unknown
"Steam App 209540" = Strike Suit Zero
"Steam App 211400" = Deadlight
"Steam App 221100" = DayZ
"Steam App 222880" = Insurgency
"Steam App 230410" = Warframe
"Steam App 232810" = Godus
"Steam App 234160" = Strike Suit Infinity
"Steam App 235460" = METAL GEAR RISING: REVENGEANCE
"Steam App 236510" = Takedown: Red Sabre
"Steam App 246700" = Strike Vector
"VLC media player" = VLC media player 2.1.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-2625745199-2251527326-1194638530-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"uTorrent" = µTorrent

< End of report >
 
OTL logs are clean.

You didn't say if you're having any current issues.

Last scans...

redtarget.gif
Download Security Check from here or here and save it to your Desktop.
  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.
NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me.


redtarget.gif
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

redtarget.gif
Download Temp File Cleaner (TFC)
Alternate download: http://www.itxassociates.com/OT-Tools/TFC.exe
  • Double click on TFC.exe to run the program.
  • Click on Start button to begin cleaning process.
  • TFC will close all running programs, and it may ask you to restart computer.

redtarget.gif
Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Click on "Run ESET Online Scanner" button.
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click on List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • NOTE. If Eset won't find any threats, it won't produce any log.
 
SecurityCheck Log:

Results of screen317's Security Check version 0.99.79
Windows 7 x64 (UAC is disabled!)
Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
avast! Antivirus
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Adobe Reader XI
Google Chrome 32.0.1700.76
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 2%
````````````````````End of Log``````````````````````
 
Farbar Log:

Farbar Service Scanner Version: 08-01-2014
Ran by Genetic Styles (administrator) on 25-01-2014 at 13:50:02
Running from "C:\Users\Genetic Styles\Downloads"
Microsoft Windows 7 Ultimate (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============

Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2009-07-13 16:25] - [2009-07-13 18:45] - 1898576 ____A (Microsoft Corporation) 912107716BAB424C7870E8E6AF5E07E1

C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****
 
The last scan ran and found the same thing that Avast found, everything else came up clean. I'm going to try and remove the quarantined file via Avast now.
 
Please do so.

I can see Avast listed as "outdated".
Why would that be?

FSS log shows possible problems with Action Center and Windows Updates.
Do you see Action Center icon in systray (next to the clock)?
See if you can access Windows Updates.
You're definitely behind since I don't even see Service Pack 1 installed.
 
Yea, I am doing that now. I couldn't before due to an error that would come up when I tried updating which I assumed was part of the virus. Trying updates now.
 
Ok I was able to install Windows Updates this time, also ran a new scan using Avast and it did not find the virus as it was before. I'm guessing it was removed. Everything is working great now. :)

Although it does not say I have SP1 even though I installed all the updates, hmm.
 
Updated Avast as well?

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code: 
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC), AdwCleaner and Junkware Removal Tool (JRT) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.
 
Ok. I have left for the day to run some errands but I will do this when I am home.

Thank you so much for your help so far. :)
 
You must log in or register to reply here.

Similar threads

Cal Jeffrey
Twitter shut down a major security flaw but not before a hacker exposed 5.4 million users
Replies
5
Views
879
Hodor
Hodor
Cal Jeffrey
Microsoft's Bing chatbot AI is susceptible to several types of "prompt injection" attacks
Replies
5
Views
690
wiyosaya
wiyosaya
Cal Jeffrey
The MyHouse Doom 2 mod is a masterpiece of creepy map editing
Replies
4
Views
818
loki1944
L

Latest posts

Back