Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 26

Thread: Browser windows opening randomly

  1. 2013-10-03, 17:23 #11
    Robybel
    Robybel is offline
    Malware Team: Emeritus
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi kimmisc

    I suggest that you repair your Mail by following these:


    • Press Windows + R, type AppWiz.cpl, click OK.
    • Select Windows Live Essentials, click Uninstall/Change-or-Remove.
    • Click Repair all Windows Essentials Programs.




    After that, reconfigure your account to refresh the connection of the account and the email client. Follow the steps here on how to remove and re-add again the account.

    Let me know if work it now
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -
  2. 2013-10-03, 22:19 #12
    kimmisc
    kimmisc is offline
    Junior Member
    Join Date
    Sep 2013
    Posts
    15

    Default

    Email is working now. Thanks
  3. 2013-10-04, 06:39 #13
    Robybel
    Robybel is offline
    Malware Team: Emeritus
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi kimmisc

    • Please open your MalwareBytes AntiMalware Program
    • Click the Update Tab and search for updates
    • If an update is found, it will download and install the latest version.
    • Once the program has loaded, select "Perform Quick Scan", then click Scan.
    • The scan may take some time to finish, so please be patient.
    • When the scan is complete, click OK, then Show Results to view the results.
    • Make sure that everything is checked, and click Remove Selected. <-- very important
    • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
    • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
    • Copy&Paste the entire report in your next reply.


    Extra Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.


    Next


    ESET Online Scanner
    I'd like us to scan your machine with ESET OnlineScan

    Note: If you are using Windows Vista/7, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

    *Note
    It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
    Please don't go surfing while your resident protection is disabled!
    Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.


    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the icon on your desktop.
    4. Check
    5. Click the button.
    6. Accept any security warnings from your browser.
    7. Check
    8. Make sure that the option "Remove found threats" is Unchecked
    9. Push the Start button.
    10. ESET will then download updates for itself, install itself, and begin
      scanning your computer. Please be patient as this can take some time.
    11. When the scan completes, push
    12. Push , and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
    13. Push the Back button.
    14. Select Uninstall application on close check box and push

    On your next reply please post :
    • MBAM log
    • ESET Report

    Let me know if you have any problems in performing with the steps above or any questions you may have.

    Good Day!
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -
  4. 2013-10-04, 23:48 #14
    kimmisc
    kimmisc is offline
    Junior Member
    Join Date
    Sep 2013
    Posts
    15

    Default

    ECET found no threats and produced no log.

    Malwarebytes Anti-Malware 1.75.0.1300
    www.malwarebytes.org

    Database version: v2013.10.04.06

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 10.0.9200.16686
    Kim :: KIM7 [administrator]

    10/4/2013 7:37:55 AM
    mbam-log-2013-10-04 (07-37-55).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 249948
    Time elapsed: 4 minute(s), 51 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 0
    (No malicious items detected)

    Registry Values Detected: 0
    (No malicious items detected)

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 0
    (No malicious items detected)

    Files Detected: 0
    (No malicious items detected)

    (end)
  5. 2013-10-04, 23:49 #15
    kimmisc
    kimmisc is offline
    Junior Member
    Join Date
    Sep 2013
    Posts
    15

    Default

    I mean ESET
  6. 2013-10-05, 21:12 #16
    kimmisc
    kimmisc is offline
    Junior Member
    Join Date
    Sep 2013
    Posts
    15

    Default

    Just wanted to let you know some more details I noticed today. The browser windows/tabs are facebook links to pages with odd addresses, and it happens everytime Facebook Messenger launches.
  7. 2013-10-06, 08:28 #17
    Robybel
    Robybel is offline
    Malware Team: Emeritus
    Join Date
    Oct 2012
    Posts
    246

    Default

    Hi kimmisc

    Thanks for letting me know


    Reset browsers

    Mozilla Firefox

    ■ Go to "Start / Run"
    ■ Enter the following command:firefox -safe-mode
    ■ In the open window (upon launching safe mode), select "Reset preferences to default Firefox"
    ■ Click "Make Changes and Restart"
    ■ You can now browse properly on Firefox.

    Internet Explorer

    ■ Start Internet Explorer.
    ■ On the Tools menu, click Internet Options.
    ■ On the Advanced tab, click Reset under Reset Internet Explorer settings.
    ■ Check Delete personal settings
    ■ In the Reset Internet Explorer Settings dialog box, click Reset to confirm.



    Google Chrome

    ■ Exit Google Chrome completely.
    ■ Enter the keyboard shortcut Windows key + E to open Windows Explorer.
    ■ In the Windows Explorer window that appears enter the following in the address bar : %USERPROFILE%\Local Settings\Application Data\Google\Chrome\User Data\
    Locate the folder called "Default" in the directory window that opens and rename it as "Backup default."


    Try opening Google Chrome again. A new "Default" folder is automatically created as you start using the browser.


    Next


    Re-Run OTL

    • Open OTL again and click the Quick Scan button
    • Post the OTL.txt log it produces in your next reply.
    - Proud Graduate of WTT Classroom -

    - Member of UNITE -
  8. 2013-10-06, 10:36 #18
    kimmisc
    kimmisc is offline
    Junior Member
    Join Date
    Sep 2013
    Posts
    15

    Default

    OTL logfile created on: 10/6/2013 4:28:08 AM - Run 2
    OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kim\Desktop
    64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
    Internet Explorer (Version = 9.10.9200.16686)
    Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

    3.90 Gb Total Physical Memory | 2.22 Gb Available Physical Memory | 56.95% Memory free
    7.79 Gb Paging File | 5.69 Gb Available in Paging File | 73.00% Paging File free
    Paging file location(s): ?:\pagefile.sys [binary data]

    %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
    Drive C: | 446.13 Gb Total Space | 224.68 Gb Free Space | 50.36% Space Free | Partition Type: NTFS

    Computer Name: KIM7 | User Name: Kim | Logged in as Administrator.
    Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
    Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

    ========== Processes (SafeList) ==========

    PRC - C:\Users\Kim\Desktop\OTL.exe (OldTimer Tools)
    PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
    PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
    PRC - C:\Users\Kim\AppData\Roaming\Verizon\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
    PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
    PRC - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccsvchst.exe (Symantec Corporation)
    PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (NVIDIA Corporation)
    PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
    PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe (NVIDIA Corporation)
    PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    PRC - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
    PRC - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
    PRC - C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
    PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
    PRC - C:\Program Files (x86)\Creative\ShareDLL\CADI\NotiMan.exe (Creative Technology Ltd.)


    ========== Modules (No Company Name) ==========

    MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
    MOD - C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll ()
    MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
    MOD - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\wincfi39.dll ()
    MOD - C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll ()
    MOD - C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
    MOD - c:\Program Files (x86)\Common Files\Roxio Shared\DLLShared\SQLite352.dll ()
    MOD - C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
    MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()


    ========== Services (SafeList) ==========

    SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
    SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
    SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
    SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
    SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
    SRV:64bit: - (AERTFilters) -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Andrea Electronics Corporation)
    SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
    SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
    SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
    SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
    SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
    SRV - (LMIMaint) -- C:\Program Files (x86)\LogMeIn\x64\ramaint.exe (LogMeIn, Inc.)
    SRV - (LMIGuardianSvc) -- C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe (LogMeIn, Inc.)
    SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe (Symantec Corporation)
    SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
    SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
    SRV - (LogMeIn) -- C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe (LogMeIn, Inc.)
    SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
    SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe (Microsoft Corporation)
    SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
    SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
    SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
    SRV - (Sound Blaster X-Fi MB Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)
    SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
    SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
    SRV - (RoxWatch12) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe (Sonic Solutions)
    SRV - (RoxMediaDB12OEM) -- C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe (Sonic Solutions)
    SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
    SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)


    ========== Driver Services (SafeList) ==========

    DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
    DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
    DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation)
    DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
    DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation)
    DRV:64bit: - (LMIRfsClientNP) -- C:\Windows\SysNative\LMIRfsClientNP.dll (LogMeIn, Inc.)
    DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys (Symantec Corporation)
    DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.sys (Symantec Corporation)
    DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys (Symantec Corporation)
    DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys (Symantec Corporation)
    DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.sys (Symantec Corporation)
    DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ironx64.sys (Symantec Corporation)
    DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys (Symantec Corporation)
    DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
    DRV:64bit: - (LMIRfsDriver) -- C:\Windows\SysNative\drivers\LMIRfsDriver.sys (LogMeIn, Inc.)
    DRV:64bit: - (lmimirr) -- C:\Windows\SysNative\drivers\lmimirr.sys (LogMeIn, Inc.)
    DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
    DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
    DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
    DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
    DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
    DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
    DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
    DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
    DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
    DRV:64bit: - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (Renesas Electronics Corporation)
    DRV:64bit: - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (Renesas Electronics Corporation)
    DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
    DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
    DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
    DRV:64bit: - (Acceler) -- C:\Windows\SysNative\drivers\Accelern.sys (ST Microelectronics)
    DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
    DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
    DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
    DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
    DRV:64bit: - (stdcfltn) -- C:\Windows\SysNative\drivers\stdcfltn.sys (ST Microelectronics)
    DRV:64bit: - (qicflt) -- C:\Windows\SysNative\drivers\qicflt.sys (Quanta Computer)
    DRV:64bit: - (nm3) -- C:\Windows\SysNative\drivers\nm3.sys (Microsoft Corporation)
    DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
    DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
    DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
    DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
    DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
    DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
    DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
    DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
    DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
    DRV:64bit: - (mcdbus) -- C:\Windows\SysNative\drivers\mcdbus.sys (MagicISO, Inc.)
    DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
    DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130924.001\BHDrvx64.sys (Symantec Corporation)
    DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20131005.007\ex64.sys (Symantec Corporation)
    DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
    DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\VirusDefs\20131005.007\eng64.sys (Symantec Corporation)
    DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
    DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20131004.001\IDSviA64.sys (Symantec Corporation)
    DRV - (LMIInfo) -- C:\Program Files (x86)\LogMeIn\x64\rainfo.sys (LogMeIn, Inc.)
    DRV - (VSPerfDrv110) -- C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys (Microsoft Corporation)
    DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
    DRV - (mcdbus) -- C:\Windows\SysWOW64\drivers\mcdbus.sys (MagicISO, Inc.)


    ========== Standard Registry (SafeList) ==========


    ========== Internet Explorer ==========

    IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
    IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7DKUS
    IE:64bit: - HKLM\..\SearchScopes\{901D1FF8-BB7D-4E5F-96AB-8AF326BA403F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
    IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    IE - HKLM\..\SearchScopes,DefaultScope =
    IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
    IE - HKLM\..\SearchScopes\{901D1FF8-BB7D-4E5F-96AB-8AF326BA403F}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox

    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

    ========== FireFox ==========

    FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:24.0
    FF - user.js - File not found

    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
    FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
    FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Kim\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)

    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\coFFPlgn\ [2013/10/05 14:36:03 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\IPSFFPlgn\ [2012/10/13 14:37:49 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/25 19:53:55 | 000,000,000 | ---D | M]
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/25 19:53:54 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/25 19:53:55 | 000,000,000 | ---D | M]
    FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/25 19:53:54 | 000,000,000 | ---D | M]

    [2011/08/30 21:59:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kim\AppData\Roaming\Mozilla\Extensions
    [2013/10/06 04:26:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kim\AppData\Roaming\Mozilla\Firefox\Profiles\sykyuyed.default-1381047520594\extensions
    [2013/09/17 12:13:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
    [2013/09/25 03:08:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2013/09/17 12:13:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
    [2013/09/25 03:08:29 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
    [2013/09/17 12:13:22 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
    [2011/04/14 14:01:38 | 000,024,376 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\mozilla firefox\components\Scriptff.dll
    [2013/06/13 20:45:42 | 000,034,048 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
    [2013/06/26 16:48:10 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll

    ========== Chrome ==========

    CHR - default_search_provider: Google (Enabled)
    CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
    CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
    CHR - Extension: Google Docs = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
    CHR - Extension: Google Docs = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
    CHR - Extension: Google Drive = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
    CHR - Extension: YouTube = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
    CHR - Extension: YouTube = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
    CHR - Extension: Google Search = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
    CHR - Extension: Norton Identity Protection = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.4.3.4_0\
    CHR - Extension: Chrome In-App Payments service = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
    CHR - Extension: Gmail = C:\Users\Kim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

    O1 HOSTS File: ([2013/10/02 10:27:33 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
    O1 - Hosts: 127.0.0.1 localhost
    O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ips\ipsbho.dll (Symantec Corporation)
    O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
    O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coieplg.dll (Symantec Corporation)
    O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
    O4:64bit: - HKLM..\Run: [CTMasterOnOffMonitor] C:\Windows\SysNative\CTMWatch.dll (Creative Technology Ltd)
    O4:64bit: - HKLM..\Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe ()
    O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [IntelWireless] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
    O4:64bit: - HKLM..\Run: [LogMeIn GUI] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe (LogMeIn, Inc.)
    O4:64bit: - HKLM..\Run: [Nvtmru] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
    O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
    O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
    O4:64bit: - HKLM..\Run: [RunDLLEntry] C:\Windows\SysNative\AmbRunE.DLL (Creative Technology Ltd.)
    O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
    O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
    O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe ()
    O4 - HKLM..\Run: [RoxWatchTray] C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe (Sonic Solutions)
    O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
    O4 - HKLM..\Run: [UpdReg] C:\Windows\Updreg.EXE (Creative Technology Ltd.)
    O4 - HKLM..\Run: [VolPanel] C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
    O4 - HKCU..\Run: [Facebook Update] C:\Users\Kim\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
    O4 - Startup: C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\Kim\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe (Facebook)
    O4 - Startup: C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
    O4 - Startup: C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk = C:\Users\Kim\AppData\Roaming\Verizon\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
    O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
    O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
    O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
    O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
    O13 - gopher Prefix: missing
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8F71F97F-0E7D-4954-BCB4-1B14771609AE}: DhcpNameServer = 209.18.47.61 209.18.47.62
    O18:64bit: - Protocol\Handler\livecall - No CLSID value found
    O18:64bit: - Protocol\Handler\msnim - No CLSID value found
    O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
    O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
    O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
    O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
    O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
    O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
    O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
    O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
    O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
    O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
    O32 - HKLM CDRom: AutoRun - 1
    O34 - HKLM BootExecute: (autocheck autochk *)
    O35:64bit: - HKLM\..comfile [open] -- "%1" %*
    O35:64bit: - HKLM\..exefile [open] -- "%1" %*
    O35 - HKLM\..comfile [open] -- "%1" %*
    O35 - HKLM\..exefile [open] -- "%1" %*
    O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
    O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
    O37 - HKLM\...com [@ = ComFile] -- "%1" %*
    O37 - HKLM\...exe [@ = exefile] -- "%1" %*
    O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
    O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
    O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

    ========== Files/Folders - Created Within 30 Days ==========

    [2013/10/06 04:18:47 | 000,000,000 | ---D | C] -- C:\Users\Kim\Desktop\Old Firefox Data
    [2013/10/05 16:10:13 | 000,309,368 | ---- | C] (SummerSoft) -- C:\Users\Kim\Desktop\minecraftdl_166.exe
    [2013/10/05 13:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ffmpeg For Audacity
    [2013/10/05 01:58:59 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\{AE299015-4570-486E-AE79-797D01F7A9D8}
    [2013/10/04 14:28:36 | 002,347,384 | ---- | C] (ESET) -- C:\Users\Kim\Desktop\esetsmartinstaller_enu.exe
    [2013/10/03 16:17:07 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\{30CEB0CA-AF36-4744-B61C-C80FDDC5C117}
    [2013/10/02 11:00:48 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\{867842ED-9057-4E3A-B906-6897E61FC99D}
    [2013/10/02 10:52:38 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2013/10/02 10:41:53 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
    [2013/10/02 10:41:35 | 000,000,000 | ---D | C] -- C:\Windows\temp
    [2013/10/02 10:10:33 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
    [2013/10/02 10:10:33 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
    [2013/10/02 10:10:33 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
    [2013/10/02 10:07:45 | 000,000,000 | ---D | C] -- C:\Qoobox
    [2013/10/02 10:00:42 | 005,132,885 | R--- | C] (Swearware) -- C:\Users\Kim\Desktop\ComboFix.exe
    [2013/10/02 09:36:54 | 000,000,000 | ---D | C] -- C:\_OTL
    [2013/10/02 01:15:14 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump
    [2013/10/02 01:13:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
    [2013/10/02 01:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Verizon
    [2013/10/02 01:11:43 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Verizon2.0_Log
    [2013/10/02 01:11:39 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\Verizon
    [2013/10/02 01:11:39 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Verizon
    [2013/10/02 01:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
    [2013/10/02 01:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
    [2013/10/02 01:10:12 | 000,000,000 | ---D | C] -- C:\Verizon_Android
    [2013/10/02 01:10:10 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Verizon_Android
    [2013/10/01 16:01:34 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\{AB0CDE77-4A5D-4B26-8615-75B3C02D616D}
    [2013/09/30 17:51:13 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kim\Desktop\OTL.exe
    [2013/09/29 16:01:43 | 000,000,000 | ---D | C] -- C:\Users\Kim\Desktop\RK_Quarantine
    [2013/09/29 15:50:12 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
    [2013/09/29 15:35:53 | 000,000,000 | ---D | C] -- C:\AdwCleaner
    [2013/09/29 15:26:08 | 000,000,000 | ---D | C] -- C:\Users\Kim\Desktop\pc cleaning
    [2013/09/27 17:04:27 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe
    [2013/09/27 17:00:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe
    [2013/09/26 19:47:36 | 000,000,000 | ---D | C] -- C:\Sound
    [2013/09/26 19:47:36 | 000,000,000 | ---D | C] -- C:\Material
    [2013/09/26 19:37:16 | 000,000,000 | ---D | C] -- C:\Users\Kim\.MCReferenceSdk
    [2013/09/26 19:19:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
    [2013/09/26 19:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Geevs
    [2013/09/26 19:19:38 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Lightworks
    [2013/09/26 19:19:07 | 000,000,000 | ---D | C] -- C:\Program Files\Lightworks
    [2013/09/26 16:06:21 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
    [2013/09/26 15:29:26 | 000,000,000 | ---D | C] -- C:\Windows\ERDNT
    [2013/09/26 15:28:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
    [2013/09/26 15:28:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
    [2013/09/26 08:22:08 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Roaming\Apple Computer
    [2013/09/26 05:56:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
    [2013/09/26 05:56:38 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
    [2013/09/26 05:56:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
    [2013/09/25 20:16:15 | 000,000,000 | ---D | C] -- C:\Users\Kim\Documents\Adobe
    [2013/09/25 19:53:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
    [2013/09/25 19:53:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
    [2013/09/25 19:53:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
    [2013/09/25 19:52:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
    [2013/09/25 19:52:08 | 000,000,000 | ---D | C] -- C:\Users\Kim\AppData\Local\Apple
    [2013/09/25 19:52:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
    [2013/09/25 19:52:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
    [2013/09/25 18:29:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
    [2013/09/25 18:29:39 | 000,000,000 | ---D | C] -- C:\Fraps
    [2013/09/24 20:29:46 | 000,000,000 | ---D | C] -- C:\Users\Kim\Desktop\MCSkins
    [2013/09/17 12:13:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files - Modified Within 30 Days ==========

    [2013/10/06 04:28:00 | 000,000,920 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1384195220-919546521-2461916029-1001UA.job
    [2013/10/06 03:55:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
    [2013/10/06 03:46:00 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
    [2013/10/05 22:28:00 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1384195220-919546521-2461916029-1001Core.job
    [2013/10/05 16:46:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
    [2013/10/05 16:14:43 | 002,161,521 | ---- | M] () -- C:\Users\Kim\Desktop\mcpatcher-4.2.2.exe
    [2013/10/05 16:10:13 | 000,309,368 | ---- | M] (SummerSoft) -- C:\Users\Kim\Desktop\minecraftdl_166.exe
    [2013/10/05 14:40:54 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    [2013/10/05 14:40:54 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    [2013/10/05 14:37:25 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
    [2013/10/05 14:37:25 | 000,662,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
    [2013/10/05 14:37:25 | 000,122,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
    [2013/10/05 14:32:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
    [2013/10/05 14:32:08 | 3137,994,752 | -HS- | M] () -- C:\hiberfil.sys
    [2013/10/04 14:28:34 | 002,347,384 | ---- | M] (ESET) -- C:\Users\Kim\Desktop\esetsmartinstaller_enu.exe
    [2013/10/02 10:27:33 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2013/10/02 10:00:44 | 005,132,885 | R--- | M] (Swearware) -- C:\Users\Kim\Desktop\ComboFix.exe
    [2013/10/02 01:11:39 | 000,001,958 | ---- | M] () -- C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
    [2013/09/30 17:51:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kim\Desktop\OTL.exe
    [2013/09/29 15:46:26 | 005,128,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
    [2013/09/26 19:19:54 | 000,001,756 | ---- | M] () -- C:\Users\Public\Desktop\Lightworks (11.1).lnk
    [2013/09/26 16:47:37 | 000,000,512 | ---- | M] () -- C:\Users\Kim\Desktop\MBR.dat
    [2013/09/26 16:06:12 | 755,905,231 | ---- | M] () -- C:\Windows\MEMORY.DMP
    [2013/09/26 15:28:13 | 000,000,926 | ---- | M] () -- C:\Users\Kim\Desktop\NTREGOPT.lnk
    [2013/09/26 15:28:13 | 000,000,907 | ---- | M] () -- C:\Users\Kim\Desktop\ERUNT.lnk
    [2013/09/26 05:56:39 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/09/25 19:51:19 | 000,000,632 | R-S- | M] () -- C:\Users\Kim\ntuser.pol
    [2013/09/25 18:29:40 | 000,000,564 | ---- | M] () -- C:\Users\Public\Desktop\Fraps.lnk
    [2013/09/25 18:24:50 | 000,000,829 | ---- | M] () -- C:\Users\Kim\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
    [2013/09/15 23:53:02 | 000,000,017 | ---- | M] () -- C:\Users\Kim\AppData\Local\resmon.resmoncfg
    [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

    ========== Files Created - No Company Name ==========

    [2013/10/05 16:14:48 | 002,161,521 | ---- | C] () -- C:\Users\Kim\Desktop\mcpatcher-4.2.2.exe
    [2013/10/02 10:10:33 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
    [2013/10/02 10:10:33 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
    [2013/10/02 10:10:33 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
    [2013/10/02 10:10:33 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
    [2013/10/02 10:10:33 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
    [2013/10/02 01:11:39 | 000,001,958 | ---- | C] () -- C:\Users\Kim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
    [2013/09/27 17:06:53 | 000,001,037 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6 (64 Bit).lnk
    [2013/09/27 17:05:43 | 000,001,209 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6.lnk
    [2013/09/27 17:04:35 | 000,000,999 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6 (64bit).lnk
    [2013/09/27 17:04:07 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CS6.lnk
    [2013/09/27 17:02:07 | 000,001,355 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Extension Manager CS6.lnk
    [2013/09/27 17:02:01 | 000,001,521 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe ExtendScript Toolkit CS6.lnk
    [2013/09/26 19:19:54 | 000,001,756 | ---- | C] () -- C:\Users\Public\Desktop\Lightworks (11.1).lnk
    [2013/09/26 16:47:20 | 000,000,512 | ---- | C] () -- C:\Users\Kim\Desktop\MBR.dat
    [2013/09/26 16:06:12 | 755,905,231 | ---- | C] () -- C:\Windows\MEMORY.DMP
    [2013/09/26 15:28:13 | 000,000,926 | ---- | C] () -- C:\Users\Kim\Desktop\NTREGOPT.lnk
    [2013/09/26 15:28:13 | 000,000,907 | ---- | C] () -- C:\Users\Kim\Desktop\ERUNT.lnk
    [2013/09/26 05:56:39 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    [2013/09/25 19:52:05 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
    [2013/09/25 18:29:40 | 000,000,564 | ---- | C] () -- C:\Users\Public\Desktop\Fraps.lnk
    [2013/09/15 23:53:02 | 000,000,017 | ---- | C] () -- C:\Users\Kim\AppData\Local\resmon.resmoncfg
    [2013/08/15 18:19:26 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
    [2013/08/15 18:19:25 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
    [2013/08/15 18:19:25 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
    [2013/08/15 18:19:24 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
    [2013/08/15 18:19:23 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
    [2013/05/28 12:03:14 | 000,041,008 | ---- | C] () -- C:\Windows\SysWow64\RGBAcodec.dll
    [2013/03/07 16:24:10 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
    [2013/03/07 16:24:10 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
    [2013/03/07 16:24:10 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
    [2013/03/07 16:24:10 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
    [2012/12/01 14:36:01 | 000,000,638 | ---- | C] () -- C:\Windows\eReg.dat
    [2011/08/30 20:44:32 | 000,000,632 | R-S- | C] () -- C:\Users\Kim\ntuser.pol
    [2010/11/17 20:51:10 | 000,000,156 | ---- | C] () -- C:\Users\Kim\IT258_01_KimKennedy_Unit1Project.java

    ========== ZeroAccess Check ==========

    [2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

    [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

    [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

    [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
    "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
    "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Apartment

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
    "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Free

    [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
    "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
    "ThreadingModel" = Both

    [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

    ========== LOP Check ==========

    [2013/10/05 20:14:16 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\.minecraft
    [2013/10/05 13:57:21 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Audacity
    [2013/03/02 01:25:57 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
    [2011/08/30 15:12:43 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Fingertapps
    [2012/05/12 02:01:10 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\FOG Downloader
    [2013/07/24 17:53:14 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\FreeAudioPack
    [2013/03/06 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\NetBeans
    [2013/03/23 02:42:53 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Origin
    [2012/06/03 20:21:50 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\PCDr
    [2013/03/02 02:07:08 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\PDAppFlex
    [2011/11/08 20:42:07 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\SecondLife
    [2013/05/11 12:59:19 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Smith Micro
    [2013/10/02 10:52:38 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
    [2011/08/30 15:38:19 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Template
    [2013/06/20 21:55:19 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\TuneUp Software
    [2013/09/27 16:53:28 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\uTorrent
    [2011/09/11 10:58:01 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\Windows Live Writer
    [2013/05/10 23:05:18 | 000,000,000 | ---D | M] -- C:\Users\Kim\AppData\Roaming\xtranormal

    ========== Purity Check ==========



    < End of report >
  9. 2013-10-09, 13:52 #19
    ken545
    ken545 is offline
    Emeritus-Security Expert
    Join Date
    Nov 2005
    Location
    Florida's SpaceCoast
    Posts
    15,208

    Default

    Hi,

    Robybel will be away until this weekend, hope you dont mind if I take over.

    OTL logs look fine, I do see some plugins for FB on Firefox. How is your system behaving now ?
    Microsoft MVP Consumer Security 2007-2008-2009-2010-2011-2012-2013-2014

    ERROR MESSAGE 386
    No KeyBoard Detected
    Press F1 To Continue

    Just a reminder that threads will be closed if no reply in 3 days.
  10. 2013-10-09, 19:25 #20
    kimmisc
    kimmisc is offline
    Junior Member
    Join Date
    Sep 2013
    Posts
    15

    Default

    Well, I uninstalled FB Messenger since that was what was triggering the spoofed FB tabs, but overall, some things seem broken. Perhaps that is the result of MalwareBytes and similar programs. For instance, my Minecraft has become unplayable with 7-15 fps in single player mode using default textures. That is very poor performance for this computer. Is it typical to have these issues after a cleanup or does it usually mean the computer isn't clean?

    I picked this up by downloading and installing Quicktime from the first result (ad) that comes up when Googling "quicktime." (Such a shameful and stupid thing for me to do.) During the install, Norton blocked an attack but Norton's log showed a lot of activity that wasn't blocked, such as hundreds of firewall rule changes. Should I uninstall that Quicktime? I assumed the malware or virus came *with* it rather than in it, but I don't know.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules