Panda Antivirus + Zonealarm Events

Renzore101 · May 14, 2015

Hello again CF,

I may just be overly paranoid, but I want to double check to make sure some quarantine events in Panda AV and associated Zonealarm prompts are not cause for concern. In Panda I noticed a file continues to get re-created in C:\Windows\TEMP by the name of InstallTAPAdapter.exe. I did a quick google search and determined it is a file associated with the 7Zip program, which I may have installed previously, but I cannot remember for sure. In addition to that Zonealarm displayed a prompt explaining that the aforementioned .exe was attempting to gain elevated privileges so I wanted to make sure that this is not truly a malicious file. I read and performed the suggested procedure in the sticky, and I will include the log files in a reply.

Renzore101 · May 14, 2015

AdwCleaner Log:
# AdwCleaner v4.203 - Logfile created 14/05/2015 at 13:12:15
# Updated 30/04/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : renzore101 - KAWAII
# Running from : C:\Users\renzore101\Desktop\Security Programs\adwcleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

File Deleted : C:\Users\renzore101\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\renzore101\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

-\\ Google Chrome v42.0.2311.135

*************************

AdwCleaner[R0].txt - [1506 bytes] - [14/05/2015 13:10:12]
AdwCleaner[S0].txt - [1441 bytes] - [14/05/2015 13:12:15]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1500 bytes] ##########

Junkware Removal Tool Log:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.1 (05.14.2015:1)
OS: Windows 8.1 Pro x64
Ran by renzore101 on Thu 05/14/2015 at 13:18:49.28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1659995411-4093239189-2578733741-1001

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4}

~~~ Files

Successfully deleted: [File] C:\WINDOWS\prefetch\GOOGLETOOLBARNOTIFIER.EXE-B25C45A8.pf
Successfully deleted: [File] C:\Users\renzore101\appdata\local\google\chrome\user data\default\local storage\http_www.lyricsmode.com_0.localstorage
Successfully deleted: [File] C:\Users\renzore101\appdata\local\google\chrome\user data\default\local storage\http_www.lyricsmode.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\renzore101\appdata\local\google\chrome\user data\default\local storage\http_www.similarsitesearch.com_0.localstorage
Successfully deleted: [File] C:\Users\renzore101\appdata\local\google\chrome\user data\default\local storage\http_www.similarsitesearch.com_0.localstorage-journal

~~~ Folders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/14/2015 at 13:20:38.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes Log
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 5/14/2015
Scan Time: 1:21:56 PM
Logfile: Malwarebytes Log.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.14.04
Rootkit Database: v2015.04.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: renzore101

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 431073
Time Elapsed: 7 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

OTL Log:
OTL logfile created on: 5/14/2015 1:30:45 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\renzore101\Desktop\Security Programs
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17801)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.95 Gb Total Physical Memory | 6.17 Gb Available Physical Memory | 77.58% Memory free
9.20 Gb Paging File | 7.23 Gb Available in Paging File | 78.62% Paging File free
Paging file location(s): y:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 208.64 Gb Total Space | 70.49 Gb Free Space | 33.79% Space Free | Partition Type: NTFS
Drive X: | 232.88 Gb Total Space | 143.32 Gb Free Space | 61.54% Space Free | Partition Type: NTFS
Drive Y: | 465.76 Gb Total Space | 461.52 Gb Free Space | 99.09% Space Free | Partition Type: NTFS

Computer Name: KAWAII | User Name: renzore101 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found
PRC - C:\Users\renzore101\Desktop\Security Programs\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd.)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies Ltd.)
PRC - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Check Point Software Technologies, Ltd.)

========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll ()

========== Services (SafeList) ==========

SRV:64bit: - (PnkBstrA) -- C:\Windows\SysNative\PnkBstrA.exe ()
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\WINDOWS\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (ISCTAgent) -- C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe ()
SRV:64bit: - (IAStorDataMgrSvc) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV:64bit: - (Intel(R) -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel(R) Corporation)
SRV:64bit: - (Intel(R) -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (RtkAudioService) -- C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor)
SRV:64bit: - (cFosSpeedS) -- C:\Program Files\ASRock\XFast LAN\spd.exe (cFos Software GmbH)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Origin Client Service) -- C:\Program Files (x86)\Origin\OriginClientService.exe (Electronic Arts)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (OM) -- C:\Program Files (x86)\Kloudian\Orbweb Me\core.exe (kloudian)
SRV - (OD) -- C:\Program Files (x86)\Kloudian\Orbweb Me\process.exe (kloudian)
SRV - (PSUAService) -- C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.)
SRV - (NanoServiceMain) -- C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Panda Security, S.L.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
SRV - (PandaAgent) -- C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (Panda Security, S.L.)
SRV - (panda_url_filtering) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe (Panda Security)
SRV - (vsmon) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (Check Point Software Technologies Ltd.)
SRV - (ZAPrivacyService) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Check Point Software Technologies, Ltd.)
SRV - (OU) -- C:\Program Files (x86)\Kloudian\Orbweb Me\update\update.exe (kloudian)
SRV - (iumsvc) -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe ()
SRV - (ASRockIOMon) -- C:\Program Files (x86)\ASRock Utility\A-Tuning\Bin\IOMonitorSrv.exe ()
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe (Microsoft Corporation)

========== Driver Services (SafeList) ==========

DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVVADARM) -- C:\Windows\SysNative\drivers\nvvadarm.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (PSINReg) -- C:\Windows\SysNative\drivers\PSINReg.sys (Panda Security, S.L.)
DRV:64bit: - (PSINKNC) -- C:\Windows\SysNative\drivers\PSINKNC.sys (Panda Security, S.L.)
DRV:64bit: - (PSINProt) -- C:\Windows\SysNative\drivers\PSINProt.sys (Panda Security, S.L.)
DRV:64bit: - (PSINProc) -- C:\Windows\SysNative\drivers\PSINProc.sys (Panda Security, S.L.)
DRV:64bit: - (PSINAflt) -- C:\Windows\SysNative\drivers\PSINAflt.sys (Panda Security, S.L.)
DRV:64bit: - (PSINFile) -- C:\Windows\SysNative\drivers\PSINFile.sys (Panda Security, S.L.)
DRV:64bit: - (NNSTLSC) -- C:\Windows\SysNative\drivers\NNStlsc.sys (Panda Security, S.L.)
DRV:64bit: - (NNSSTRM) -- C:\Windows\SysNative\drivers\NNSStrm.sys (Panda Security, S.L.)
DRV:64bit: - (NNSSMTP) -- C:\Windows\SysNative\drivers\NNSSmtp.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPROT) -- C:\Windows\SysNative\drivers\NNSProt.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPRV) -- C:\Windows\SysNative\drivers\NNSPrv.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPOP3) -- C:\Windows\SysNative\drivers\NNSPop3.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPIHSW) -- C:\Windows\SysNative\drivers\NNSPihsw.sys (Panda Security, S.L.)
DRV:64bit: - (NNSPICC) -- C:\Windows\SysNative\drivers\NNSpicc.sys (Panda Security, S.L.)
DRV:64bit: - (NNSHTTP) -- C:\Windows\SysNative\drivers\NNSHttp.sys (Panda Security, S.L.)
DRV:64bit: - (NNSIDS) -- C:\Windows\SysNative\drivers\NNSIds.sys (Panda Security, S.L.)
DRV:64bit: - (NNSHTTPS) -- C:\Windows\SysNative\drivers\NNSHttps.sys (Panda Security, S.L.)
DRV:64bit: - (NNSALPC) -- C:\Windows\SysNative\drivers\NNSAlpc.sys (Panda Security, S.L.)
DRV:64bit: - (PSKMAD) -- C:\Windows\SysNative\drivers\PSKMAD.sys (Panda Security, S.L.)
DRV:64bit: - (NNSNAHSL) -- C:\Windows\SysNative\drivers\NNSNAHSL.sys (Panda Security, S.L.)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (Vsdatant) -- C:\Windows\SysNative\drivers\vsdatant.sys (Check Point Software Technologies Ltd.)
DRV:64bit: - (xb1usb) -- C:\Windows\SysNative\drivers\xb1usb.sys (Microsoft Corporation)
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (imsevent) -- C:\Windows\SysNative\drivers\imsevent.sys ()
DRV:64bit: - (INETMON) -- C:\Windows\SysNative\drivers\INETMON.sys ()
DRV:64bit: - (ikbevent) -- C:\Windows\SysNative\drivers\ikbevent.sys ()
DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD.sys ()
DRV:64bit: - (e1dexpress) -- C:\Windows\SysNative\drivers\e1d64x64.sys (Intel Corporation)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (pbfilter) -- C:\Program Files\PeerBlock\pbfilter.sys ()
DRV:64bit: - (NAL) -- C:\Windows\SysNative\drivers\iqvw64e.sys (Intel Corporation )
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (AsrRamDisk) -- C:\Windows\SysNative\drivers\AsrRamDisk.sys (ASRock Inc.)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (cFosSpeed) -- C:\Windows\SysNative\drivers\cfosspeed6.sys (cFos Software GmbH)
DRV:64bit: - (AsrAppCharger) -- C:\Windows\SysNative\drivers\AsrAppCharger.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\androidusb.sys (Google Inc)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV - (AsrDrv101) -- C:\Windows\SysWOW64\drivers\AsrDrv101.sys (ASRock Incorporation)
DRV - (panda_url_filteringd) -- C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringd.sys (Visicom Media Inc.)
DRV - (VSPerfDrv110) -- Y:\Visual Studio\Team Tools\Performance Tools\x64\VSPerfDrv110.sys (Microsoft Corporation)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2: C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

[2015/03/31 10:23:14 | 000,034,072 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\renzore101\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.12_0\
CHR - Extension: No name found = C:\Users\renzore101\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.506.11355_0\
CHR - Extension: No name found = C:\Users\renzore101\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.2_0\
CHR - Extension: No name found = C:\Users\renzore101\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\

O1 HOSTS File: ([2013/08/22 09:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll ()
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O2 - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (Panda Security Toolbar) - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll ()
O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [CNAP3 Launcher] C:\Windows\SysNative\spool\drivers\x64\3\CNAP3LAK.EXE (CANON INC.)
O4:64bit: - HKLM..\Run: [Gesture] C:\Program Files (x86)\Kloudian\Orbweb Me\cconsole-8.exe ()
O4:64bit: - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ISCT Tray] C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\WINDOWS\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [XFast LAN] C:\Program Files\ASRock\XFast LAN\cfosspeed.exe (cFos Software GmbH)
O4 - HKLM..\Run: [PSUAMain] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Panda Security, S.L.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies Ltd.)
O4 - HKCU..\Run: [ASRock A-Tuning] File not found
O4 - HKCU..\Run: [ASRockRuefi] File not found
O4 - HKCU..\Run: [EADM] C:\Program Files (x86)\Origin\Origin.exe (Electronic Arts)
O4 - HKCU..\Run: [GoogleChromeAutoLaunch_0657CA84DB0ED292ED50044AC5B8A188] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe (PeerBlock, LLC)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F6A06E9-C39F-4DC8-8BD2-0584F4B9EB54}: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F6A06E9-C39F-4DC8-8BD2-0584F4B9EB54}: NameServer = 8.8.8.8,8.8.4.4
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015/05/14 13:21:35 | 000,136,408 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/05/14 13:18:50 | 000,000,000 | ---D | C] -- C:\RegBackup
[2015/05/14 13:04:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015/05/14 13:04:54 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbamchameleon.sys
[2015/05/14 13:04:54 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2015/05/14 13:04:54 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2015/05/14 13:04:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015/05/14 13:04:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015/05/14 13:01:08 | 000,000,000 | ---D | C] -- C:\Users\renzore101\Desktop\Security Programs
[2015/05/14 12:59:57 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015/05/09 20:24:36 | 000,000,000 | ---D | C] -- C:\Users\renzore101\Documents\Diablo III
[2015/05/09 20:22:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
[2015/05/09 20:06:40 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Local\Blizzard Entertainment
[2015/05/09 20:06:35 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Roaming\Battle.net
[2015/05/09 20:06:35 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Local\Battle.net
[2015/05/09 20:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2015/05/09 20:05:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2015/05/09 20:05:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2015/05/09 20:02:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2015/05/04 22:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
[2015/05/04 22:33:31 | 000,000,000 | ---D | C] -- C:\Program Files\PeerBlock
[2015/05/04 12:51:36 | 000,061,712 | ---- | C] (Panda Security, S.L.) -- C:\WINDOWS\SysNative\drivers\PSKMAD.sys
[2015/05/02 14:17:04 | 000,000,000 | ---D | C] -- C:\Users\renzore101\Documents\Bobby
[2015/05/01 20:57:34 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2015/05/01 20:57:33 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Local\Logitech
[2015/05/01 20:57:22 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2015/05/01 20:57:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2015/05/01 20:57:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2015/05/01 20:57:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2015/05/01 20:57:07 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2015/05/01 20:56:32 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Roaming\Logitech
[2015/05/01 20:56:32 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Roaming\Logishrd
[2015/04/30 17:48:11 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cursor Lock
[2015/04/30 17:48:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cursor Lock
[2015/04/30 17:48:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cursor Lock
[2015/04/28 21:32:43 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Local\Colossal Order
[2015/04/28 21:32:43 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Roaming\.mono
[2015/04/28 21:32:43 | 000,000,000 | ---D | C] -- C:\ProgramData\.mono
[2015/04/25 21:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\SAMSUNG
[2015/04/25 06:00:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015/04/24 22:33:13 | 000,000,000 | ---D | C] -- C:\Users\renzore101\Documents\Custom Office Templates
[2015/04/23 15:03:49 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2015/04/23 14:55:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015/04/23 14:55:07 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2015/04/23 14:55:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2015/04/23 14:54:48 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2015/04/23 12:37:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\AutoKMS
[2015/04/23 12:37:11 | 000,040,664 | ---- | C] (The OpenVPN Project) -- C:\WINDOWS\SysNative\drivers\tap0901.sys
[2015/04/23 12:36:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2015/04/23 12:33:46 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2015/04/23 12:33:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2015/04/23 12:33:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\PCHEALTH
[2015/04/23 12:30:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2015/04/23 12:30:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2015/04/23 12:30:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2015/04/23 12:30:33 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Local\Microsoft Help
[2015/04/23 12:30:32 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2015/04/23 12:30:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2015/04/23 12:30:26 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2015/04/23 12:27:48 | 000,000,000 | ---D | C] -- C:\Users\renzore101\Documents\[]Microsoft Office Professional Plus (x64) 2013 Incl Activator P2P
[2015/04/23 01:51:39 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Local\ElevatedDiagnostics
[2015/04/23 01:27:25 | 000,000,000 | ---D | C] -- C:\Users\renzore101\AppData\Local\Diagnostics
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2015/05/14 13:21:41 | 000,136,408 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\MBAMSwissArmy.sys
[2015/05/14 13:18:54 | 000,000,207 | ---- | M] () -- C:\WINDOWS\tweaking.com-regbackup-KAWAII-Windows-8.1-Pro-(64-bit).dat
[2015/05/14 13:16:44 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015/05/14 13:16:26 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2015/05/14 13:16:02 | 000,000,916 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2015/05/14 13:14:25 | 000,529,712 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2015/05/14 13:14:22 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015/05/14 12:55:00 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2015/05/09 20:22:22 | 000,000,793 | ---- | M] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2015/05/09 20:06:03 | 000,001,160 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2015/05/09 19:32:11 | 001,795,394 | ---- | M] () -- C:\Users\renzore101\Desktop\20150509_193211.jpg
[2015/05/09 17:08:36 | 000,001,792 | ---- | M] () -- C:\Users\renzore101\Desktop\PeerBlock.lnk
[2015/05/08 17:42:39 | 000,865,408 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2015/05/08 17:42:39 | 000,731,446 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2015/05/08 17:42:39 | 000,136,056 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2015/05/04 00:13:55 | 000,000,219 | ---- | M] () -- C:\Users\renzore101\Desktop\Dota 2.url
[2015/05/01 21:31:10 | 000,001,476 | ---- | M] () -- C:\Users\renzore101\Desktop\Cities (CursorLock).lnk
[2015/04/30 17:58:21 | 000,002,101 | ---- | M] () -- C:\Users\renzore101\Desktop\Setup Cursor Lock.lnk
[2015/04/30 17:37:13 | 000,000,232 | ---- | M] () -- C:\Users\renzore101\Desktop\Cities Skylines.url
[2015/04/23 12:39:31 | 000,002,805 | ---- | M] () -- C:\Users\renzore101\Desktop\Excel 2013.lnk
[2015/04/23 12:39:20 | 000,002,853 | ---- | M] () -- C:\Users\renzore101\Desktop\Word 2013.lnk
[2015/04/18 18:32:45 | 000,001,110 | ---- | M] () -- C:\Users\renzore101\Desktop\EVGA OC Scanner X.lnk
[2015/04/17 12:17:38 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2015/05/14 13:18:54 | 000,000,207 | ---- | C] () -- C:\WINDOWS\tweaking.com-regbackup-KAWAII-Windows-8.1-Pro-(64-bit).dat
[2015/05/12 16:06:09 | 000,410,017 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2015/05/09 20:22:22 | 000,000,793 | ---- | C] () -- C:\Users\Public\Desktop\Diablo III.lnk
[2015/05/09 20:06:03 | 000,001,160 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2015/05/09 19:35:54 | 001,795,394 | ---- | C] () -- C:\Users\renzore101\Desktop\20150509_193211.jpg
[2015/05/09 18:15:33 | 000,000,299 | ---- | C] () -- C:\Users\renzore101\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
[2015/05/04 22:33:31 | 000,001,792 | ---- | C] () -- C:\Users\renzore101\Desktop\PeerBlock.lnk
[2015/05/04 00:13:55 | 000,000,219 | ---- | C] () -- C:\Users\renzore101\Desktop\Dota 2.url
[2015/05/01 21:31:09 | 000,001,476 | ---- | C] () -- C:\Users\renzore101\Desktop\Cities (CursorLock).lnk
[2015/04/30 17:58:21 | 000,002,101 | ---- | C] () -- C:\Users\renzore101\Desktop\Setup Cursor Lock.lnk
[2015/04/28 17:02:37 | 000,000,232 | ---- | C] () -- C:\Users\renzore101\Desktop\Cities Skylines.url
[2015/04/25 21:15:31 | 001,233,812 | ---- | C] () -- C:\Users\renzore101\Desktop\Network+ Exam Cram.pdf
[2015/04/23 12:39:31 | 000,002,805 | ---- | C] () -- C:\Users\renzore101\Desktop\Excel 2013.lnk
[2015/04/23 12:39:20 | 000,002,853 | ---- | C] () -- C:\Users\renzore101\Desktop\Word 2013.lnk
[2015/04/17 12:17:38 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2015/04/14 15:40:36 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysWow64\ieuinit.inf
[2015/04/14 15:40:36 | 000,016,303 | ---- | C] () -- C:\WINDOWS\SysNative\ieuinit.inf
[2015/04/06 06:11:44 | 000,226,680 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrB.exe
[2015/04/06 06:11:43 | 000,076,888 | ---- | C] () -- C:\WINDOWS\SysWow64\PnkBstrA.exe
[2015/04/06 00:22:58 | 001,065,984 | ---- | C] () -- C:\Users\renzore101\AppData\Local\file__0.localstorage
[2015/04/05 17:41:13 | 000,803,370 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2014/11/21 05:18:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2014/11/21 05:16:54 | 000,107,008 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/11/21 04:53:23 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2013/08/22 11:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 11:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 10:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013/08/22 03:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/21 19:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 19:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat

========== ZeroAccess Check ==========

[2015/05/03 20:05:58 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2015/04/05 23:31:43 | 022,291,584 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2015/04/05 23:31:43 | 019,731,824 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014/11/21 05:17:11 | 001,013,760 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/11/21 05:18:15 | 000,786,944 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014/11/21 05:17:11 | 000,512,512 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015/04/28 21:32:43 | 000,000,000 | ---D | M] -- C:\Users\renzore101\AppData\Roaming\.mono
[2015/05/09 20:07:11 | 000,000,000 | ---D | M] -- C:\Users\renzore101\AppData\Roaming\Battle.net
[2015/05/14 13:00:28 | 000,000,000 | ---D | M] -- C:\Users\renzore101\AppData\Roaming\ClassicShell
[2015/04/07 17:55:15 | 000,000,000 | ---D | M] -- C:\Users\renzore101\AppData\Roaming\e-academy Inc
[2015/04/14 01:46:04 | 000,000,000 | ---D | M] -- C:\Users\renzore101\AppData\Roaming\Origin
[2015/04/05 17:49:46 | 000,000,000 | ---D | M] -- C:\Users\renzore101\AppData\Roaming\Panda Security

========== Purity Check ==========

< End of report >

johnb35 · May 15, 2015

Just a quick response here as I've been gone all day picking my son up from college 5 hours away. Panda is the only program that flags that file. It's harmless. I will go over the OTL log when tomorrow evening sometime when I get home from work and will let you know if I find anything.

Renzore101 · May 15, 2015

johnb35 said:
Just a quick response here as I've been gone all day picking my son up from college 5 hours away. Panda is the only program that flags that file. It's harmless. I will go over the OTL log when tomorrow evening sometime when I get home from work and will let you know if I find anything.

Thanks a lot for the quick reply on that! I suspected that .exe was a false positive, I will await your conclusion after reviewing the OTL log. Also, in your opinion is Panda a good free solution?

johnb35 · May 15, 2015

Nothing major found in the OTL log. However, what chrome extensions do you have installed?

I've never used panda so couldn't tell you. Here are the ratings of the top free programs.

http://www.pcmag.com/article2/0,2817,2388652,00.asp

Renzore101 · May 16, 2015

johnb35 said:
Nothing major found in the OTL log. However, what chrome extensions do you have installed?

I've never used panda so couldn't tell you. Here are the ratings of the top free programs.

http://www.pcmag.com/article2/0,2817,2388652,00.asp

Thanks for that information, plus that is a relief. Currently the only extension I have in Chrome is Adblock Plus.

Panda Antivirus + Zonealarm Events

Renzore101

Member

Renzore101

Member

johnb35

Administrator

Renzore101

Member

johnb35

Administrator

Renzore101

Member