Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help programs not opening, programs erroring and closing


  • This topic is locked This topic is locked
19 replies to this topic

#1 Arms_warrior

Arms_warrior

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 23 February 2014 - 03:14 AM

Afternnoon,

 

Last few days I have had a lot of problems with my computer I use for gaming,

 

Programs aren't opening when I click on them.

 

For e.g. Click on ITUNES nothing happens after trying 5 times. Then I finally get it open and it can't connect to store. (My net works fine)

 

Also My Alienware thermal controller won't run and Alienware Respawn program wont run it errors on startup.

 

Need help!!  :(

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
DS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16518  BrowserJavaVersion: 10.45.2
Run by xreynex at 19:00:00 on 2014-02-23
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.8183.5171 [GMT 11:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe
C:\Program Files (x86)\Stardock\MyColors\WBVista.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
C:\Program Files (x86)\AlienRespawn\sftservice.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
C:\Program Files\McAfee\MSC\McAPExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files\Alienware\Command Center\AlienFusionService.exe
C:\Program Files\Alienware\Command Center\AlienFusionController.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\PokerStars\PokerStars.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Page = hxxp://go.microsoft.com
uDefault_Page_URL = about:blank
uDefault_Search_URL = hxxp://go.microsoft.com
mStart Page = about:blank
mSearch Page = hxxp://go.microsoft.com
mDefault_Page_URL = about:blank
mDefault_Search_URL = hxxp://go.microsoft.com
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
mRun: [D-Link D-Link Wireless N DWA-140] C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Razer Naga Driver] C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [mcpltui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BELKIN~1.LNK - C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\MyColors\SDDelayedLaunch.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: gdpgold.com
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{C0EECF7F-2A89-4B0E-A7A5-363404C1650D} : DHCPNameServer = 192.231.203.132 192.231.203.3
TCP: Interfaces\{D06AB1D8-1917-4130-94C0-ADEC01081E9E} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{D06AB1D8-1917-4130-94C0-ADEC01081E9E}\C496E6B6379737 : DHCPNameServer = 192.231.203.132 192.231.203.3
TCP: Interfaces\{DCF0B534-C8B6-4AA1-8602-C8D7A0DEE677} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{DCF0B534-C8B6-4AA1-8602-C8D7A0DEE677}\2456C6B696E6F5E4B2F5143403145483 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{DCF0B534-C8B6-4AA1-8602-C8D7A0DEE677}\D61627B6 : DHCPNameServer = 192.168.2.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
AppInit_DLLs=  
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = about:blank
x64-mSearch Page = hxxp://go.microsoft.com
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = hxxp://go.microsoft.com
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Command Center Controllers] "C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe"
x64-DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Notify: WB - C:\Program Files (x86)\Stardock\MyColors\fast64.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\xreynex\AppData\Roaming\Mozilla\Firefox\Profiles\tuo2xipi.default\
FF - plugin: c:\PROGRA~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll
FF - plugin: C:\Users\xreynex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\xreynex\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-11-4 782616]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-11-4 343696]
R0 RzFilter;RzFilter;C:\Windows\System32\drivers\RzFilter.sys [2013-11-30 74432]
R1 anodlwf;ANOD Network Security Filter driver;C:\Windows\System32\drivers\anodlwfx.sys [2011-7-20 15872]
R2 AlienFusionService;Alienware Fusion Service;C:\Program Files\Alienware\Command Center\AlienFusionService.exe [2010-11-5 15296]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-2-21 236544]
R2 D-Link Wireless N DWA-140_WPS;D-Link Wireless N DWA-140_WPS Service;C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [2011-7-20 53248]
R2 HomeNetSvc;McAfee Home Network;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-12-20 328928]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-12-28 13336]
R2 McAPExe;McAfee AP Service;C:\Program Files\mcafee\msc\McAPExe.exe [2013-12-20 178048]
R2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-12-20 328928]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-12-20 328928]
R2 mcpltsvc;McAfee Platform Services;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-12-20 328928]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [2013-12-20 328928]
R2 mfecore;McAfee Anti-Malware Core;C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe [2013-12-20 1025232]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe [2013-12-23 219272]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\Windows\System32\mfevtps.exe [2013-12-23 184800]
R2 RtNdPt60;Realtek NDIS Protocol Driver;C:\Windows\System32\drivers\RtNdPt60.sys [2010-12-28 27136]
R2 RzOvlMon;Razer Overlay Subsystem Emergency Service;C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe [2013-10-25 32960]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\AlienRespawn\SftService.exe [2010-12-28 1692480]
R2 WLANBelkinService;Belkin WLAN service;C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [2009-12-28 36864]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-2-14 96768]
R3 BCMH43XX;N+ Wireless USB Adapter Driver;C:\Windows\System32\drivers\bcmwlhigh664.sys [2009-11-6 838136]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-11-4 70112]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-11-4 311120]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-11-4 519576]
R3 mfencbdc;McAfee Inc. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2013-11-26 411944]
R3 mio;Master IO Filter Driver;C:\Windows\System32\drivers\mio.sys [2010-10-13 14928]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-12-29 239616]
R3 RzDxgk;RzDxgk;C:\Windows\System32\drivers\RzDxgk.sys [2013-11-30 129472]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2013-10-14 39080]
R3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2013-10-17 143016]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2014-1-15 197704]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-2-20 111616]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-16 289256]
S3 mfencrk;McAfee Inc. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2013-11-26 96112]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-11-30 19456]
S3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2010-12-28 43008]
S3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);C:\Windows\System32\drivers\RtVlan60.sys [2010-12-28 24064]
S3 RzSynapse;Razer Driver;C:\Windows\System32\drivers\RzSynapse.sys [2011-11-15 126464]
S3 SSMO3v2Filter;MMO3v2 Mouse;C:\Windows\System32\drivers\MO3v2Driver.sys [2010-11-22 23040]
S3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);C:\Windows\System32\drivers\RtTeam60.sys [2010-12-28 43008]
S3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;C:\Windows\System32\drivers\gtkdrv.sys [2012-1-5 16640]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-30 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-1-8 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 McOobeSv;McAfee OOBE Service;C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe [2012-9-30 201304]
.
=============== Created Last 30 ================
.
2014-02-23 04:35:08 -------- d-----w- C:\Program Files\iPod
2014-02-23 04:35:07 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-23 04:35:07 -------- d-----w- C:\Program Files\iTunes
2014-02-23 04:35:07 -------- d-----w- C:\Program Files (x86)\iTunes
2014-02-22 01:50:24 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{55620038-3E57-475B-833F-CF18D41A3F58}\offreg.dll
2014-02-22 01:49:53 -------- d-----w- C:\ProgramData\GridinSoft
2014-02-22 01:49:52 -------- d-----w- C:\Program Files\GridinSoft Trojan Killer
2014-02-20 22:59:08 -------- d-----w- C:\Program Files (x86)\AMD APP
2014-02-20 12:44:47 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2014-02-20 12:44:47 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2014-02-20 12:44:47 12625920 ----a-w- C:\Windows\System32\wmploc.DLL
2014-02-20 12:44:46 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2014-02-20 12:33:52 548864 ----a-w- C:\Windows\System32\vbscript.dll
2014-02-20 12:33:52 454656 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-02-20 12:29:25 2565120 ----a-w- C:\Windows\System32\d3d10warp.dll
2014-02-20 12:29:25 1987584 ----a-w- C:\Windows\SysWow64\d3d10warp.dll
2014-02-20 12:29:24 3928064 ----a-w- C:\Windows\System32\d2d1.dll
2014-02-20 12:29:24 3419136 ----a-w- C:\Windows\SysWow64\d2d1.dll
2014-02-20 12:27:42 202752 ----a-w- C:\Windows\System32\scrrun.dll
2014-02-20 12:27:42 168960 ----a-w- C:\Windows\System32\wscript.exe
2014-02-20 12:27:42 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll
2014-02-20 12:27:42 156160 ----a-w- C:\Windows\System32\cscript.exe
2014-02-20 12:27:42 150016 ----a-w- C:\Windows\System32\wshom.ocx
2014-02-20 12:27:42 141824 ----a-w- C:\Windows\SysWow64\wscript.exe
2014-02-20 12:27:42 126976 ----a-w- C:\Windows\SysWow64\cscript.exe
2014-02-20 12:27:42 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx
2014-02-13 02:42:56 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-02-13 02:42:56 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-02-13 02:41:55 376768 ----a-w- C:\Windows\System32\drivers\netio.sys
2014-02-13 02:41:54 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-02-11 07:03:54 -------- d-----w- C:\Program Files\McAfee Security Scan
2014-02-01 11:03:49 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-02-01 11:03:49 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-02-01 11:03:49 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-02-01 11:03:49 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-02-01 11:03:49 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-02-01 11:03:49 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-02-01 11:03:49 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
.
==================== Find3M  ====================
.
2014-02-21 10:48:47 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 10:48:47 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-20 22:55:21 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll
2014-02-20 22:55:21 26181632 ----a-w- C:\Windows\System32\atio6axx.dll
2014-02-20 22:55:20 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll
2014-02-20 22:55:13 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll
2014-02-20 22:55:12 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll
2014-02-20 22:55:12 236544 ----a-w- C:\Windows\System32\atiesrxx.exe
2014-02-20 22:55:11 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll
2014-02-20 22:55:09 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll
2014-02-20 22:55:04 7431680 ----a-w- C:\Windows\System32\atiumd64.dll
2014-02-20 22:55:00 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll
2014-02-20 22:54:56 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys
2014-02-20 22:54:50 41984 ----a-w- C:\Windows\System32\atig6txx.dll
2014-02-20 22:54:49 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll
2014-02-20 22:54:49 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll
2014-02-20 22:54:41 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll
2014-02-20 22:54:18 64000 ----a-w- C:\Windows\System32\coinst.dll
2014-02-20 22:54:18 54784 ----a-w- C:\Windows\System32\atiuxp64.dll
2014-02-20 22:54:18 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll
2014-02-20 22:52:48 54784 ----a-w- C:\Windows\System32\atimpc64.dll
2014-02-11 11:59:04 16640 ----a-w- C:\Windows\System32\drivers\gtkdrv.sys
2014-02-06 11:30:46 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-02-06 11:30:12 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-02-06 11:07:39 66048 ----a-w- C:\Windows\System32\iesetup.dll
2014-02-06 11:06:47 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-02-06 10:49:03 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-02-06 10:48:45 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-02-06 10:48:11 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-02-06 10:20:26 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-02-06 10:11:37 5768704 ----a-w- C:\Windows\System32\jscript9.dll
2014-02-06 10:01:36 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-02-06 10:00:46 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-02-06 09:50:32 2041856 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-02-06 09:47:22 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-02-06 09:46:27 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-02-06 09:25:36 4244480 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-02-06 09:24:52 2334208 ----a-w- C:\Windows\System32\wininet.dll
2014-02-06 09:09:30 1964032 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-02-06 08:41:35 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-12-17 19:13:56 270496 ------w- C:\Windows\System32\MpSigStub.exe
2013-12-06 02:30:08 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2013-12-06 02:30:08 1882112 ----a-w- C:\Windows\System32\msxml3.dll
2013-12-06 02:02:08 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2013-12-06 02:02:08 1237504 ----a-w- C:\Windows\SysWow64\msxml3.dll
2013-12-05 05:51:38 70112 ----a-w- C:\Windows\System32\drivers\cfwids.sys
2013-12-05 05:45:18 343696 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys
2013-12-05 05:44:56 184800 ----a-w- C:\Windows\System32\mfevtps.exe
2013-12-05 05:41:04 782616 ----a-w- C:\Windows\System32\drivers\mfehidk.sys
2013-12-05 05:39:08 519576 ----a-w- C:\Windows\System32\drivers\mfefirek.sys
2013-12-05 05:37:34 311120 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys
2013-12-05 05:36:50 179792 ----a-w- C:\Windows\System32\drivers\mfeapfk.sys
2013-12-04 02:27:33 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp_isv.dll
2013-12-04 02:27:33 123392 ----a-w- C:\Windows\System32\secproc_ssp.dll
2013-12-04 02:27:16 488448 ----a-w- C:\Windows\System32\secproc.dll
2013-12-04 02:26:32 528384 ----a-w- C:\Windows\System32\msdrm.dll
2013-12-04 02:16:51 658432 ----a-w- C:\Windows\System32\RMActivate_isv.exe
2013-12-04 02:16:51 626176 ----a-w- C:\Windows\System32\RMActivate.exe
2013-12-04 02:16:50 552960 ----a-w- C:\Windows\System32\RMActivate_ssp_isv.exe
2013-12-04 02:16:48 553984 ----a-w- C:\Windows\System32\RMActivate_ssp.exe
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp_isv.dll
2013-12-04 02:03:20 87040 ----a-w- C:\Windows\SysWow64\secproc_ssp.dll
2013-12-04 02:03:20 423936 ----a-w- C:\Windows\SysWow64\secproc_isv.dll
2013-12-04 02:03:08 428032 ----a-w- C:\Windows\SysWow64\secproc.dll
2013-12-04 02:02:06 390144 ----a-w- C:\Windows\SysWow64\msdrm.dll
2013-12-04 01:54:14 510976 ----a-w- C:\Windows\SysWow64\RMActivate_ssp.exe
2013-12-04 01:54:10 594944 ----a-w- C:\Windows\SysWow64\RMActivate_isv.exe
2013-12-04 01:54:09 572416 ----a-w- C:\Windows\SysWow64\RMActivate.exe
2013-12-04 01:54:06 508928 ----a-w- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
2013-11-26 11:07:44 10856 ----a-w- C:\Windows\System32\drivers\mfeclnrk.sys
2013-11-26 11:07:22 96112 ----a-w- C:\Windows\System32\drivers\mfencrk.sys
2013-11-26 11:07:02 411944 ----a-w- C:\Windows\System32\drivers\mfencbdc.sys
.
============= FINISH: 19:00:28.06 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


m

#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:57 PM

Posted 25 February 2014 - 03:07 PM

Greetings Arms_warrior and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. While I review our situation please run this program for me.

===================================================

Farbar Recovery Scan Tool (FRST)

--------------------
  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should
  • Double click the icon
  • Click Yes to the disclaimer
  • Make sure the Addition.txt box is checked
  • Click Scan and allow the program to run
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • FRST results
  • Addition log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 Arms_warrior

Arms_warrior
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 26 February 2014 - 01:19 AM

Thanks for your reply Gary.
 
Please see below.
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-02-2014
Ran by xreynex (administrator) on XREYNEX-PC on 26-02-2014 17:13:25
Running from C:\Users\xreynex\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\MyColors\VistaSrv.exe
() C:\Program Files (x86)\Stardock\MyColors\WBVista.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(McAfee, Inc.) C:\Windows\system32\mfevtps.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe
(SoftThinks SAS) C:\Program Files (x86)\AlienRespawn\sftservice.EXE
() C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
(Alienware) C:\Program Files\Alienware\Command Center\AlienFusionService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
() C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
(SoftThinks - Dell) C:\Program Files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Alienware Corp) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alienware Corporation) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
() C:\Program Files\Alienware\Command Center\AlienFusionController.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [] - [X]
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-02-03] (Realtek Semiconductor)
HKLM\...\Run: [Command Center Controllers] - C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13256 2010-11-05] (Microsoft)
HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe [963584 2009-12-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [641664 2012-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-03] (Intel Corporation)
HKLM-x32\...\Run: [D-Link D-Link Wireless N DWA-140] - C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1024000 2010-06-30] (D-Link Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Razer Naga Driver] - C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-14] ()
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263512 2012-11-30] ()
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-10-17] (Razer Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-06] (Apple Inc.)
Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\MyColors\fast64.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1168900641-60544572-2022847366-1001\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-26] (Valve Corporation)
HKU\S-1-5-21-1168900641-60544572-2022847366-1001\...\MountPoints2: {dc722003-1302-11e0-bfa7-806e6f6e6963} - "D:\StarCraft II Setup.exe"
HKU\S-1-5-21-1168900641-60544572-2022847366-1001\...\MountPoints2: {e3909346-19fa-11e0-a0fc-a4badbfa229a} - "E:\WD SmartWare.exe" autoplay=true
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://support.alienware.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.google.com.au/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
DPF: HKLM {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\xreynex\AppData\Roaming\Mozilla\Firefox\Profiles\tuo2xipi.default
FF user.js: detected! => C:\Users\xreynex\AppData\Roaming\Mozilla\Firefox\Profiles\tuo2xipi.default\user.js
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\xreynex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\xreynex\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2011-11-13]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-06-28]
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.com.au
CHR Extension: (Google Docs) - C:\Users\xreynex\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-22]
CHR Extension: (Google Drive) - C:\Users\xreynex\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-22]
CHR Extension: (YouTube) - C:\Users\xreynex\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-22]
CHR Extension: (Google Search) - C:\Users\xreynex\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-22]
CHR Extension: (Google Wallet) - C:\Users\xreynex\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-22]
CHR Extension: (Gmail) - C:\Users\xreynex\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-22]
 
==================== Services (Whitelisted) =================
 
R2 D-Link Wireless N DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-06-03] ()
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2013-10-25] (Razer, Inc.)
R2 WLANBelkinService; C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe [36864 2009-12-28] ()
 
==================== Drivers (Whitelisted) ====================
 
S3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
S3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.)
R3 mio; C:\Windows\System32\DRIVERS\mio.sys [14928 2010-10-13] (Dell/Alienware)
S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1119072 2010-05-05] (Ralink Technology Corp.)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [40464 2007-11-07] (CACE Technologies)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2013-10-25] (Razer, Inc.)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-10-14] (Razer Inc)
R0 RzFilter; C:\Windows\System32\drivers\RzFilter.sys [74432 2013-10-25] (Razer, Inc.)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2011-11-15] (Razer USA Ltd)
S3 SSMO3v2Filter; C:\Windows\System32\drivers\MO3v2Driver.sys [23040 2010-11-22] (Sagatek Co. Ltd.)
S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2014-02-11] (Windows ® Win 7 DDK provider)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-26 17:13 - 2014-02-26 17:14 - 00016479 _____ () C:\Users\xreynex\Downloads\FRST.txt
2014-02-26 17:12 - 2014-02-26 17:13 - 00000000 ____D () C:\FRST
2014-02-26 17:10 - 2014-02-26 17:12 - 02155520 _____ (Farbar) C:\Users\xreynex\Downloads\FRST64.exe
2014-02-23 19:00 - 2014-02-23 19:09 - 00011159 _____ () C:\Users\xreynex\Desktop\attach.txt
2014-02-23 19:00 - 2014-02-23 19:07 - 00024355 _____ () C:\Users\xreynex\Desktop\dds.txt
2014-02-23 18:59 - 2014-02-23 18:59 - 00688992 ____R (Swearware) C:\Users\xreynex\Downloads\dds.com
2014-02-23 15:35 - 2014-02-23 15:35 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-23 15:35 - 2014-02-23 15:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-23 15:35 - 2014-02-23 15:35 - 00000000 ____D () C:\Program Files\iTunes
2014-02-23 15:35 - 2014-02-23 15:35 - 00000000 ____D () C:\Program Files\iPod
2014-02-23 15:35 - 2014-02-23 15:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-23 00:46 - 2014-02-23 00:46 - 00002962 _____ () C:\Windows\System32\Tasks\{69914892-1CEE-4BA9-AC0C-1C04CA653E81}
2014-02-22 14:09 - 2014-02-22 14:09 - 00010477 _____ () C:\Users\xreynex\Documents\Uninstall STAR WARS The Old Republic.log
2014-02-22 12:49 - 2014-02-22 12:49 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-02-22 12:49 - 2014-02-22 12:49 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-02-22 12:48 - 2014-02-22 12:49 - 41290192 _____ (GridinSoft LLC) C:\Users\xreynex\Downloads\gtk-2.2.1.7-setup.exe
2014-02-21 09:59 - 2014-02-21 09:59 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-02-21 09:55 - 2014-02-21 09:55 - 26181632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-02-21 09:55 - 2014-02-21 09:55 - 19753984 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-02-21 09:55 - 2014-02-21 09:55 - 16090624 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-02-21 09:55 - 2014-02-21 09:55 - 02631008 _____ () C:\Windows\system32\atiumd6a.cap
2014-02-21 09:55 - 2014-02-21 09:55 - 01120768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2014-02-21 09:55 - 2014-02-21 09:55 - 00236544 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-02-21 09:55 - 2014-02-21 09:54 - 13764096 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-02-21 09:55 - 2014-02-21 09:54 - 11174400 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-02-21 09:55 - 2014-02-21 09:54 - 02664704 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-02-21 09:55 - 2014-02-21 09:54 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-02-21 09:55 - 2014-02-21 09:54 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-02-21 09:55 - 2014-02-21 09:54 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2014-02-21 09:55 - 2014-02-21 09:53 - 01831424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2014-02-21 09:55 - 2014-02-21 09:53 - 00343040 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-02-21 09:55 - 2014-02-21 09:53 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2014-02-21 09:55 - 2014-02-21 09:53 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-02-21 09:55 - 2014-02-21 09:53 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-02-21 09:55 - 2014-02-21 09:53 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-02-21 09:55 - 2014-02-21 09:53 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2014-02-21 09:55 - 2014-02-21 09:53 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-02-21 09:55 - 2014-02-21 09:53 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-02-21 09:55 - 2014-02-21 09:53 - 00017408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-02-21 09:55 - 2014-02-21 09:53 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-02-21 09:55 - 2014-02-21 09:53 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00601728 _____ () C:\Windows\system32\atiicdxx.dat
2014-02-21 09:55 - 2014-02-21 09:52 - 00503808 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-02-21 09:55 - 2014-02-21 09:52 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00360448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00245896 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-02-21 09:55 - 2014-02-21 09:52 - 00245896 _____ () C:\Windows\system32\atiapfxx.blb
2014-02-21 09:55 - 2014-02-21 09:52 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-02-21 09:55 - 2014-02-21 09:52 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2014-02-21 09:55 - 2014-02-21 09:52 - 00038159 _____ () C:\Windows\atiogl.xml
2014-02-21 09:55 - 2014-02-21 09:52 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-02-20 23:44 - 2013-05-10 16:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-02-20 23:44 - 2013-05-10 16:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-02-20 23:44 - 2013-05-10 15:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-02-20 23:44 - 2013-05-10 15:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-02-20 23:33 - 2013-12-21 20:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-20 23:33 - 2013-12-21 19:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-20 23:32 - 2014-02-06 23:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-20 23:32 - 2014-02-06 22:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-20 23:32 - 2014-02-06 22:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-20 23:32 - 2014-02-06 22:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-20 23:32 - 2014-02-06 22:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-20 23:32 - 2014-02-06 22:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-20 23:32 - 2014-02-06 21:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-20 23:32 - 2014-02-06 21:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-20 23:32 - 2014-02-06 21:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-20 23:32 - 2014-02-06 21:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-20 23:32 - 2014-02-06 21:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-20 23:32 - 2014-02-06 21:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-20 23:32 - 2014-02-06 21:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-20 23:32 - 2014-02-06 21:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-20 23:32 - 2014-02-06 21:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-20 23:32 - 2014-02-06 21:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-20 23:32 - 2014-02-06 21:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-20 23:32 - 2014-02-06 21:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-20 23:32 - 2014-02-06 21:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-20 23:32 - 2014-02-06 20:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-20 23:32 - 2014-02-06 20:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-20 23:32 - 2014-02-06 20:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-20 23:32 - 2014-02-06 20:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-20 23:32 - 2014-02-06 20:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-20 23:32 - 2014-02-06 20:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-20 23:32 - 2014-02-06 20:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-20 23:32 - 2014-02-06 20:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-20 23:32 - 2014-02-06 20:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-20 23:32 - 2014-02-06 20:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-20 23:32 - 2014-02-06 20:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-20 23:32 - 2014-02-06 20:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-20 23:32 - 2014-02-06 20:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-20 23:32 - 2014-02-06 20:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-20 23:32 - 2014-02-06 20:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-20 23:32 - 2014-02-06 19:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-20 23:32 - 2014-02-06 19:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-20 23:32 - 2014-02-06 19:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-20 23:32 - 2014-02-06 19:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-20 23:32 - 2014-02-06 19:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-20 23:29 - 2014-01-01 10:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-20 23:29 - 2014-01-01 10:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-20 23:29 - 2013-12-25 10:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-20 23:29 - 2013-12-25 09:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-20 23:29 - 2013-11-26 19:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-20 23:29 - 2013-11-23 09:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-20 23:27 - 2013-10-12 13:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-20 23:27 - 2013-10-12 13:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-20 23:27 - 2013-10-12 13:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-02-20 23:27 - 2013-10-12 13:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-02-20 23:27 - 2013-10-12 12:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-20 23:27 - 2013-10-12 12:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-20 23:27 - 2013-10-12 12:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-02-20 23:27 - 2013-10-12 12:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-02-13 13:43 - 2013-12-06 13:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 13:43 - 2013-12-06 13:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 13:43 - 2013-12-06 13:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 13:43 - 2013-12-06 13:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 13:43 - 2013-12-04 13:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 13:43 - 2013-12-04 13:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 13:43 - 2013-12-04 13:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 13:43 - 2013-12-04 13:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 13:43 - 2013-12-04 13:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 13:43 - 2013-12-04 13:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 13:43 - 2013-12-04 13:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 13:43 - 2013-12-04 13:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 13:43 - 2013-12-04 13:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 13:43 - 2013-12-04 13:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 13:43 - 2013-12-04 13:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 13:43 - 2013-12-04 13:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 13:43 - 2013-12-04 13:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 13:43 - 2013-12-04 13:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 13:43 - 2013-12-04 12:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 13:43 - 2013-12-04 12:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 13:43 - 2013-12-04 12:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 13:43 - 2013-12-04 12:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 13:43 - 2013-11-24 05:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-02-13 13:43 - 2013-11-24 04:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-02-13 13:43 - 2013-10-30 13:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-02-13 13:43 - 2013-10-30 13:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-02-13 13:43 - 2013-10-19 13:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-13 13:43 - 2013-10-19 12:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-02-13 13:43 - 2013-10-04 13:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-13 13:43 - 2013-10-04 12:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-13 13:42 - 2013-11-12 13:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-02-13 13:42 - 2013-11-12 13:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-02-13 13:41 - 2013-11-26 22:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-02-13 13:41 - 2013-11-26 21:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-11 18:03 - 2014-02-11 18:03 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-01 22:03 - 2013-11-27 12:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-02-01 22:03 - 2013-11-27 12:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-02-01 22:03 - 2013-11-27 12:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-02-01 22:03 - 2013-11-27 12:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-02-01 22:03 - 2013-11-27 12:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-02-01 22:03 - 2013-11-27 12:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-02-01 22:03 - 2013-11-27 12:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-30 18:02 - 2014-01-30 18:02 - 00567104 _____ () C:\Windows\Minidump\013014-18220-01.dmp
 
==================== One Month Modified Files and Folders =======
 
2014-02-26 17:14 - 2014-02-26 17:13 - 00016479 _____ () C:\Users\xreynex\Downloads\FRST.txt
2014-02-26 17:13 - 2014-02-26 17:12 - 00000000 ____D () C:\FRST
2014-02-26 17:12 - 2014-02-26 17:10 - 02155520 _____ (Farbar) C:\Users\xreynex\Downloads\FRST64.exe
2014-02-26 17:08 - 2009-07-14 15:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-26 17:08 - 2009-07-14 15:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-26 17:07 - 2009-07-14 16:10 - 01516787 _____ () C:\Windows\WindowsUpdate.log
2014-02-26 17:06 - 2011-07-12 21:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-02-26 17:04 - 2013-11-04 20:08 - 00000498 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-02-26 17:04 - 2011-10-15 13:36 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-26 17:04 - 2010-12-29 00:01 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2014-02-26 17:04 - 2010-12-29 00:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2014-02-26 17:04 - 2010-12-28 23:43 - 00000000 ____D () C:\Program Files (x86)\AlienRespawn
2014-02-26 17:01 - 2013-05-22 23:51 - 00036590 _____ () C:\Windows\setupact.log
2014-02-26 17:01 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 22:18 - 2011-01-07 12:35 - 00000000 ____D () C:\Users\xreynex\AppData\Roaming\Skype
2014-02-24 21:48 - 2013-08-18 17:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 21:33 - 2011-10-15 13:36 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 18:00 - 2013-11-04 20:09 - 00000472 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2014-02-24 17:15 - 2011-05-30 16:02 - 00000000 ____D () C:\Users\xreynex\AppData\Local\PokerStars
2014-02-23 19:09 - 2014-02-23 19:00 - 00011159 _____ () C:\Users\xreynex\Desktop\attach.txt
2014-02-23 19:07 - 2014-02-23 19:00 - 00024355 _____ () C:\Users\xreynex\Desktop\dds.txt
2014-02-23 18:59 - 2014-02-23 18:59 - 00688992 ____R (Swearware) C:\Users\xreynex\Downloads\dds.com
2014-02-23 18:03 - 2011-02-15 23:01 - 00000000 ____D () C:\Users\xreynex\AppData\Roaming\uTorrent
2014-02-23 18:01 - 2011-05-29 11:50 - 00000000 ____D () C:\Users\xreynex\AppData\Roaming\go
2014-02-23 15:35 - 2014-02-23 15:35 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-23 15:35 - 2014-02-23 15:35 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-23 15:35 - 2014-02-23 15:35 - 00000000 ____D () C:\Program Files\iTunes
2014-02-23 15:35 - 2014-02-23 15:35 - 00000000 ____D () C:\Program Files\iPod
2014-02-23 15:35 - 2014-02-23 15:35 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-23 15:32 - 2011-04-21 13:02 - 00000000 ____D () C:\ProgramData\Apple
2014-02-23 02:31 - 2013-11-15 20:54 - 00000000 ____D () C:\Users\xreynex\AppData\Local\Battle.net
2014-02-23 00:46 - 2014-02-23 00:46 - 00002962 _____ () C:\Windows\System32\Tasks\{69914892-1CEE-4BA9-AC0C-1C04CA653E81}
2014-02-22 14:09 - 2014-02-22 14:09 - 00010477 _____ () C:\Users\xreynex\Documents\Uninstall STAR WARS The Old Republic.log
2014-02-22 13:44 - 2013-05-22 23:50 - 00222736 _____ () C:\Windows\PFRO.log
2014-02-22 13:29 - 2011-05-23 19:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-22 13:13 - 2013-11-04 20:19 - 00000210 _____ () C:\0.bak
2014-02-22 12:49 - 2014-02-22 12:49 - 00000000 ____D () C:\ProgramData\GridinSoft
2014-02-22 12:49 - 2014-02-22 12:49 - 00000000 ____D () C:\Program Files\GridinSoft Trojan Killer
2014-02-22 12:49 - 2014-02-22 12:48 - 41290192 _____ (GridinSoft LLC) C:\Users\xreynex\Downloads\gtk-2.2.1.7-setup.exe
2014-02-22 12:49 - 2011-11-06 09:45 - 00000946 _____ () C:\Users\Public\Desktop\Trojan Killer.lnk
2014-02-21 21:48 - 2013-08-18 17:19 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 21:48 - 2013-08-18 17:19 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 21:48 - 2011-06-26 07:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 15:36 - 2013-11-09 07:19 - 00002185 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-02-21 11:50 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2014-02-21 09:59 - 2014-02-21 09:59 - 00000000 ____D () C:\Program Files (x86)\AMD APP
2014-02-21 09:58 - 2013-05-22 23:04 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-02-21 09:55 - 2014-02-21 09:55 - 26181632 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2014-02-21 09:55 - 2014-02-21 09:55 - 19753984 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2014-02-21 09:55 - 2014-02-21 09:55 - 16090624 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2014-02-21 09:55 - 2014-02-21 09:55 - 02631008 _____ () C:\Windows\system32\atiumd6a.cap
2014-02-21 09:55 - 2014-02-21 09:55 - 01120768 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6v.dll
2014-02-21 09:55 - 2014-02-21 09:55 - 00236544 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2014-02-21 09:55 - 2013-03-29 13:36 - 06800896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2014-02-21 09:55 - 2010-12-29 15:01 - 07431680 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2014-02-21 09:55 - 2010-12-29 15:01 - 06203392 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2014-02-21 09:55 - 2010-12-29 15:01 - 04795904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2014-02-21 09:55 - 2010-12-29 15:01 - 04731904 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2014-02-21 09:54 - 2014-02-21 09:55 - 13764096 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2014-02-21 09:54 - 2014-02-21 09:55 - 11174400 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2014-02-21 09:54 - 2014-02-21 09:55 - 02664704 _____ () C:\Windows\SysWOW64\atiumdva.cap
2014-02-21 09:54 - 2014-02-21 09:55 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2014-02-21 09:54 - 2014-02-21 09:55 - 00003917 _____ () C:\Windows\SysWOW64\atipblag.dat
2014-02-21 09:54 - 2014-02-21 09:55 - 00003917 _____ () C:\Windows\system32\atipblag.dat
2014-02-21 09:54 - 2013-03-29 13:37 - 00041984 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2014-02-21 09:54 - 2010-12-29 15:01 - 00909312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2014-02-21 09:54 - 2010-12-29 15:01 - 00064000 _____ (AMD) C:\Windows\system32\coinst.dll
2014-02-21 09:54 - 2010-12-29 15:01 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2014-02-21 09:54 - 2010-12-29 15:01 - 00032256 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 01831424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdmv.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 00343040 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2014-02-21 09:53 - 2014-02-21 09:55 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODE.exe
2014-02-21 09:53 - 2014-02-21 09:55 - 00120320 _____ (AMD) C:\Windows\system32\atitmm64.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 00053760 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIODCLI.exe
2014-02-21 09:53 - 2014-02-21 09:55 - 00051200 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 00021504 _____ (AMD) C:\Windows\system32\atimuixx.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 00017408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2014-02-21 09:53 - 2014-02-21 09:55 - 00014848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2014-02-21 09:53 - 2010-12-29 15:01 - 07479296 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2014-02-21 09:53 - 2010-12-29 15:01 - 01067520 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2014-02-21 09:53 - 2010-12-29 15:01 - 00044544 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00601728 _____ () C:\Windows\system32\atiicdxx.dat
2014-02-21 09:52 - 2014-02-21 09:55 - 00503808 _____ (AMD) C:\Windows\system32\atieclxx.exe
2014-02-21 09:52 - 2014-02-21 09:55 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\ATIDEMGX.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00360448 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00245896 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2014-02-21 09:52 - 2014-02-21 09:55 - 00245896 _____ () C:\Windows\system32\atiapfxx.blb
2014-02-21 09:52 - 2014-02-21 09:55 - 00159744 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2014-02-21 09:52 - 2014-02-21 09:55 - 00059392 _____ (ATI Technologies, Inc.) C:\Windows\system32\atiedu64.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00054784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00046080 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00044544 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00044032 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00043520 _____ (ATI Technologies, Inc.) C:\Windows\SysWOW64\ati2edxx.dll
2014-02-21 09:52 - 2014-02-21 09:55 - 00038159 _____ () C:\Windows\atiogl.xml
2014-02-21 09:52 - 2014-02-21 09:55 - 00033280 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2014-02-21 09:52 - 2013-03-29 12:10 - 00514560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2014-02-21 09:43 - 2009-07-14 16:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 09:37 - 2009-07-14 16:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-02-20 23:48 - 2009-07-14 15:45 - 00435992 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-20 23:44 - 2013-10-12 12:33 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-20 23:35 - 2013-10-04 19:56 - 00766376 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-20 23:33 - 2011-04-29 14:11 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-20 23:31 - 2014-01-17 23:16 - 00000000 ____D () C:\Users\xreynex\AppData\Local\genienext
2014-02-20 19:28 - 2011-10-15 13:36 - 00003896 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-20 19:28 - 2011-10-15 13:36 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-13 13:31 - 2011-03-02 22:10 - 00000000 ____D () C:\Program Files (x86)\LowerPing
2014-02-11 22:59 - 2012-01-05 01:28 - 00016640 _____ (Windows ® Win 7 DDK provider) C:\Windows\system32\Drivers\gtkdrv.sys
2014-02-11 18:03 - 2014-02-11 18:03 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-11 18:03 - 2013-08-18 17:19 - 00001933 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-06 23:16 - 2014-02-20 23:32 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 22:30 - 2014-02-20 23:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 22:30 - 2014-02-20 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 22:12 - 2014-02-20 23:32 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 22:07 - 2014-02-20 23:32 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 22:06 - 2014-02-20 23:32 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 21:57 - 2014-02-20 23:32 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 21:56 - 2014-02-20 23:32 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 21:52 - 2014-02-20 23:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 21:49 - 2014-02-20 23:32 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 21:48 - 2014-02-20 23:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 21:48 - 2014-02-20 23:32 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 21:38 - 2014-02-20 23:32 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 21:32 - 2014-02-20 23:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 21:20 - 2014-02-20 23:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 21:17 - 2014-02-20 23:32 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 21:11 - 2014-02-20 23:32 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 21:01 - 2014-02-20 23:32 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 21:00 - 2014-02-20 23:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 20:57 - 2014-02-20 23:32 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 20:57 - 2014-02-20 23:32 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 20:52 - 2014-02-20 23:32 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 20:52 - 2014-02-20 23:32 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 20:50 - 2014-02-20 23:32 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 20:49 - 2014-02-20 23:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 20:47 - 2014-02-20 23:32 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 20:46 - 2014-02-20 23:32 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 20:25 - 2014-02-20 23:32 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 20:25 - 2014-02-20 23:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 20:24 - 2014-02-20 23:32 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 20:22 - 2014-02-20 23:32 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 20:13 - 2014-02-20 23:32 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 20:09 - 2014-02-20 23:32 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 20:03 - 2014-02-20 23:32 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 19:55 - 2014-02-20 23:32 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 19:41 - 2014-02-20 23:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 19:40 - 2014-02-20 23:32 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 19:36 - 2014-02-20 23:32 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 19:34 - 2014-02-20 23:32 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-06 17:35 - 2014-01-23 17:14 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-02-04 19:09 - 2011-01-10 11:54 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-01 18:07 - 2011-01-07 12:35 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-01 18:07 - 2011-01-07 12:35 - 00000000 ____D () C:\ProgramData\Skype
2014-01-30 18:02 - 2014-01-30 18:02 - 00567104 _____ () C:\Windows\Minidump\013014-18220-01.dmp
2014-01-30 18:02 - 2011-06-21 23:15 - 00000000 ____D () C:\Windows\Minidump
 
Files to move or delete:
====================
C:\Users\xreynex\taskmgr.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-21 11:42
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-02-2014
Ran by xreynex at 2014-02-26 17:15:09
Running from C:\Users\xreynex\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
 
==================== Installed Programs ======================
 
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
AlienRespawn - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Alienware)
AlienRespawn (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Alienware)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.923.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{9AB0D5B6-4779-8C4F-CA91-A1FEDB56D7EC}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0803.2124 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Belkin USB Wireless Adaptor (HKLM-x32\...\InstallShield_{6E016C56-820F-4B2D-A36F-34CCADF90C16}) (Version: 1.0.0.06 - Belkin)
Belkin USB Wireless Adaptor (x32 Version: 1.0.0.06 - Belkin) Hidden
Blood Bowl: Legendary Edition (HKLM-x32\...\Steam App 58520) (Version:  - Cyanide Studio)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0803.2125.36577 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0803.2125.36577 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0803.2125.36577 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0803.2125.36577 - ATI) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help English (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help English (x32 Version: 2012.0405.2204.37728 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help French (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help German (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0803.2124.36577 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0803.2125.36577 - ATI) Hidden
ccc-utility64 (Version: 2010.0803.2125.36577 - ATI) Hidden
ccc-utility64 (Version: 2012.0405.2205.37728 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.01 - Piriform)
Command Center (HKLM-x32\...\InstallShield_{AD522D37-B0FD-45A4-8695-6F24DF5336FC}) (Version: 2.6.1.0 - Alienware Corp.)
Command Center (Version: 2.6.1.0 - Alienware Corp.) Hidden
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.792 - Curse)
Defiance (HKLM-x32\...\Steam App 224600) (Version:  - )
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Beta (HKLM-x32\...\Diablo III Beta) (Version:  - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
D-Link DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version:  - D-Link)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve )
EA SPORTS Game Face Browser Plugin 1.5.3.0 (HKCU\...\EA SPORTS Game Face Browser Plugin) (Version: 1.5.3.0 - Electronic Arts)
e-tax 2013 (HKLM-x32\...\{FFF14233-FE39-4671-A38E-76FD8F24A879}) (Version: 0.8.509 - Australian Taxation Office)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 12.8.908 - McAfee, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 7.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 7.0.1 (x86 en-US)) (Version: 7.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{d82d0ca4-4db4-48f8-9650-8843b01c3e6f}) (Version:  - Nero AG)
Nero BurnRights (x32 Version: 3.4.10.100 - Nero AG) Hidden
Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 4.4.8.100 - Nero AG) Hidden
Nero CoverDesigner Help (x32 Version: 4.4.7.100 - Nero AG) Hidden
Nero DiscSpeed (x32 Version: 5.4.10.100 - Nero AG) Hidden
Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden
Nero DriveSpeed (x32 Version: 4.4.10.100 - Nero AG) Hidden
Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden
Nero Express Help (x32 Version: 9.4.13.100 - Nero AG) Hidden
Nero InfoTool (x32 Version: 6.4.10.100 - Nero AG) Hidden
Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden
Nero Rescue Agent (x32 Version: 2.4.11.100 - Nero AG) Hidden
Nero StartSmart (x32 Version: 9.4.11.100 - Nero AG) Hidden
Nero StartSmart Help (x32 Version: 9.4.11.100 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.13.100 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.4.0 - ParetoLogic, Inc.)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.46 - Razer Inc)
Razer Naga (HKLM-x32\...\{ED4108A9-60FD-4F18-AF42-122219977773}) (Version: 3.03.01 - Razer USA Ltd.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.15.4 - Razer Inc.)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6039 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
Skins (x32 Version: 2010.0803.2125.36577 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Stardock MyColors (HKLM-x32\...\Stardock MyColors) (Version: 2.7.500 - Stardock Corporation)
Stardock MyColors (x32 Version: 2.7.500 - Stardock Corporation) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
THX TruStudio PC (HKLM-x32\...\{010A785B-F920-4350-821B-6309909C20BB}) (Version: 1.0 - Creative Technology Limited)
Trojan Killer (HKLM-x32\...\GridinSoft Trojan Killer) (Version: 2.2.1.7 - GridinSoft LLC)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{A8686D24-1E89-43A1-973E-05A258D2B3F8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{18B3CF2A-73F7-4716-B1AE-86D68726D408}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (HKLM-x32\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.SingleImage_{73E67A3A-8D61-44EF-90C2-1697C3DBE668}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFB525A0-E1C0-4E32-9968-FE401BC87363}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ED31DE9A-3E13-4E2C-9106-E0D8AFFB9FA6}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B1FA5E8C-2342-45AF-8A62-5E860042F8DF}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9CFD026D-EB1C-48C2-9DD2-8E8875F251B2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D7D96A96-F61F-48AD-B2DC-4F4B6938D2AB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (HKLM-x32\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.SingleImage_{9865DC3A-2898-48D9-B96A-46397571C934}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{3EFF1957-7DEA-4C7A-8E9C-2D6D58E4B2ED}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{47894754-0FEC-4920-9A65-6C1E732587AC}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{1EEFF749-6F29-4F0B-AB08-4C6EA52AA110}) (Version:  - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{BC6DFBFD-16DD-47E1-A7EF-2C062930FA4F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{190EC86F-5867-4D7A-B9F3-D14D82C26F3D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{5DA2D071-A54C-47C0-83E5-43C63DBFD936}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2B7EA7DF-B822-4C58-B90A-961B6BAF454B}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.7.0 - Flagship Industries, Inc.)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic)
World of Logs Client (4.2) (HKCU\...\World of Logs Client (4.2)) (Version:  - Digibites Technology)
World of Warcraft Beta (HKLM-x32\...\World of Warcraft Beta) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: 0.0.0.0 - Blizzard Entertainment)
Z Engine (HKLM-x32\...\{64E47A5F-B3C4-476A-9100-2D006BD1FFB4}) (Version: 2.5.0.30_NA - Ideazon)
 
==================== Restore Points  =========================
 
13-02-2014 06:03:46 Windows Update
20-02-2014 12:30:54 Windows Update
22-02-2014 02:13:16 PC Health Advisor Backup
23-02-2014 04:33:17 Installed iTunes
23-02-2014 07:04:42 Removed Java™ 6 Update 22 (64-bit)
 
==================== Hosts content: ==========================
 
2009-07-14 13:34 - 2014-02-22 13:38 - 00000734 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {001C2600-07D4-4AAF-9819-C6147822F46B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {065E1D85-C98A-4D93-BFC8-D13432D758BF} - System32\Tasks\PC Health Advisor => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2013-02-06] (ParetoLogic, Inc.)
Task: {069C9F06-999F-4059-8F7D-DA0F6A50387A} - System32\Tasks\{69914892-1CEE-4BA9-AC0C-1C04CA653E81} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {0C5A46D8-B4E8-4841-AEFA-102F171BE12F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-15] (Google Inc.)
Task: {20348B25-4719-4905-B510-988A7B45F24D} - System32\Tasks\{3BECCF43-83FD-4975-9939-799295B2BF21} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {3012F93F-0CB0-47F3-A803-334A14BAF677} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-21] ()
Task: {4FFC768B-7A4E-4BD4-A08E-9D447961FEE0} - System32\Tasks\PC Health Advisor Defrag => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [2013-02-06] (ParetoLogic, Inc.)
Task: {602F8C3B-2C48-46E9-A9A4-F9474350F790} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-15] (Google Inc.)
Task: {77891294-9336-4E2F-8153-D8D1405127B5} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-21] ()
Task: {7927CF96-DF08-4EA4-B4BA-54A3567F9084} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8642D484-E864-44E7-8AE3-F9EA9FFEAEBE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-04-24] (Piriform Ltd)
Task: {9555CCE2-37E6-4B67-B3F6-B3B103FC1CE8} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\PC Health Advisor Defrag.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
Task: C:\Windows\Tasks\PC Health Advisor.job => C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe
 
==================== Loaded Modules (whitelisted) =============
 
2009-06-09 12:56 - 2009-06-09 12:56 - 00100656 _____ () C:\Program Files (x86)\Stardock\MyColors\WBVista.exe
2011-07-20 18:50 - 2010-06-03 14:36 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
2009-12-28 17:25 - 2009-12-28 17:25 - 00036864 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\wlansrv.exe
2010-11-05 16:42 - 2010-11-05 16:42 - 00156088 _____ () C:\Program Files\Alienware\Command Center\AlienFusionDomain.dll
2011-03-08 00:53 - 2011-03-08 00:53 - 00085944 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\AlienLabsTools\v4.0_2.6.1.0__bebb3c8816410241\AlienLabsTools.dll
2010-12-28 23:44 - 2011-08-19 02:05 - 02751808 _____ () C:\Program Files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
2009-11-25 18:45 - 2009-11-25 18:45 - 00110592 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\PBN.exe
2012-11-30 13:06 - 2012-11-30 13:06 - 01263512 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-03-08 00:53 - 2011-03-08 00:53 - 00037840 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\v4.0_2.6.1.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
2010-11-05 16:42 - 2010-11-05 16:42 - 00016832 _____ () C:\Program Files\Alienware\Command Center\AlienFusionController.exe
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-21 10:42 - 2014-02-21 10:42 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\bfd5296be62268bc7a31a424f0d1ad5f\IsdiInterop.ni.dll
2010-12-28 23:39 - 2010-03-03 23:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2009-09-15 19:17 - 2009-09-15 19:17 - 00200704 ____N () C:\Program Files (x86)\Belkin\F7D4101\V1\BelkinwcuiDLL.dll
2011-07-20 18:50 - 2011-07-20 18:50 - 00315392 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANPDApi.dll
2011-07-20 18:50 - 2010-06-29 18:23 - 00299008 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\WlanApp.dll
2012-11-30 13:07 - 2012-11-30 13:07 - 00100248 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-01-09 19:10 - 2013-12-13 09:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-09 19:10 - 2013-11-05 12:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-04-23 19:30 - 2014-02-11 13:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2011-07-14 14:34 - 2014-02-26 08:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2011-07-12 21:47 - 2014-01-11 10:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-03-17 12:54 - 2013-06-15 10:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-03-17 12:54 - 2013-06-15 10:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-03-17 12:54 - 2013-06-15 10:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-02-21 15:36 - 2014-02-20 12:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-21 15:36 - 2014-02-20 12:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-21 15:36 - 2014-02-20 12:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-21 15:36 - 2014-02-20 12:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-21 15:36 - 2014-02-20 12:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/26/2014 05:06:15 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (02/26/2014 05:05:08 PM) (Source: Application Error) (User: )
Description: Faulting application name: ThermalController.exe, version: 2.6.1.0, time stamp: 0x4cd46a23
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x1448
Faulting application start time: 0xThermalController.exe0
Faulting application path: ThermalController.exe1
Faulting module path: ThermalController.exe2
Report Id: ThermalController.exe3
 
Error: (02/26/2014 05:05:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: RzSynapse.exe, version: 1.15.4.17412, time stamp: 0x52607323
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000332b0
Faulting process id: 0x127c
Faulting application start time: 0xRzSynapse.exe0
Faulting application path: RzSynapse.exe1
Faulting module path: RzSynapse.exe2
Report Id: RzSynapse.exe3
 
Error: (02/26/2014 05:05:00 PM) (Source: .NET Runtime) (User: )
Description: Application: RzSynapse.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 77DF32B0
 
Error: (02/26/2014 05:04:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: TOASTER.EXE, version: 1.0.3.50, time stamp: 0x4e6490f9
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x%9
Faulting application start time: 0xTOASTER.EXE0
Faulting application path: TOASTER.EXE1
Faulting module path: TOASTER.EXE2
Report Id: TOASTER.EXE3
 
Error: (02/24/2014 05:15:09 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (02/24/2014 05:14:25 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (02/24/2014 05:13:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: ThermalController.exe, version: 2.6.1.0, time stamp: 0x4cd46a23
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0x15ac
Faulting application start time: 0xThermalController.exe0
Faulting application path: ThermalController.exe1
Faulting module path: ThermalController.exe2
Report Id: ThermalController.exe3
 
Error: (02/24/2014 05:13:42 PM) (Source: Application Error) (User: )
Description: Faulting application name: RzSynapse.exe, version: 1.15.4.17412, time stamp: 0x52607323
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000332cd
Faulting process id: 0x1150
Faulting application start time: 0xRzSynapse.exe0
Faulting application path: RzSynapse.exe1
Faulting module path: RzSynapse.exe2
Report Id: RzSynapse.exe3
 
Error: (02/24/2014 05:13:40 PM) (Source: .NET Runtime) (User: )
Description: Application: RzSynapse.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 76F832CD
 
 
System errors:
=============
Error: (02/26/2014 05:06:14 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (02/26/2014 05:06:14 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (02/26/2014 05:04:42 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (02/26/2014 05:02:16 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (02/26/2014 05:02:16 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (02/26/2014 05:01:45 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (02/26/2014 05:01:45 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (02/26/2014 05:01:42 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (02/26/2014 05:01:41 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
Error: (02/26/2014 05:01:39 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
 
 
Microsoft Office Sessions:
=========================
Error: (02/26/2014 05:06:15 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
Error: (02/26/2014 05:05:08 PM) (Source: Application Error)(User: )
Description: ThermalController.exe2.6.1.04cd46a23ntdll.dll6.1.7601.18247521eaf24c000037400000000000c4102144801cf32b8a306bfbbC:\Program Files\Alienware\Command Center\ThermalController.exeC:\Windows\SYSTEM32\ntdll.dllf1347521-9eab-11e3-bbee-a4badbfa229a
 
Error: (02/26/2014 05:05:03 PM) (Source: Application Error)(User: )
Description: RzSynapse.exe1.15.4.1741252607323ntdll.dll6.1.7601.18247521ea8e7c0000005000332b0127c01cf32b8969987afC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Windows\SysWOW64\ntdll.dllee08bfe4-9eab-11e3-bbee-a4badbfa229a
 
Error: (02/26/2014 05:05:00 PM) (Source: .NET Runtime)(User: )
Description: Application: RzSynapse.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 77DF32B0
 
Error: (02/26/2014 05:04:52 PM) (Source: Application Error)(User: )
Description: TOASTER.EXE1.0.3.504e6490f9unknown0.0.0.000000000c000000500000000
 
Error: (02/24/2014 05:15:09 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
Error: (02/24/2014 05:14:25 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall
 
Error: (02/24/2014 05:13:59 PM) (Source: Application Error)(User: )
Description: ThermalController.exe2.6.1.04cd46a23ntdll.dll6.1.7601.18247521eaf24c000037400000000000c410215ac01cf31278fe30ee7C:\Program Files\Alienware\Command Center\ThermalController.exeC:\Windows\SYSTEM32\ntdll.dlld8f5f0d7-9d1a-11e3-ac62-08863b466b0f
 
Error: (02/24/2014 05:13:42 PM) (Source: Application Error)(User: )
Description: RzSynapse.exe1.15.4.1741252607323ntdll.dll6.1.7601.18247521ea8e7c0000005000332cd115001cf3127839005feC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Windows\SysWOW64\ntdll.dllcf008f12-9d1a-11e3-ac62-08863b466b0f
 
Error: (02/24/2014 05:13:40 PM) (Source: .NET Runtime)(User: )
Description: Application: RzSynapse.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: exception code c0000005, exception address 76F832CD
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-05-17 11:57:57.030
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2013-05-17 11:57:56.962
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 29%
Total physical RAM: 8183.11 MB
Available physical RAM: 5764.96 MB
Total Pagefile: 16364.4 MB
Available Pagefile: 13712.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:686.99 GB) (Free:424.14 GB) NTFS
Drive d: (SC2-200-D1) (CDROM) (Total:7.8 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: B8000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
 
Thanks Reyne
 


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:57 PM

Posted 26 February 2014 - 09:36 AM

Hi Reyne,

Welcome! Here is what I would like us to do in this first post.

===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on Scan
  • Upon completion click Report
  • Review the entries and uncheck any items you would like to keep on your computer (leaving an item checked will cause its deletion)
  • Click Clean to remove the items still checked
  • Click OK twice to reboot your computer
  • Copy and paste the contents of the text file on your desktop upon reboot in your reply
  • You can also find the logfile at C:\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

screen317's Security Check

--------------------
  • Please download screen317's Security Check to your desktop
  • Double-click icon to launch the program
  • Click OK
  • Select Run
  • Press any key to start the program
  • Allow the program to run
  • A Notepad document will open on your desktop. Please copy and paste the contents in your reply
===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
C:\Users\xreynex\taskmgr.exe
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • AdwCleaner log
  • Junkware log
  • Security check log
  • Fixlog
  • How is your computer behaving now?

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Arms_warrior

Arms_warrior
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 27 February 2014 - 01:42 AM

Gary,

 

Steam doesn't seem to want to open on launch anymore. Still seems like something could be wrong.

 

Security check log didnt work see below,

  •  
  • 1 AdwCleaner log
# AdwCleaner v3.019 - Report created 27/02/2014 at 17:16:52
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : xreynex - XREYNEX-PC
# Running from : C:\Users\xreynex\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[x] Not Deleted : C:\ProgramData\ParetoLogic
[x] Not Deleted : C:\Program Files (x86)\ParetoLogic
[x] Not Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Users\xreynex\AppData\Local\genienext
Folder Deleted : C:\Users\xreynex\AppData\Local\Mobogenie
Folder Deleted : C:\Users\xreynex\AppData\Roaming\BitLord
Folder Deleted : C:\Users\xreynex\AppData\Roaming\DriverCure
[x] Not Deleted : C:\Users\xreynex\AppData\Roaming\ParetoLogic
[x] Not Deleted : C:\Users\xreynex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
Folder Deleted : C:\Users\xreynex\Documents\optimizer pro
File Deleted : C:\Users\xreynex\AppData\Roaming\Mozilla\Firefox\Profiles\tuo2xipi.default\user.js
File Deleted : C:\Windows\Tasks\paretologic registration3.job
File Deleted : C:\Windows\System32\Tasks\paretologic registration3
File Deleted : C:\Windows\Tasks\paretologic update version3.job
File Deleted : C:\Windows\System32\Tasks\paretologic update version3
File Deleted : C:\Windows\Tasks\PC Health Advisor Defrag.job
File Deleted : C:\Windows\System32\Tasks\PC Health Advisor Defrag
File Deleted : C:\Windows\Tasks\PC Health Advisor.job
File Deleted : C:\Windows\System32\Tasks\PC Health Advisor
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\InstallCore
[x] Not Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
[x] Not Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}
[x] Not Deleted : [x64] HKCU\Software\ParetoLogic
[x] Not Deleted : [x64] HKLM\SOFTWARE\ParetoLogic
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Mozilla Firefox v7.0.1 (en-US)
 
[ File : C:\Users\xreynex\AppData\Roaming\Mozilla\Firefox\Profiles\tuo2xipi.default\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.117
 
[ File : C:\Users\xreynex\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3434 octets] - [27/02/2014 17:14:02]
AdwCleaner[S0].txt - [3360 octets] - [27/02/2014 17:16:52]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3420 octets] ##########

 

 

 

 

 

  • 2 Junkware log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by xreynex on Thu 27/02/2014 at 17:24:32.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 27/02/2014 at 17:29:59.08
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
  • 3 Security check log
 UNSUPPORTED OPERATING SYSTEM! ABORTED!

 

 

 

  • 4 Fixlog
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-02-2014
Ran by xreynex at 2014-02-27 17:38:32 Run:1
Running from C:\Users\xreynex\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
C:\Users\xreynex\taskmgr.exe
*****************
 
C:\Users\xreynex\taskmgr.exe => Moved successfully.
 
==== End of Fixlog ====
 
 
Thanks 


#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:57 PM

Posted 27 February 2014 - 12:28 PM

Greetings Reyne,

These is still some stuff going on with your computer. Please run this.

===================================================

Run Combofix in Vista/7

--------------------

Combofix is a very powerful tool and special attention must be taken to allow it to work properly. Please pay careful attention to the following instructions.

sUBs, the author of Combofix, recommends you to uninstall AVG or CA Internet Security before running the program. If you have either of these programs on your computer please uninstall them using AppRemover which can be downloaded here. We will be sure to reinstall the Antivirus program once we are finished using Combofix.
  • Please download ComboFix from one of these locations:

BleepingComputer
ForoSpyware

  • Save Combofix.exe to your Desktop <-- Important!!!
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Double click on Combofix.exe and follow the prompts. It is important you do not mouseclick while the program is running or it may stall.
Note #1: Often times it may appear as if ComboFix has stopped working. To verify it is still running please do one of the following below. If, based on the below, you have concluded ComboFix has stopped running please stop and advise me.
  • Check your computer clock. If it is still running then so is ComboFix
  • Open Task Manager and select the Applications Tab. If the status of AutoScan is Running, then ComboFix is running
  • Open Task Manager and select the Processes Tab. Under Image Name look for files ending in .3xe. If there are fluctuating numbers under CPU and Mem Usage then ComboFix is running
Note #2: If you receive the following error "Illegal operation attempted on a registery key that has been marked for deletion" please just restart your computer to resolve this issue

If Combofix fails to run properly using the above instructions please attempt the following:
  • Right click on the Combofix icon on your desktop and select Delete
  • Download a new copy but rename it to freshcopy.exe first, then save it to your desktop
  • Now download RKill.exe (or RKill renamed as iExplore.exe if the first one doesn't work properly) and save it to your desktop
  • Restart your computer in Safe Mode
  • Right click on RKill (or iExplore) and select Run as Administrator. If you are using Windows XP simply double click the icon
  • A black DOS screen should flash and disappear. If not, try to launch the program with the second file. If neither works please stop and let me know
  • When RKill is finished running you will be presented with a text file and a copy will be saved on your desktop. Copy and paste the contents of this report in your reply
  • Do not reboot your computer
  • Double click the freshcopy.exe icon (renamed Combofix file)
  • When finished, it will produce a log. Please copy and paste the C:\Combofix.txt log information in your next reply
  • If you disabled your antivirus please enable it again. If you uninstalled it please wait for instructions to reinstall it
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Combofix log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Arms_warrior

Arms_warrior
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 28 February 2014 - 01:56 AM

ComboFix 14-02-24.02 - xreynex 28/02/2014  17:35:03.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.61.1033.18.8183.6044 [GMT 11:00]
Running from: c:\users\xreynex\Desktop\ComboFix.exe
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}
FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\0.bak
C:\Install.exe
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
Infected copy of c:\windows\system32\Services.exe was found and disinfected 
Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe 
.
.
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_NPF
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-28 to 2014-02-28  )))))))))))))))))))))))))))))))
.
.
2014-02-27 06:24 . 2014-02-27 06:24 -------- d-----w- c:\windows\ERUNT
2014-02-27 06:12 . 2014-02-27 06:17 -------- d-----w- C:\AdwCleaner
2014-02-26 06:12 . 2014-02-27 06:38 -------- d-----w- C:\FRST
2014-02-23 04:35 . 2014-02-23 04:35 -------- d-----w- c:\program files\iPod
2014-02-23 04:35 . 2014-02-23 04:35 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-23 04:35 . 2014-02-23 04:35 -------- d-----w- c:\program files\iTunes
2014-02-23 04:35 . 2014-02-23 04:35 -------- d-----w- c:\program files (x86)\iTunes
2014-02-22 01:49 . 2014-02-22 01:49 -------- d-----w- c:\programdata\GridinSoft
2014-02-22 01:49 . 2014-02-22 01:49 -------- d-----w- c:\program files\GridinSoft Trojan Killer
2014-02-20 22:59 . 2014-02-20 22:59 -------- d-----w- c:\program files (x86)\AMD APP
2014-02-20 12:44 . 2013-05-10 05:56 12625920 ----a-w- c:\windows\system32\wmploc.DLL
2014-02-20 12:44 . 2013-05-10 04:30 167424 ----a-w- c:\program files\Windows Media Player\wmplayer.exe
2014-02-20 12:44 . 2013-05-10 03:48 164864 ----a-w- c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-02-20 12:44 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\SysWow64\wmploc.DLL
2014-02-20 12:44 . 2013-05-10 05:56 14631424 ----a-w- c:\windows\system32\wmp.dll
2014-02-20 12:33 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-02-20 12:33 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-20 12:29 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-02-20 12:29 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-20 12:29 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-02-20 12:29 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-02-20 12:27 . 2013-10-12 02:32 150016 ----a-w- c:\windows\system32\wshom.ocx
2014-02-20 12:27 . 2013-10-12 02:31 202752 ----a-w- c:\windows\system32\scrrun.dll
2014-02-20 12:27 . 2013-10-12 02:04 121856 ----a-w- c:\windows\SysWow64\wshom.ocx
2014-02-20 12:27 . 2013-10-12 02:03 163840 ----a-w- c:\windows\SysWow64\scrrun.dll
2014-02-20 12:27 . 2013-10-12 01:33 156160 ----a-w- c:\windows\system32\cscript.exe
2014-02-20 12:27 . 2013-10-12 01:33 168960 ----a-w- c:\windows\system32\wscript.exe
2014-02-20 12:27 . 2013-10-12 01:15 141824 ----a-w- c:\windows\SysWow64\wscript.exe
2014-02-20 12:27 . 2013-10-12 01:15 126976 ----a-w- c:\windows\SysWow64\cscript.exe
2014-02-13 02:42 . 2013-11-12 02:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-02-13 02:42 . 2013-11-12 02:07 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-02-13 02:41 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-02-13 02:41 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-02-11 07:03 . 2014-02-11 07:03 -------- d-----w- c:\program files\McAfee Security Scan
2014-02-01 11:03 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-02-01 11:03 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-02-01 11:03 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-02-01 11:03 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-02-01 11:03 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-02-01 11:03 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-02-01 11:03 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-21 10:48 . 2013-08-18 06:19 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-21 10:48 . 2011-06-25 20:33 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-20 22:55 . 2010-12-29 04:01 6203392 ----a-w- c:\windows\SysWow64\atiumdag.dll
2014-02-20 22:55 . 2010-12-29 04:01 4795904 ----a-w- c:\windows\SysWow64\atiumdva.dll
2014-02-20 22:55 . 2013-03-29 02:36 6800896 ----a-w- c:\windows\SysWow64\atidxx32.dll
2014-02-20 22:55 . 2010-12-29 04:01 4731904 ----a-w- c:\windows\system32\atiumd6a.dll
2014-02-20 22:55 . 2010-12-29 04:01 7431680 ----a-w- c:\windows\system32\atiumd64.dll
2014-02-20 22:54 . 2010-12-29 04:01 32256 ----a-w- c:\windows\SysWow64\atiu9pag.dll
2014-02-20 22:54 . 2010-12-29 04:01 909312 ----a-w- c:\windows\SysWow64\aticfx32.dll
2014-02-20 22:54 . 2013-03-29 02:37 41984 ----a-w- c:\windows\SysWow64\atiuxpag.dll
2014-02-20 22:54 . 2010-12-29 04:01 64000 ----a-w- c:\windows\system32\coinst.dll
2014-02-20 22:54 . 2010-12-29 04:01 54784 ----a-w- c:\windows\system32\atiuxp64.dll
2014-02-20 22:53 . 2010-12-29 04:01 7479296 ----a-w- c:\windows\system32\atidxx64.dll
2014-02-20 22:53 . 2010-12-29 04:01 1067520 ----a-w- c:\windows\system32\aticfx64.dll
2014-02-20 22:53 . 2010-12-29 04:01 44544 ----a-w- c:\windows\system32\atiu9p64.dll
2014-02-20 22:52 . 2013-03-29 01:10 514560 ----a-w- c:\windows\system32\atiadlxx.dll
2014-02-11 11:59 . 2012-01-04 14:28 16640 ----a-w- c:\windows\system32\drivers\gtkdrv.sys
2014-02-04 08:09 . 2011-01-10 00:54 88567024 ----a-w- c:\windows\system32\MRT.exe
2013-12-17 19:13 . 2013-01-24 10:06 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-05 05:51 . 2013-11-04 05:51 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys
2013-12-05 05:45 . 2013-11-04 05:46 343696 ----a-w- c:\windows\system32\drivers\mfewfpk.sys
2013-12-05 05:44 . 2013-12-23 04:53 184800 ----a-w- c:\windows\system32\mfevtps.exe
2013-12-05 05:41 . 2013-11-04 05:43 782616 ----a-w- c:\windows\system32\drivers\mfehidk.sys
2013-12-05 05:39 . 2013-11-04 05:41 519576 ----a-w- c:\windows\system32\drivers\mfefirek.sys
2013-12-05 05:37 . 2013-11-04 05:40 311120 ----a-w- c:\windows\system32\drivers\mfeavfk.sys
2013-12-05 05:36 . 2013-11-04 05:39 179792 ----a-w- c:\windows\system32\drivers\mfeapfk.sys
2013-11-30 09:26 . 2013-11-30 09:26 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-30 09:26 . 2013-11-30 09:26 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-11-30 09:26 . 2013-11-30 09:26 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-11-30 09:26 . 2013-11-30 09:26 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-11-30 09:26 . 2013-11-30 09:26 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-11-30 09:26 . 2013-11-30 09:26 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-11-30 09:26 . 2013-11-30 09:26 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-11-30 09:26 . 2013-11-30 09:26 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-11-30 09:26 . 2013-11-30 09:26 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-11-30 09:26 . 2013-11-30 09:26 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-11-30 09:26 . 2013-11-30 09:26 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-11-30 09:26 . 2013-11-30 09:26 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-11-30 09:26 . 2013-11-30 09:26 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-11-30 09:26 . 2013-11-30 09:26 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-11-30 09:26 . 2013-11-30 09:26 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-11-30 09:26 . 2013-11-30 09:26 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-11-30 09:26 . 2013-11-30 09:26 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-11-30 09:26 . 2013-11-30 09:26 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-11-30 09:26 . 2013-11-30 09:26 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-11-30 09:26 . 2013-11-30 09:26 81408 ----a-w- c:\windows\system32\icardie.dll
2013-11-30 09:26 . 2013-11-30 09:26 774144 ----a-w- c:\windows\system32\jscript.dll
2013-11-30 09:26 . 2013-11-30 09:26 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-11-30 09:26 . 2013-11-30 09:26 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-11-30 09:26 . 2013-11-30 09:26 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-11-30 09:26 . 2013-11-30 09:26 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-11-30 09:26 . 2013-11-30 09:26 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-11-30 09:26 . 2013-11-30 09:26 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-11-30 09:26 . 2013-11-30 09:26 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-11-30 09:26 . 2013-11-30 09:26 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-11-30 09:26 . 2013-11-30 09:26 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-11-30 09:26 . 2013-11-30 09:26 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-11-30 09:26 . 2013-11-30 09:26 413696 ----a-w- c:\windows\system32\html.iec
2013-11-30 09:26 . 2013-11-30 09:26 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 09:26 . 2013-11-30 09:26 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-11-30 09:26 . 2013-11-30 09:26 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-11-30 09:26 . 2013-11-30 09:26 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-11-30 09:26 . 2013-11-30 09:26 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-11-30 09:26 . 2013-11-30 09:26 247808 ----a-w- c:\windows\system32\msls31.dll
2013-11-30 09:26 . 2013-11-30 09:26 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-11-30 09:26 . 2013-11-30 09:26 235520 ----a-w- c:\windows\system32\url.dll
2013-11-30 09:26 . 2013-11-30 09:26 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-11-30 09:26 . 2013-11-30 09:26 147968 ----a-w- c:\windows\system32\occache.dll
2013-11-30 09:26 . 2013-11-30 09:26 143872 ----a-w- c:\windows\system32\wextract.exe
2013-11-30 09:26 . 2013-11-30 09:26 13824 ----a-w- c:\windows\system32\mshta.exe
2013-11-30 09:26 . 2013-11-30 09:26 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-11-30 09:26 . 2013-11-30 09:26 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-11-30 09:26 . 2013-11-30 09:26 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-11-30 09:26 . 2013-11-30 09:26 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-11-30 09:26 . 2013-11-30 09:26 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-11-30 09:26 . 2013-11-30 09:26 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-11-30 09:26 . 2013-11-30 09:26 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-11-30 09:26 . 2013-11-30 09:26 101376 ----a-w- c:\windows\system32\inseng.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-02-25 1821888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-05 641664]
"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"D-Link D-Link Wireless N DWA-140"="c:\program files (x86)\D-Link\DWA-140 revB\AirNCFG.exe" [2010-06-30 1024000]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-05 43848]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"Razer Naga Driver"="c:\program files (x86)\Razer\Naga\RazerNagaSysTray.exe" [2011-11-16 953232]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-24 421888]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2012-11-13 450560]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2012-11-30 1263512]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-10-17 442200]
"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-24 537512]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-05 152392]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Belkin USB Wireless Adaptor Utility.lnk - c:\program files (x86)\Belkin\F7D4101\V1\PBN.exe [2009-11-25 110592]
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
Stardock MyColors.lnk - c:\program files (x86)\Stardock\MyColors\SDDelayedLaunch.exe "Stardock MyColors" AlienwareBREED "c:\program files (x86)\Stardock\MyColors\Loader.exe" [2009-12-16 11520]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R2 AlienFusionService;Alienware Fusion Service;c:\program files\Alienware\Command Center\AlienFusionService.exe;c:\program files\Alienware\Command Center\AlienFusionService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WLANBelkinService;Belkin WLAN service;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe;c:\program files (x86)\Belkin\F7D4101\V1\wlansrv.exe [x]
R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]
R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 RzSynapse;Razer Driver;c:\windows\system32\DRIVERS\RzSynapse.sys;c:\windows\SYSNATIVE\DRIVERS\RzSynapse.sys [x]
R3 SSMO3v2Filter;MMO3v2 Mouse;c:\windows\system32\drivers\MO3v2Driver.sys;c:\windows\SYSNATIVE\drivers\MO3v2Driver.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 TrojanKillerDriver;GridinSoft Trojan Killer Driver;c:\windows\system32\DRIVERS\gtkdrv.sys;c:\windows\SYSNATIVE\DRIVERS\gtkdrv.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 McOobeSv;McAfee OOBE Service;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\McSvcHost\McSvHost.exe [x]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]
S0 RzFilter;RzFilter;c:\windows\system32\drivers\RzFilter.sys;c:\windows\SYSNATIVE\drivers\RzFilter.sys [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 D-Link Wireless N DWA-140_WPS;D-Link Wireless N DWA-140_WPS Service;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [x]
S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]
S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]
S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [x]
S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]
S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 RzOvlMon;Razer Overlay Subsystem Emergency Service;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe;c:\program files (x86)\Razer\Core\64bit\rzovlmon.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\AlienRespawn\sftservice.EXE;c:\program files (x86)\AlienRespawn\sftservice.EXE [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 BCMH43XX;N+ Wireless USB Adapter Driver;c:\windows\system32\DRIVERS\bcmwlhigh664.sys;c:\windows\SYSNATIVE\DRIVERS\bcmwlhigh664.sys [x]
S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]
S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]
S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]
S3 mio;Master IO Filter Driver;c:\windows\system32\DRIVERS\mio.sys;c:\windows\SYSNATIVE\DRIVERS\mio.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RzDxgk;RzDxgk;c:\windows\system32\drivers\RzDxgk.sys;c:\windows\SYSNATIVE\drivers\RzDxgk.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Keyboard Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-02-21 04:35 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.117\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-18 10:48]
.
2014-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-15 02:36]
.
2014-02-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-15 02:36]
.
2014-02-28 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20 20:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-02-03 10038304]
"Command Center Controllers"="c:\program files\Alienware\Command Center\AWCCStartupOrchestrator.exe" [2010-11-05 13256]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
uDefault_Search_URL = hxxp://go.microsoft.com
mDefault_Search_URL = hxxp://go.microsoft.com
mDefault_Page_URL = about:blank
mStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://go.microsoft.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
Trusted Zone: gdpgold.com
Trusted Zone: gdpgold.com\www
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\xreynex\AppData\Roaming\Mozilla\Firefox\Profiles\tuo2xipi.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-World of Logs Client (4.2) - c:\windows\system32\javaws.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\AlienRespawn\COMPONENTS\SCHEDULER\STSERVICE.EXE
c:\program files (x86)\AlienRespawn\Components\DSUpdate\DSUpd.exe
.
**************************************************************************
.
Completion time: 2014-02-28  17:53:18 - machine was rebooted
ComboFix-quarantined-files.txt  2014-02-28 06:53
.
Pre-Run: 456,452,464,640 bytes free
Post-Run: 456,081,657,856 bytes free
.
- - End Of File - - E54504AE1B90ECD95941F253C6E26745
 


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:57 PM

Posted 28 February 2014 - 11:13 AM

How is your computer behaving now?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 Arms_warrior

Arms_warrior
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 01 March 2014 - 11:42 PM

Gary,

 

It seems to be running alot better now.

 

Just when I turned comp on and was at password/windows logon screen it froze and I had to restart.

 

Could it be a video card problem?
 



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:57 PM

Posted 02 March 2014 - 04:14 PM

Combofix fixed a critical file corruption for us.

Yes the video card drivers is one possibility. Let's see if the below report can narrow things down for us.

===================================================

BlueScreenView

----------
  • Download BlueScreenView and save it to your desktop
  • Double click the BlueScreenView.exe file then click OK
  • Select Run, Next, then Next again
  • Click Install
  • When the scanning is complete, select Edit and Select All
  • Then click File and Save Selected Items
  • Save the report as BSOD.txt
  • Open BSOD.txt in Notepad, copy the entire content and paste it into your next reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • BSOD log

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 Arms_warrior

Arms_warrior
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 03 March 2014 - 02:39 AM

==================================================
Dump File         : 013014-18220-01.dmp
Crash Time        : 30/01/2014 6:00:40 PM
Bug Check String  : 
Bug Check Code    : 0x00000116
Parameter 1       : fffffa80`0bcbe4e0
Parameter 2       : fffff880`02e06dcc
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000002
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+5d140
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\013014-18220-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 567,104
Dump File Time    : 30/01/2014 6:02:24 PM
==================================================
 
==================================================
Dump File         : 012314-14180-01.dmp
Crash Time        : 23/01/2014 5:02:15 PM
Bug Check String  : 
Bug Check Code    : 0x00000116
Parameter 1       : fffffa80`07f934e0
Parameter 2       : fffff880`02e4cdcc
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000002
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+5d140
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\012314-14180-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 563,576
Dump File Time    : 23/01/2014 5:03:50 PM
==================================================
 
==================================================
Dump File         : 012214-15522-01.dmp
Crash Time        : 22/01/2014 5:15:31 PM
Bug Check String  : SYSTEM_THREAD_EXCEPTION_NOT_HANDLED
Bug Check Code    : 0x1000007e
Parameter 1       : ffffffff`c0000094
Parameter 2       : fffff880`059416d5
Parameter 3       : fffff880`070a4fb8
Parameter 4       : fffff880`070a4810
Caused By Driver  : atikmdag.sys
Caused By Address : atikmdag.sys+2f81ba
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : atikmdag.sys+dc6d5
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\012214-15522-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,784
Dump File Time    : 22/01/2014 5:17:40 PM
==================================================
 
==================================================
Dump File         : 121413-20514-01.dmp
Crash Time        : 14/12/2013 11:56:03 AM
Bug Check String  : 
Bug Check Code    : 0x00000116
Parameter 1       : fffffa80`07fe5010
Parameter 2       : fffff880`09e06dcc
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000002
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+5d140
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\121413-20514-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 566,800
Dump File Time    : 14/12/2013 11:58:13 AM
==================================================
 
==================================================
Dump File         : 120913-18642-01.dmp
Crash Time        : 9/12/2013 6:19:04 PM
Bug Check String  : 
Bug Check Code    : 0x00000119
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`00000299
Parameter 3       : 00000000`000003b6
Parameter 4       : 00000000`000003b5
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+122f
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\120913-18642-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,784
Dump File Time    : 9/12/2013 6:20:58 PM
==================================================
 
==================================================
Dump File         : 120813-16270-01.dmp
Crash Time        : 8/12/2013 2:45:34 PM
Bug Check String  : 
Bug Check Code    : 0x00000119
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`0000025c
Parameter 3       : 00000000`0000025e
Parameter 4       : 00000000`0000025d
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+122f
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\120813-16270-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,784
Dump File Time    : 8/12/2013 2:49:02 PM
==================================================
 
==================================================
Dump File         : 120213-22214-01.dmp
Crash Time        : 2/12/2013 8:14:15 PM
Bug Check String  : 
Bug Check Code    : 0x00000116
Parameter 1       : fffffa80`06fe2010
Parameter 2       : fffff880`04e06dcc
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000002
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+5d140
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\120213-22214-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 566,792
Dump File Time    : 2/12/2013 8:23:55 PM
==================================================
 
==================================================
Dump File         : 120113-16270-01.dmp
Crash Time        : 1/12/2013 2:35:07 PM
Bug Check String  : 
Bug Check Code    : 0x00000117
Parameter 1       : fffffa80`0e348010
Parameter 2       : fffff880`04c4cdcc
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+1f8a0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : watchdog.sys+a577
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\120113-16270-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 1,691,689
Dump File Time    : 1/12/2013 2:35:07 PM
==================================================
 
==================================================
Dump File         : 111413-19219-01.dmp
Crash Time        : 14/11/2013 6:06:55 PM
Bug Check String  : 
Bug Check Code    : 0xa0000001
Parameter 1       : 00000000`00000005
Parameter 2       : 00000000`00000000
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : atikmdag.sys
Caused By Address : atikmdag.sys+23c5c
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\111413-19219-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,728
Dump File Time    : 14/11/2013 6:08:11 PM
==================================================
 
==================================================
Dump File         : 102213-17612-01.dmp
Crash Time        : 22/10/2013 6:21:52 PM
Bug Check String  : 
Bug Check Code    : 0x00000117
Parameter 1       : fffffa80`07490130
Parameter 2       : fffff880`04150cf0
Parameter 3       : 00000000`00000000
Parameter 4       : 00000000`00000000
Caused By Driver  : dxgkrnl.sys
Caused By Address : dxgkrnl.sys+1f8a0
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : watchdog.sys+a577
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\102213-17612-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 839,972
Dump File Time    : 22/10/2013 6:21:52 PM
==================================================
 
==================================================
Dump File         : 072113-21637-01.dmp
Crash Time        : 21/07/2013 6:44:10 PM
Bug Check String  : 
Bug Check Code    : 0x00000119
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`000016d7
Parameter 3       : 00000000`000016d9
Parameter 4       : 00000000`000016d8
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+122f
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75c00
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\072113-21637-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,672
Dump File Time    : 21/07/2013 6:45:23 PM
==================================================
 
==================================================
Dump File         : 071713-15553-01.dmp
Crash Time        : 17/07/2013 7:01:06 PM
Bug Check String  : 
Bug Check Code    : 0x00000119
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`0000817e
Parameter 3       : 00000000`00008180
Parameter 4       : 00000000`0000817f
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+122f
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75c00
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\071713-15553-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,672
Dump File Time    : 17/07/2013 7:02:05 PM
==================================================
 
==================================================
Dump File         : 071013-18314-01.dmp
Crash Time        : 10/07/2013 7:15:49 PM
Bug Check String  : 
Bug Check Code    : 0x00000119
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`00013ab8
Parameter 3       : 00000000`00013aba
Parameter 4       : 00000000`00013ab9
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+122f
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75c00
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\071013-18314-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,672
Dump File Time    : 10/07/2013 7:17:07 PM
==================================================
 
==================================================
Dump File         : 070713-15678-01.dmp
Crash Time        : 7/07/2013 6:33:40 PM
Bug Check String  : 
Bug Check Code    : 0x00000119
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`0000054e
Parameter 3       : 00000000`00000550
Parameter 4       : 00000000`0000054f
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+122f
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75c00
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\070713-15678-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,672
Dump File Time    : 7/07/2013 6:34:43 PM
==================================================
 
==================================================
Dump File         : 060913-35615-01.dmp
Crash Time        : 9/06/2013 10:08:48 PM
Bug Check String  : 
Bug Check Code    : 0x00000119
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`0000098e
Parameter 3       : 00000000`00000990
Parameter 4       : 00000000`0000098f
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+122f
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75c00
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\060913-35615-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,672
Dump File Time    : 9/06/2013 10:10:36 PM
==================================================
 
==================================================
Dump File         : 052813-23758-01.dmp
Crash Time        : 28/05/2013 5:25:16 AM
Bug Check String  : 
Bug Check Code    : 0x00000119
Parameter 1       : 00000000`00000001
Parameter 2       : 00000000`00003417
Parameter 3       : 00000000`00003419
Parameter 4       : 00000000`00003418
Caused By Driver  : watchdog.sys
Caused By Address : watchdog.sys+122f
File Description  : 
Product Name      : 
Company           : 
File Version      : 
Processor         : x64
Crash Address     : ntoskrnl.exe+75c00
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\052813-23758-01.dmp
Processors Count  : 8
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 274,672
Dump File Time    : 28/05/2013 5:26:37 AM
==================================================
 


#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:57 PM

Posted 03 March 2014 - 03:47 PM

Thanks for the information.

Are you continuing to get a Blue Screen? Please attach the following file to your reply:

C:\Windows\Minidump\013014-18220-01.dmp
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 Arms_warrior

Arms_warrior
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:57 AM

Posted 05 March 2014 - 02:13 AM

Not as much it just freezes no blue screen.

 

It won't let me attach the file says I need permission??

 



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:57 PM

Posted 05 March 2014 - 08:54 AM

Please try to zip the file and attach it. In addition do this.

===================================================

Event Viewer Critical Information Windows 8/7/Vista

--------------------
  • Press windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type eventvwr.msc and press Enter
  • Click on the arrow to the left of Windows Logs to expand the category
  • Left click on System
  • On the right hand side of the screen click Filter Current Log...
  • Select Critical, then click OK
  • Select Save Filtered Log File As...
  • Under File Name: please type System then save it to your desktop
  • Left click on Application and repeat the above steps saving the file as Application
  • Zip the files and upload them here
  • I will be automatically notified when the file has been successfully uploaded
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Zipped and attached Minidump file
  • Uploaded Event Viewer files

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 35,588 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:12:57 PM

Posted 09 March 2014 - 01:55 PM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.

  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users