Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help removing virus, malware, or any spyware on my laptop


  • This topic is locked This topic is locked
13 replies to this topic

#1 ReFx

ReFx

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 24 February 2014 - 03:40 AM

Please help me remove whatever my laptop has, I already tried download many tools to remove them....still no luck, I have pop up ads every link I click on. Ads on every window and computer running really slow...

 

here is my DSS Log, thanks

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16533  BrowserJavaVersion: 10.25.2
Run by Owner at 0:24:28 on 2014-02-24
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.4062.1937 [GMT -8:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\MyPC Backup\BackupStack.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
C:\Program Files (x86)\PasswordBox\pbbtnService.exe
C:\Program Files (x86)\SMINST\BLService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Users\Owner\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Program Files (x86)\Webinternetsecurity\WebInternetSecurity.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
uProxyServer = hxxp=127.0.0.1:49186;https=127.0.0.1:49186
uProxyOverride = <-loopback>
uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
uURLSearchHooks: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - <orphaned>
uURLSearchHooks: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
uURLSearchHooks: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll
mURLSearchHooks: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
mURLSearchHooks: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
mWinlogon: Userinit = userinit.exe,
BHO: ScorpionSaver: {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
BHO: Re-Markable: {9ddae43c-ffb2-482c-a6f9-62226370db49} - C:\Program Files (x86)\Re-Markable\150.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll
BHO: Microsoft Live Search Toolbar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - LocalServer32 - <no file>
TB: MixiDJ V37 Toolbar: {EEF3855C-FC2D-41E6-8D91-D368F51B3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: Connect DLC 5 Toolbar: {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll
TB: Microsoft Live Search Toolbar: {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
TB: AVG SafeGuard toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll
TB: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: Connect DLC 5 Toolbar: {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll
uRun: [SearchProtection] "C:\Users\Owner\AppData\Roaming\Search Protection\SearchProtection.EXE" /autostart
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
mRun: [WebInternetSecurity] "C:\Program Files (x86)\Webinternetsecurity\WebInternetSecurity.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office14\EXCEL.EXE/3000
IE: Save YouTube Video as MP3 - <no file>
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~2\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: {5D6F45B3-9043-443D-A792-115447494D24} - hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{62FD19B9-8A67-41F4-94D3-3DED8F6BE748} : DHCPNameServer = 192.168.2.1
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: SDWinLogon - SDWinLogon.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
IFEO: bigcityadventuresf-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: blackhawk2-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: blasterball3-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: buildalot2-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO: chuzzle-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
x64-mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
x64-BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-IFEO: bigcityadventuresf-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: blackhawk2-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: blasterball3-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: buildalot2-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
x64-IFEO: chuzzle-wt.exe - "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
.
Note: multiple IFEO entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&CUI=UN15881181061475894&UM=2&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Yahoo!
FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com?cid={687D9572-7EEC-484A-B8D9-B09382673C0B}&mid=49d855982826374bb6767a000dd7667e-3c8cd7eb87df913e224d8775c9b186ff128fa5db&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 16:19:00&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF - component: C:\Program Files (x86)\AVG\AVG8\Firefox\components\avgssff.dll
FF - component: C:\Program Files (x86)\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils3.dll
FF - component: C:\Program Files (x86)\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\IGeared_tavgp_xputils35.dll
FF - component: C:\Program Files (x86)\AVG\AVG8\Toolbar\Firefox\avg@igeared\components\xpavgtbapi.dll
FF - component: C:\Program Files (x86)\Common Files\DVDVideoSoft\Dll\FFContextMenuY\components\FFContextMenu.dll
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: !HIDDEN! 2009-09-07 10:39; {20a82645-c095-46ed-80e3-08825760534b}; c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.homepage.dontask - true);user_pref(network.protocol-handler.warn-external.dnupdate, false
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-11-10 55280]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2013-5-2 46368]
R2 {55662437-DA8C-40c0-AADA-2C816A897A49};{55662437-DA8C-40c0-AADA-2C816A897A49};C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [2008-9-26 27632]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 BackupStack;Computer Backup (MyPC Backup);C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2013-9-19 38440]
R2 FontCache;Windows Font Cache Service;C:\Windows\System32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2008-3-18 30520]
R2 Level Quality Watcher;Level Quality Watcher;C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010010000000000000000000000 sourceguid=BBA5481A-926B-4561-BD79-249F618495E6 --> C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe run options=01110010010000000000000000000000 sourceguid=BBA5481A-926B-4561-BD79-249F618495E6 [?]
R2 PasswordBox;PasswordBox;C:\Program Files (x86)\PasswordBox\pbbtnService.exe [2013-9-24 67584]
R2 Recovery Service for Windows;Recovery Service for Windows;C:\Program Files (x86)\SMINST\BLService.exe [2008-10-19 365904]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-10-9 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-10-9 1033688]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-10-9 171928]
R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-1-31 2148664]
R2 vToolbarUpdater17.3.0;vToolbarUpdater17.3.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [2014-1-7 1771544]
R3 enecir;ENE CIR Receiver;C:\Windows\System32\drivers\enecir.sys [2008-4-28 64000]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2008-11-17 4751360]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 BEHRINGER_2902;usb-audio.de driver for BEHRINGER USB AUDIO;C:\Windows\System32\drivers\BUSB2902.sys [2013-6-1 460864]
S3 BUSB_AUDIO_WDM;BEHRINGER USB WDM AUDIO;C:\Windows\System32\drivers\busbwdm.sys [2013-6-1 49728]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-15 99384]
S3 ffusb2audio;Focusrite USB 2.0 Audio Driver;C:\Windows\System32\drivers\ffusb2audio.sys [2013-9-5 125304]
S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2008-7-21 145496]
S3 MAUSBFASTTRACK;Service for M-Audio FastTrack;C:\Windows\System32\drivers\MAudioFastTrack.sys [2010-12-7 187912]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [2012-9-5 234776]
S3 NETw3v64;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw3v64.sys [2008-1-20 3154432]
S3 PerfHost;Performance Counter DLL Host;C:\Windows\SysWOW64\perfhost.exe [2008-1-20 19968]
S3 pneteth;PdaNet Broadband;C:\Windows\System32\drivers\pneteth.sys [2011-8-29 15360]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-15 203320]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2013-9-11 1012344]
S3 yukonx64;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk60x64.sys [2006-11-2 273408]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2009-9-17 89920]
S4 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2008-10-19 193840]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]
S4 TVCapSvc;TV Background Capture Service (TVBCS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [2008-9-24 296320]
S4 TVSched;TV Task Scheduler (TVTS);C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [2008-9-24 116096]
.
=============== File Associations ===============
.
.js: <filetype is not registered>
FileExt: .jse: JSEFile=C:\Windows\SysWOW64\WScript.exe "%1" %*
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2014-02-21 06:29:40    71048    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-02-21 06:29:40    692616    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-02-19 05:04:50    142336    ----a-w-    C:\PDG GOLD NCO - 2013.exe
2014-02-15 18:51:56    88567024    ----a-w-    C:\Windows\System32\mrt.exe
2014-02-05 10:19:13    17849344    ----a-w-    C:\Windows\System32\mshtml.dll
2014-02-05 10:02:21    10926080    ----a-w-    C:\Windows\System32\ieframe.dll
2014-02-05 10:00:21    2334720    ----a-w-    C:\Windows\System32\jscript9.dll
2014-02-05 09:54:37    1347072    ----a-w-    C:\Windows\System32\urlmon.dll
2014-02-05 09:54:06    1392128    ----a-w-    C:\Windows\System32\wininet.dll
2014-02-05 09:52:51    1494528    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-02-05 09:52:37    237056    ----a-w-    C:\Windows\System32\url.dll
2014-02-05 09:52:29    86016    ----a-w-    C:\Windows\System32\jsproxy.dll
2014-02-05 09:51:59    173056    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-02-05 09:51:52    599040    ----a-w-    C:\Windows\System32\vbscript.dll
2014-02-05 09:51:47    2147840    ----a-w-    C:\Windows\System32\iertutil.dll
2014-02-05 09:51:43    816640    ----a-w-    C:\Windows\System32\jscript.dll
2014-02-05 09:51:34    729088    ----a-w-    C:\Windows\System32\msfeeds.dll
2014-02-05 09:50:50    96768    ----a-w-    C:\Windows\System32\mshtmled.dll
2014-02-05 09:50:40    2382848    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-02-05 09:50:05    248320    ----a-w-    C:\Windows\System32\ieui.dll
2014-02-05 08:58:27    12345344    ----a-w-    C:\Windows\SysWow64\mshtml.dll
2014-02-05 08:56:17    1806848    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-02-05 08:53:14    9739264    ----a-w-    C:\Windows\SysWow64\ieframe.dll
2014-02-05 08:51:01    1105408    ----a-w-    C:\Windows\SysWow64\urlmon.dll
2014-02-05 08:50:39    1129472    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-02-05 08:49:56    1427968    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-02-05 08:49:14    231936    ----a-w-    C:\Windows\SysWow64\url.dll
2014-02-05 08:48:56    65536    ----a-w-    C:\Windows\SysWow64\jsproxy.dll
2014-02-05 08:48:40    142848    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-02-05 08:48:27    421376    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-02-05 08:48:08    717824    ----a-w-    C:\Windows\SysWow64\jscript.dll
2014-02-05 08:48:02    1796096    ----a-w-    C:\Windows\SysWow64\iertutil.dll
2014-02-05 08:47:57    607744    ----a-w-    C:\Windows\SysWow64\msfeeds.dll
2014-02-05 08:47:22    73216    ----a-w-    C:\Windows\SysWow64\mshtmled.dll
2014-02-05 08:47:16    2382848    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-02-05 08:46:50    176640    ----a-w-    C:\Windows\SysWow64\ieui.dll
2013-12-22 10:06:54    46368    ----a-w-    C:\Windows\System32\drivers\avgtpx64.sys
2013-12-05 04:48:29    1869824    ----a-w-    C:\Windows\System32\msxml3.dll
2013-12-05 02:12:37    1248768    ----a-w-    C:\Windows\SysWow64\msxml3.dll
.
============= FINISH:  0:25:24.27 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 24 February 2014 - 03:50 AM

Hi there,
 
please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 ReFx

ReFx
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 24 February 2014 - 05:04 AM

thanks sir,

 

here is FRST.txt log followed by Additional.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-02-2014 02
Ran by Owner (administrator) on OWNER-PC on 24-02-2014 01:49:44
Running from C:\Users\Owner\Downloads
Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Just Develop It) C:\Program Files (x86)\MyPC Backup\BackupStack.exe
(Avid Technology, Inc..) C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
() C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
() C:\Program Files (x86)\SMINST\BLService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Spigot, Inc.) C:\Users\Owner\AppData\Roaming\Search Protection\SearchProtection.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(WebInternetSecurity) C:\Program Files (x86)\Webinternetsecurity\WebInternetSecurity.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2535448 2014-02-05] ()
HKLM-x32\...\Run: [WebInternetSecurity] - C:\Program Files (x86)\Webinternetsecurity\WebInternetSecurity.exe [797184 2013-12-30] (WebInternetSecurity)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\Run: [SearchProtection] - C:\Users\Owner\AppData\Roaming\Search Protection\SearchProtection.EXE [840552 2014-02-20] (Spigot, Inc.)
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {21728098-92df-11e3-a5fa-beceff9eb549} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {31f4d11d-692c-11e3-a59d-a3b126b68444} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {4133c581-0422-11e1-8b5b-00235a3b5278} - F:\unlock.exe autoplay=true
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {73e49148-4560-11e2-95d4-00235a3b5278} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {b3f31d8c-2959-11de-8532-806e6f6e6963} - E:\AutoLaunch.exe
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {b90e7dda-7422-11e2-8ddd-00235a3b5278} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {db2e5cc6-3204-11de-80da-00235a3b5278} - F:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\bigcityadventuresf-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\blackhawk2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\blasterball3-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\buildalot2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\chuzzle-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\deathonthenile-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\diner dash - hometown hero-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dream2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\familyfeud3-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\fate-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\golf-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hptv.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\jojosfashionshow-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\jqsolitaire2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\luxor3-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mysterypivegas-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onplay.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\peggle-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\penguins-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\poker3-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\polar-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\polarpool-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\slingo-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\thos-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\tpir-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\tw3_vista-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\virtual villagers - the secret city-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\virtualvillagers-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wedding dash-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wheel of fortune-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\winbej2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zuma-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
GroupPolicyUsers\S-1-5-21-1905616980-2508883315-2640086917-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:49186;https=127.0.0.1:49186
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
URLSearchHook: HKLM-x32 - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll (Conduit Ltd.)
URLSearchHook: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
URLSearchHook: HKCU - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll (Conduit Ltd.)
URLSearchHook: HKCU - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://www.searchqu.com//web?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
SearchScopes: HKLM - {3CF2481F-854A-41B7-9CDF-7113C60591B3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM - {5D9FA932-8D8C-40EC-9192-A538B6854A52} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://www.searchqu.com//web?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0BD40B60-F34F-4263-96A5-CB964DCF586E} URL =
SearchScopes: HKLM-x32 - {3CF2481F-854A-41B7-9CDF-7113C60591B3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {5D9FA932-8D8C-40EC-9192-A538B6854A52} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://www.searchqu.com//web?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - DefaultScope {476FDD4A-D6FB-4A7C-98A5-09A6A377D958} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {0BD40B60-F34F-4263-96A5-CB964DCF586E} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN86494455522771733&UM=2
SearchScopes: HKCU - {3CF2481F-854A-41B7-9CDF-7113C60591B3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {476FDD4A-D6FB-4A7C-98A5-09A6A377D958} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={687D9572-7EEC-484A-B8D9-B09382673C0B}&mid=49d855982826374bb6767a000dd7667e-3c8cd7eb87df913e224d8775c9b186ff128fa5db&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 16:19:00&v=17.3.1.204&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL = http://www.searchqu.com//web?src=ieb&appid=0&systemid=421&sr=0&q={searchTerms}
SearchScopes: HKCU - {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4d0e835c&v=6.10.6.4&i=23&tp=chrome&q={searchTerms}&lng={language}&iy=b&ychte=us
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: ScorpionSaver - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\ScorpionSaver\IECore.dll ()
BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -  No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Re-Markable - {9ddae43c-ffb2-482c-a6f9-62226370db49} - C:\Program Files (x86)\Re-Markable\150.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll (Conduit Ltd.)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -  No File
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.1.204\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - MixiDJ V37 Toolbar - {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Connect DLC 5 Toolbar - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - C:\Program Files (x86)\Connect_DLC_5\prxtbConn.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {EEF3855C-FC2D-41E6-8D91-D368F51B3055} -  No File
Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} -  No File
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default
FF user.js: detected! => C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\user.js
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://mysearch.avg.com?cid={687D9572-7EEC-484A-B8D9-B09382673C0B}&mid=49d855982826374bb6767a000dd7667e-3c8cd7eb87df913e224d8775c9b186ff128fa5db&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 16:19:00&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF Extension: ScorpionSaver - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\ScorpionSaver@jetpack [2013-11-16]
FF Extension: TopArcadeHits - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} [2013-09-25]
FF Extension: QuickShare Widget - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8} [2013-09-25]
FF Extension: Yahoo! Toolbar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-08-21]
FF Extension: SweetPacks  - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d} [2013-10-20]
FF Extension: DealPly  Shopping - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{906000a4-88d9-4d52-b209-7a772970d91f} [2013-11-16]
FF Extension: Connect DLC 5  - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} [2013-12-11]
FF Extension: MixiDJ V37  - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{eef3855c-fc2d-41e6-8d91-d368f51b3055} [2013-12-12]
FF Extension: lucky leap - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\firefox@luckyleap.net.xpi [2013-10-03]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-02-04]
FF Extension: Adblock Plus - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.204 [2014-02-05]
FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-10-10]
FF HKCU\...\Firefox\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\Owner\AppData\Local\GreatArcadeHits\gahff.xpi
FF HKCU\...\Firefox\Extensions: [{3070db0f-156f-4dd5-8646-800cf1211847}] - C:\Program Files (x86)\Re-Markable\150.xpi
FF Extension: Re-Markable - C:\Program Files (x86)\Re-Markable\150.xpi [2014-02-01]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf [2013-11-16]
CHR Extension: (Scorpion Saver) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg [2013-11-16]
CHR HKLM-x32\...\Chrome\Extension: [ejdfidgapfiokiphmcjpmmjbdndepoja] - C:\Program Files (x86)\Re-Markable\150.crx [2014-02-01]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.1.204\avg.crx [2014-02-05]

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
R2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-06-24] (Avid Technology, Inc..)
R2 Level Quality Watcher; C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe [710976 2014-01-27] ()
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2013-09-24] (PasswordBox, Inc.)
R2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365904 2008-09-23] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2148664 2013-01-31] (AVG)
S4 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-09-24] ()
S4 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-09-24] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [36664 2013-01-31] (AVG)
R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-07] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

R1 Amfilter; C:\Windows\System32\DRIVERS\Amfltx64.sys [12288 2007-10-15] ((Standard mouse types))
S3 Amusbprt; C:\Windows\System32\DRIVERS\Amusbx64.sys [17920 2008-02-13] (A4Tech Co.,Ltd.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-12-22] (AVG Technologies)
S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (BEHRINGER)
S3 BUSB_AUDIO_WDM; C:\Windows\System32\drivers\busbwdm.sys [49728 2009-10-30] (BEHRINGER)
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [125304 2012-09-10] (Focusrite Audio Engineering Limited.)
S3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [187912 2010-12-07] (Avid Technology, Inc.)
S3 SeratoUsb; C:\Windows\System32\Drivers\SeratoUsb.sys [41984 2009-04-25] (Cristalink Ltd)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [11880 2012-07-04] (TuneUp Software)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-09-26] (Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 01:49 - 2014-02-24 01:50 - 00032826 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-02-24 01:49 - 2014-02-24 01:49 - 00000000 ____D () C:\FRST
2014-02-24 01:48 - 2014-02-24 01:48 - 02155520 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-02-24 01:48 - 2014-02-24 01:48 - 01144320 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe.part
2014-02-24 00:26 - 2014-02-24 00:37 - 00025644 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-24 00:26 - 2014-02-24 00:26 - 00021269 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-24 00:23 - 2014-02-24 00:23 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-02-22 22:21 - 2014-02-22 22:25 - 00000000 ____D () C:\Mix1
2014-02-18 21:23 - 2014-02-18 21:23 - 00001961 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-18 21:23 - 2014-02-18 21:23 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-02-18 21:23 - 2014-02-18 21:23 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-02-18 21:17 - 2014-02-18 21:18 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Owner\Downloads\AdobeAIRInstaller.exe
2014-02-18 21:05 - 2014-02-18 21:05 - 00000480 _____ () C:\Users\Public\Desktop\PDG GOLD NCO - 2013.lnk
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\TVSwfs
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\testmaker
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\styles
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\security
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\mcmprint
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\mcmcalendar
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\Help
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\game_swf
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\dictionaries
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\assets
2014-02-18 21:04 - 2014-02-18 21:04 - 17102683 _____ () C:\DressRight.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 11471414 _____ () C:\shell.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 10583305 _____ () C:\pirates.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 09488295 _____ () C:\macjack.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 06574705 _____ () C:\whack.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 06359040 _____ () C:\pdg.db
2014-02-18 21:04 - 2014-02-18 21:04 - 05399449 _____ () C:\goldrush.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 04957429 _____ () C:\starsandstripes.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 04010179 _____ () C:\GoldMind.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03293743 _____ () C:\themegames.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03272629 _____ () C:\dontfall.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03210738 _____ () C:\study_mc.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02734923 _____ () C:\testflight.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02663648 _____ () C:\showdown.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02347874 _____ () C:\study_sa.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02321984 _____ () C:\study_rn.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02206173 _____ () C:\target.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01342406 _____ () C:\setup.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01307173 _____ () C:\main.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01082450 _____ () C:\finalexam.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00804808 _____ () C:\dangerzone.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00542362 _____ () C:\testmaker.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00510138 _____ () C:\game_mc.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00306983 _____ () C:\reviewnotes.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00299314 _____ () C:\arcade_game.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00258804 _____ () C:\manifest.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00196415 _____ () C:\flashcards.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00156308 _____ () C:\textLayout_1.0.0.595.swz
2014-02-18 21:04 - 2014-02-18 21:04 - 00142336 _____ () C:\PDG GOLD NCO - 2013.exe
2014-02-18 21:04 - 2014-02-18 21:04 - 00122535 _____ () C:\DressRightData.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00093928 _____ () C:\DexRibbons.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00078760 _____ () C:\fileBackup.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00062697 _____ () C:\arcade.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00053881 _____ () C:\pdg.db_acros.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00047975 _____ () C:\query_manager.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00047054 _____ () C:\bases.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00030006 _____ () C:\_fonts.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00004361 _____ () C:\words.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000885 _____ () C:\wapsCalc.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000660 _____ () C:\printqa.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000646 _____ () C:\LogViewer.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000627 _____ () C:\DatePicker.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000613 _____ () C:\acro_editor.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000607 _____ () C:\about.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000482 _____ () C:\updater_config.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000428 _____ () C:\defaults.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000353 _____ () C:\Users\Owner\AppData\Roaming\com.mcmguides.pdg.NCO.2013_state.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000226 _____ () C:\AdobeSpellingConfig.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000182 _____ () C:\levelNames.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000153 _____ () C:\relnotes.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000059 _____ () C:\mimetype
2014-02-18 20:39 - 2014-02-18 21:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.mcmguides.pdg.NCO.2013
2014-02-16 02:00 - 2014-02-16 02:00 - 01332064 _____ (Koyote-Lab Inc) C:\Users\Owner\Downloads\FreeEasyCDDVDBurnerSetup-r20-n-bf.exe
2014-02-16 01:51 - 2014-02-16 01:58 - 00000000 ____D () C:\Program Files (x86)\mp3cd
2014-02-16 01:50 - 2014-02-16 01:50 - 00930440 _____ (CNET Download.com) C:\Users\Owner\Downloads\cbsidlm-cbsi176-MP3_CD_Maker-ORG-10065486.exe
2014-02-15 22:25 - 2014-02-15 22:25 - 00000000 ____D () C:\Users\Owner\Downloads\Neon (Ummet Ozcan Remix) Remake
2014-02-15 22:22 - 2014-02-15 22:23 - 07032743 _____ () C:\Users\Owner\Downloads\Neon (Ummet Ozcan Remix) Remake.zip
2014-02-15 10:49 - 2014-02-05 02:19 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 10:49 - 2014-02-05 02:02 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 10:49 - 2014-02-05 02:00 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 10:49 - 2014-02-05 01:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 10:49 - 2014-02-05 01:54 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 10:49 - 2014-02-05 01:52 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-15 10:49 - 2014-02-05 01:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-15 10:49 - 2014-02-05 01:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-15 10:49 - 2014-02-05 01:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 10:49 - 2014-02-05 01:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-15 10:49 - 2014-02-05 01:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-15 10:49 - 2014-02-05 00:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 10:49 - 2014-02-05 00:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 10:49 - 2014-02-05 00:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 10:49 - 2014-02-05 00:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 10:49 - 2014-02-05 00:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 10:49 - 2014-02-05 00:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-15 10:49 - 2014-02-05 00:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-15 10:49 - 2014-02-05 00:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 10:49 - 2014-02-05 00:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-15 10:49 - 2014-02-05 00:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-15 10:49 - 2014-02-05 00:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-15 10:49 - 2014-02-05 00:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 10:49 - 2014-02-05 00:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 10:49 - 2014-02-05 00:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 10:49 - 2014-02-05 00:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-15 10:49 - 2014-02-05 00:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\499351df9dc08935c2ae
2014-02-14 18:23 - 2013-12-04 20:48 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 18:23 - 2013-12-04 18:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-06 19:01 - 2014-02-06 19:51 - 00000000 ____D () C:\Users\Owner\Downloads\Vengeance Sound Trap Essentials Vol.1 [PAZ]
2014-02-06 19:01 - 2014-02-06 19:01 - 00050213 _____ () C:\Users\Owner\Downloads\[kickasstorrents.come.in]vengeance.sound.trap.essentials.vol.1.paz.torrent
2014-02-06 18:36 - 2014-02-06 20:15 - 00000000 ____D () C:\Users\Owner\Desktop\S3 Data
2014-02-06 17:16 - 2014-02-06 17:41 - 00000000 ____D () C:\Users\Owner\Downloads\About Time (2013) [1080p]
2014-02-06 17:15 - 2014-02-06 17:15 - 00019614 _____ () C:\Users\Owner\Downloads\About_Time_2013_1080p_BluRay_x264_YIFY_mp4.torrent
2014-02-06 17:12 - 2014-02-06 18:43 - 00000000 ____D () C:\Users\Owner\Downloads\Ender's Game (2013) [1080p]
2014-02-06 17:12 - 2014-02-06 17:30 - 00000000 ____D () C:\Users\Owner\Downloads\Frozen 2013 DVDSCR x264 AC3-JYK
2014-02-06 17:11 - 2014-02-06 17:11 - 00016856 _____ () C:\Users\Owner\Downloads\Frozen 2013 DVDSCR x264 AC3-JYK [2826947].torrent
2014-02-06 17:10 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\Owner\Downloads\Don.Jon.2013.DVDRip.XviD-eXceSs
2014-02-06 17:08 - 2014-02-06 17:08 - 00017618 _____ () C:\Users\Owner\Downloads\Enders_Game_2013_1080p_BluRay_x264_YIFY_mp4.torrent
2014-02-05 19:14 - 2014-02-05 19:14 - 00000000 ____D () C:\Users\Owner\Downloads\Mystica
2014-02-05 19:13 - 2014-02-05 19:13 - 03527259 _____ () C:\Users\Owner\Downloads\Mystica.zip
2014-02-02 19:11 - 2014-02-02 19:11 - 01754228 _____ () C:\Users\Owner\Downloads\blahpflapflapwillplayaroundmore2.flp
2014-02-01 21:52 - 2014-02-01 21:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\dvdcss
2014-02-01 21:06 - 2014-02-01 21:40 - 00000000 ____D () C:\Users\Owner\Downloads\I Am Hardwell (2013) DTS Eng Sp NL Subs DVDRip-NLU002
2014-02-01 20:16 - 2014-02-06 18:30 - 3442802989 _____ () C:\Users\Owner\Downloads\ReFX Nexus 2.5.9 VSTi + Expansions-AIR.rar
2014-02-01 20:13 - 2014-02-01 20:13 - 00033608 _____ () C:\Users\Owner\Downloads\ReFX_Nexus_2.5.9_VSTi_ _Expansions-AIR.rar
2014-02-01 20:13 - 2014-02-01 20:13 - 00000000 ____D () C:\Users\Owner\Downloads\ReFX_Nexus_2.5.9_VSTi_ _Expansions-AIR
2014-02-01 20:10 - 2014-02-01 20:10 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1905616980-2508883315-2640086917-1000
2014-02-01 20:10 - 2014-02-01 20:10 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1905616980-2508883315-2640086917-1000
2014-02-01 20:10 - 2014-02-01 20:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\WebInternetSecurity
2014-02-01 20:04 - 2014-02-24 00:13 - 00000394 _____ () C:\Windows\Tasks\Re-Markable Update.job
2014-02-01 20:04 - 2014-02-10 22:47 - 00000000 ____D () C:\Program Files (x86)\Re-Markable
2014-02-01 20:04 - 2014-02-01 20:04 - 00003042 _____ () C:\Windows\System32\Tasks\Re-Markable Update
2014-02-01 20:03 - 2014-02-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Webinternetsecurity
2014-02-01 20:03 - 2014-02-01 20:03 - 00003876 _____ () C:\Windows\System32\Tasks\WebInternetSecurity Update Task
2014-02-01 20:01 - 2014-02-01 20:15 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-01 19:59 - 2014-02-01 20:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Real
2014-02-01 19:57 - 2014-02-01 19:58 - 00476688 _____ () C:\Users\Owner\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2014-02-01 17:21 - 2014-02-18 17:51 - 00000000 ____D () C:\Bovada
2014-02-01 17:21 - 2014-02-01 17:22 - 00417068 _____ () C:\Users\Owner\AppData\Local\dd_vcredistMSI7E3C.txt
2014-02-01 17:21 - 2014-02-01 17:22 - 00011444 _____ () C:\Users\Owner\AppData\Local\dd_vcredistUI7E3C.txt
2014-02-01 17:21 - 2014-02-01 17:21 - 00000391 _____ () C:\Users\Public\Desktop\BovadaPoker.lnk
2014-02-01 17:17 - 2014-02-01 17:18 - 00685816 _____ ( ) C:\Users\Owner\Downloads\BovadaPokerClient(1).exe
2014-02-01 17:17 - 2014-02-01 17:17 - 00685816 _____ ( ) C:\Users\Owner\Downloads\BovadaPokerClient.exe
2014-01-25 20:36 - 2014-01-25 20:36 - 00000000 ____D () C:\Users\Owner\Downloads\ReFX Nexus 2.5.9 VSTi + Expansions-AIR
2014-01-25 17:19 - 2014-01-25 17:19 - 00000000 ____D () C:\Users\Owner\Downloads\Vengeance Dirty Electro Vol.2

==================== One Month Modified Files and Folders =======

2014-02-24 01:50 - 2014-02-24 01:49 - 00032826 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-02-24 01:49 - 2014-02-24 01:49 - 00000000 ____D () C:\FRST
2014-02-24 01:49 - 2008-10-19 23:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-24 01:48 - 2014-02-24 01:48 - 02155520 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-02-24 01:48 - 2014-02-24 01:48 - 01144320 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe.part
2014-02-24 01:29 - 2013-03-19 20:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 01:27 - 2009-03-26 17:03 - 02029680 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 00:37 - 2014-02-24 00:26 - 00025644 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-24 00:26 - 2014-02-24 00:26 - 00021269 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-24 00:23 - 2014-02-24 00:23 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-02-24 00:13 - 2014-02-01 20:04 - 00000394 _____ () C:\Windows\Tasks\Re-Markable Update.job
2014-02-24 00:12 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 00:12 - 2006-11-02 07:22 - 00003424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 00:12 - 2006-11-02 07:22 - 00003424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 00:10 - 2008-10-19 21:53 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-24 00:10 - 2006-11-02 07:42 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-24 00:09 - 2012-07-29 15:29 - 00002408 _____ () C:\Users\Owner\Desktop\New Text Document.txt
2014-02-23 21:29 - 2011-09-16 16:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-23 21:24 - 2013-10-10 18:11 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-02-22 22:25 - 2014-02-22 22:21 - 00000000 ____D () C:\Mix1
2014-02-21 01:17 - 2011-10-29 15:32 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-02-20 22:29 - 2013-03-19 20:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 22:29 - 2013-03-19 20:32 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 22:29 - 2011-09-18 14:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-18 21:24 - 2009-04-21 15:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2014-02-18 21:23 - 2014-02-18 21:23 - 00001961 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-18 21:23 - 2014-02-18 21:23 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-02-18 21:23 - 2014-02-18 21:23 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-02-18 21:21 - 2014-02-18 20:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.mcmguides.pdg.NCO.2013
2014-02-18 21:18 - 2014-02-18 21:17 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Owner\Downloads\AdobeAIRInstaller.exe
2014-02-18 21:18 - 2011-08-26 14:49 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-02-18 21:18 - 2008-10-19 23:17 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-18 21:05 - 2014-02-18 21:05 - 00000480 _____ () C:\Users\Public\Desktop\PDG GOLD NCO - 2013.lnk
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\TVSwfs
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\testmaker
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\styles
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\security
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\mcmprint
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\mcmcalendar
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\Help
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\game_swf
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\dictionaries
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\assets
2014-02-18 21:04 - 2014-02-18 21:04 - 17102683 _____ () C:\DressRight.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 11471414 _____ () C:\shell.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 10583305 _____ () C:\pirates.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 09488295 _____ () C:\macjack.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 06574705 _____ () C:\whack.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 06359040 _____ () C:\pdg.db
2014-02-18 21:04 - 2014-02-18 21:04 - 05399449 _____ () C:\goldrush.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 04957429 _____ () C:\starsandstripes.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 04010179 _____ () C:\GoldMind.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03293743 _____ () C:\themegames.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03272629 _____ () C:\dontfall.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03210738 _____ () C:\study_mc.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02734923 _____ () C:\testflight.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02663648 _____ () C:\showdown.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02347874 _____ () C:\study_sa.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02321984 _____ () C:\study_rn.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02206173 _____ () C:\target.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01342406 _____ () C:\setup.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01307173 _____ () C:\main.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01082450 _____ () C:\finalexam.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00804808 _____ () C:\dangerzone.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00542362 _____ () C:\testmaker.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00510138 _____ () C:\game_mc.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00306983 _____ () C:\reviewnotes.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00299314 _____ () C:\arcade_game.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00258804 _____ () C:\manifest.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00196415 _____ () C:\flashcards.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00156308 _____ () C:\textLayout_1.0.0.595.swz
2014-02-18 21:04 - 2014-02-18 21:04 - 00142336 _____ () C:\PDG GOLD NCO - 2013.exe
2014-02-18 21:04 - 2014-02-18 21:04 - 00122535 _____ () C:\DressRightData.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00093928 _____ () C:\DexRibbons.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00078760 _____ () C:\fileBackup.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00062697 _____ () C:\arcade.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00053881 _____ () C:\pdg.db_acros.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00047975 _____ () C:\query_manager.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00047054 _____ () C:\bases.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00030006 _____ () C:\_fonts.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00004361 _____ () C:\words.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000885 _____ () C:\wapsCalc.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000660 _____ () C:\printqa.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000646 _____ () C:\LogViewer.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000627 _____ () C:\DatePicker.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000613 _____ () C:\acro_editor.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000607 _____ () C:\about.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000482 _____ () C:\updater_config.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000428 _____ () C:\defaults.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000353 _____ () C:\Users\Owner\AppData\Roaming\com.mcmguides.pdg.NCO.2013_state.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000226 _____ () C:\AdobeSpellingConfig.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000182 _____ () C:\levelNames.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000153 _____ () C:\relnotes.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000059 _____ () C:\mimetype
2014-02-18 17:51 - 2014-02-01 17:21 - 00000000 ____D () C:\Bovada
2014-02-16 21:34 - 2011-10-28 20:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\BitTorrent
2014-02-16 18:38 - 2013-12-30 22:11 - 00234964 _____ () C:\Windows\PFRO.log
2014-02-16 02:11 - 2011-10-08 13:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\FreeBurner
2014-02-16 02:01 - 2013-08-16 06:45 - 00000993 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Easy CD DVD Burner.lnk
2014-02-16 02:01 - 2013-08-16 06:44 - 00000941 _____ () C:\Users\Owner\Desktop\Free Easy Burner.lnk
2014-02-16 02:01 - 2011-10-08 13:15 - 00000000 ____D () C:\Program Files (x86)\Free Easy CD DVD Burner
2014-02-16 02:00 - 2014-02-16 02:00 - 01332064 _____ (Koyote-Lab Inc) C:\Users\Owner\Downloads\FreeEasyCDDVDBurnerSetup-r20-n-bf.exe
2014-02-16 01:58 - 2014-02-16 01:51 - 00000000 ____D () C:\Program Files (x86)\mp3cd
2014-02-16 01:50 - 2014-02-16 01:50 - 00930440 _____ (CNET Download.com) C:\Users\Owner\Downloads\cbsidlm-cbsi176-MP3_CD_Maker-ORG-10065486.exe
2014-02-15 22:25 - 2014-02-15 22:25 - 00000000 ____D () C:\Users\Owner\Downloads\Neon (Ummet Ozcan Remix) Remake
2014-02-15 22:23 - 2014-02-15 22:22 - 07032743 _____ () C:\Users\Owner\Downloads\Neon (Ummet Ozcan Remix) Remake.zip
2014-02-15 12:59 - 2013-11-10 22:28 - 02198445 _____ () C:\Users\Owner\Downloads\Traplol3.flp
2014-02-15 12:38 - 2013-05-22 21:42 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\iZotope
2014-02-15 11:08 - 2012-05-06 14:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 10:56 - 2013-07-21 10:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 10:51 - 2006-11-02 04:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-15 10:45 - 2013-12-20 06:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 10:36 - 2012-07-21 17:29 - 00753386 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-15 10:36 - 2006-11-02 04:46 - 00753386 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\499351df9dc08935c2ae
2014-02-15 10:31 - 2006-11-02 04:34 - 00000219 _____ () C:\Windows\win.ini
2014-02-14 06:35 - 2013-12-30 21:37 - 00001057 _____ () C:\Windows\setupact.log
2014-02-10 22:47 - 2014-02-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Re-Markable
2014-02-10 21:42 - 2009-04-14 17:11 - 00000000 ____D () C:\Users\Owner
2014-02-08 21:18 - 2012-10-15 11:35 - 00000000 ___HD () C:\Users\Owner\AppData\Local\O6rJF6sMYgNaA36
2014-02-08 21:18 - 2011-11-14 16:43 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\PACE Anti-Piracy
2014-02-08 21:18 - 2011-11-14 16:43 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy
2014-02-06 20:15 - 2014-02-06 18:36 - 00000000 ____D () C:\Users\Owner\Desktop\S3 Data
2014-02-06 19:51 - 2014-02-06 19:01 - 00000000 ____D () C:\Users\Owner\Downloads\Vengeance Sound Trap Essentials Vol.1 [PAZ]
2014-02-06 19:01 - 2014-02-06 19:01 - 00050213 _____ () C:\Users\Owner\Downloads\[kickasstorrents.come.in]vengeance.sound.trap.essentials.vol.1.paz.torrent
2014-02-06 18:43 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\Owner\Downloads\Ender's Game (2013) [1080p]
2014-02-06 18:30 - 2014-02-01 20:16 - 3442802989 _____ () C:\Users\Owner\Downloads\ReFX Nexus 2.5.9 VSTi + Expansions-AIR.rar
2014-02-06 17:41 - 2014-02-06 17:16 - 00000000 ____D () C:\Users\Owner\Downloads\About Time (2013) [1080p]
2014-02-06 17:30 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\Owner\Downloads\Frozen 2013 DVDSCR x264 AC3-JYK
2014-02-06 17:15 - 2014-02-06 17:15 - 00019614 _____ () C:\Users\Owner\Downloads\About_Time_2013_1080p_BluRay_x264_YIFY_mp4.torrent
2014-02-06 17:12 - 2014-02-06 17:10 - 00000000 ____D () C:\Users\Owner\Downloads\Don.Jon.2013.DVDRip.XviD-eXceSs
2014-02-06 17:11 - 2014-02-06 17:11 - 00016856 _____ () C:\Users\Owner\Downloads\Frozen 2013 DVDSCR x264 AC3-JYK [2826947].torrent
2014-02-06 17:08 - 2014-02-06 17:08 - 00017618 _____ () C:\Users\Owner\Downloads\Enders_Game_2013_1080p_BluRay_x264_YIFY_mp4.torrent
2014-02-05 19:14 - 2014-02-05 19:14 - 00000000 ____D () C:\Users\Owner\Downloads\Mystica
2014-02-05 19:13 - 2014-02-05 19:13 - 03527259 _____ () C:\Users\Owner\Downloads\Mystica.zip
2014-02-05 16:19 - 2013-05-27 16:56 - 00003745 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-02-05 16:19 - 2013-05-02 08:54 - 00000000 ____D () C:\Windows\SysWOW64\cache
2014-02-05 16:18 - 2013-12-22 02:07 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-02-05 02:19 - 2014-02-15 10:49 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 02:02 - 2014-02-15 10:49 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 02:00 - 2014-02-15 10:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 01:54 - 2014-02-15 10:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 01:54 - 2014-02-15 10:49 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 01:52 - 2014-02-15 10:49 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 01:52 - 2014-02-15 10:49 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 01:52 - 2014-02-15 10:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 01:50 - 2014-02-15 10:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 01:50 - 2014-02-15 10:49 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-05 01:50 - 2014-02-15 10:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 00:58 - 2014-02-15 10:49 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-05 00:56 - 2014-02-15 10:49 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-05 00:53 - 2014-02-15 10:49 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-05 00:51 - 2014-02-15 10:49 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-05 00:50 - 2014-02-15 10:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-05 00:49 - 2014-02-15 10:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-05 00:49 - 2014-02-15 10:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-05 00:48 - 2014-02-15 10:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-05 00:48 - 2014-02-15 10:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-05 00:48 - 2014-02-15 10:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-05 00:48 - 2014-02-15 10:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-05 00:48 - 2014-02-15 10:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-05 00:47 - 2014-02-15 10:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-05 00:47 - 2014-02-15 10:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-05 00:47 - 2014-02-15 10:49 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-05 00:46 - 2014-02-15 10:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-02 19:11 - 2014-02-02 19:11 - 01754228 _____ () C:\Users\Owner\Downloads\blahpflapflapwillplayaroundmore2.flp
2014-02-01 21:57 - 2012-02-08 09:05 - 00000680 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2014-02-01 21:57 - 2011-09-08 19:17 - 00000732 _____ () C:\Users\Owner\AppData\Local\d3d9caps64.dat
2014-02-01 21:52 - 2014-02-01 21:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\dvdcss
2014-02-01 21:40 - 2014-02-01 21:06 - 00000000 ____D () C:\Users\Owner\Downloads\I Am Hardwell (2013) DTS Eng Sp NL Subs DVDRip-NLU002
2014-02-01 20:23 - 2009-04-14 17:15 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-01 20:15 - 2014-02-01 20:01 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-01 20:15 - 2014-02-01 19:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Real
2014-02-01 20:15 - 2013-07-16 13:25 - 00000000 ____D () C:\ProgramData\Real
2014-02-01 20:13 - 2014-02-01 20:13 - 00033608 _____ () C:\Users\Owner\Downloads\ReFX_Nexus_2.5.9_VSTi_ _Expansions-AIR.rar
2014-02-01 20:13 - 2014-02-01 20:13 - 00000000 ____D () C:\Users\Owner\Downloads\ReFX_Nexus_2.5.9_VSTi_ _Expansions-AIR
2014-02-01 20:10 - 2014-02-01 20:10 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1905616980-2508883315-2640086917-1000
2014-02-01 20:10 - 2014-02-01 20:10 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1905616980-2508883315-2640086917-1000
2014-02-01 20:10 - 2014-02-01 20:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\WebInternetSecurity
2014-02-01 20:04 - 2014-02-01 20:04 - 00003042 _____ () C:\Windows\System32\Tasks\Re-Markable Update
2014-02-01 20:04 - 2014-02-01 20:03 - 00000000 ____D () C:\Program Files (x86)\Webinternetsecurity
2014-02-01 20:03 - 2014-02-01 20:03 - 00003876 _____ () C:\Windows\System32\Tasks\WebInternetSecurity Update Task
2014-02-01 19:58 - 2014-02-01 19:57 - 00476688 _____ () C:\Users\Owner\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2014-02-01 17:22 - 2014-02-01 17:21 - 00417068 _____ () C:\Users\Owner\AppData\Local\dd_vcredistMSI7E3C.txt
2014-02-01 17:22 - 2014-02-01 17:21 - 00011444 _____ () C:\Users\Owner\AppData\Local\dd_vcredistUI7E3C.txt
2014-02-01 17:21 - 2014-02-01 17:21 - 00000391 _____ () C:\Users\Public\Desktop\BovadaPoker.lnk
2014-02-01 17:18 - 2014-02-01 17:17 - 00685816 _____ ( ) C:\Users\Owner\Downloads\BovadaPokerClient(1).exe
2014-02-01 17:17 - 2014-02-01 17:17 - 00685816 _____ ( ) C:\Users\Owner\Downloads\BovadaPokerClient.exe
2014-01-29 22:28 - 2013-11-17 21:29 - 00000000 ____D () C:\Program Files\ScorpionSaver Services
2014-01-25 20:36 - 2014-01-25 20:36 - 00000000 ____D () C:\Users\Owner\Downloads\ReFX Nexus 2.5.9 VSTi + Expansions-AIR
2014-01-25 17:20 - 2009-04-14 22:41 - 00172032 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-25 17:19 - 2014-01-25 17:19 - 00000000 ____D () C:\Users\Owner\Downloads\Vengeance Dirty Electro Vol.2

Files to move or delete:
====================
C:\ProgramData\SymUpdate.exe


Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-24 00:18

==================== End Of Log ============================

 

 

 

 

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2014 02
Ran by Owner at 2014-02-24 01:50:54
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Ableton Live 9 Suite (HKLM-x32\...\{5CB870DE-94A1-4A37-AAE2-08E4D2AA658A}) (Version: 9.0.0.0 - Ableton)
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.2 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.0.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Agere Systems HDA Modem (HKLM\...\Agere Systems Soft Modem) (Version:  - LSI Corporation)
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4259 - AVG Technologies)
AVG 2014 (Version: 14.0.3705 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 12.0.4020.3 - AVG Technologies)
AVG PC TuneUp (x32 Version: 12.0.4020.3 - AVG Technologies) Hidden
AVG PC TuneUp Language Pack (en-US) (x32 Version: 12.0.4020.3 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 17.3.1.204 - AVG Technologies)
Avid Pro Tools SE 8.0.3 (HKLM-x32\...\{371F27A1-9502-4762-AE97-1C1938B21055}) (Version: 8.0.3 - Digidesign, A Division of Avid Technology, Inc.)
BEHRINGER USB AUDIO DRIVER (HKLM\...\USB_AUDIO_DEusb-audio.deBehringer2902) (Version:  - )
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30332 - BitTorrent Inc.)
Blaine's Bubble Warp Effect (HKLM-x32\...\{39488AAE-73E4-42A3-B357-2C5C213B8B86}) (Version: 1.0.0 - Blaine's Movie Maker Blog)
BovadaPoker (HKLM-x32\...\{D7CA2DF8-95CE-4C80-9296-98E21219A1E5}}_is1) (Version:   -  )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2126 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 6.0.2126 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
DownloadX ActiveX Download Control 1.6.1 (HKLM-x32\...\CA17A131-B7D9-41D6-868F-29A9BD9FCC8E_is1) (Version:  - DownloadXCtrl.com)
ESU for Microsoft Vista (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
File Shredder 2.5 (HKLM\...\File Shredder_is1) (Version:  - Pow Tools)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Focusrite USB 2.0 Audio Driver 2.4 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.4 - Focusrite Audio Engineering Limited.)
Free Audio CD Burner version 2.0.22.1201 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.22.1201 - DVDVideoSoft Ltd.)
Free Easy Burner V 5.1 (HKLM-x32\...\Free Easy Burner_is1) (Version: 5.1.0.0 - Koyote soft)
Free MP4 To WMV Converter (HKLM-x32\...\{644D1E31-FB7D-488F-AFDD-B5749F41CE19}) (Version: 1.0.0 - convertaudiofree)
HP Active Support Library (x32 Version: 3.1.6.1 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (HKLM-x32\...\{57A5AEC1-97FC-474D-92C4-908FCC2253D4}) (Version: 5.7.0.2664 - Hewlett-Packard)
HP Doc Viewer (HKLM-x32\...\{082702D5-5DD8-4600-BCE5-48B15174687F}) (Version: 1.03.0001 - Hewlett-Packard)
HP Help and Support (HKLM-x32\...\{0054A0F6-00C9-4498-B821-B5C9578F433E}) (Version: 2.1.0.0 - Hewlett-Packard Company)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 2.0.2126 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 2.0.2126 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 2.0.2125 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 2.0.2125 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{D2F7994F-661E-46D1-A1DF-67F2887AAA7E}) (Version: 2.0.8 - Hewlett-Packard)
HP MediaSmart TV (HKLM-x32\...\InstallShield_{67626E09-5366-4480-8F1E-93FADF50CA15}) (Version: 2.0.0924 - Hewlett-Packard)
HP MediaSmart TV (x32 Version: 2.0.0924 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.0926 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 2.0.0926 - Hewlett-Packard) Hidden
HP MULTIPLE MODEM INSTALLER for VISTA (HKLM-x32\...\{45A136EC-88BF-4B95-99F5-C45D3930E1CC}) (Version: 1.0.0.30 - Hewlett Packard)
HP Quick Launch Buttons 6.40 H2 (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 H2 - Hewlett-Packard)
HP Total Care Advisor (HKLM-x32\...\{154A4184-1A3D-4BF9-A5AE-4FA1660445F3}) (Version: 2.4.4941.2798 - Hewlett-Packard)
HP Update (HKLM-x32\...\{C8FD5BC1-92EF-4C15-92A9-F9AC7F61985F}) (Version: 4.000.010.008 - Hewlett-Packard)
HP User Guides 0129 (HKLM-x32\...\{149BBCB8-674F-48D2-969C-9D0EA88DA7D6}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM-x32\...\{9ADABDDE-9644-461B-9E73-83FA3EFCAB50}) (Version: 3.00 K2 - Hewlett-Packard)
HPAsset component for HP Active Support Library (x32 Version: 3.0.2.2 - Hewlett-Packard) Hidden
HPTCSSetup (HKLM-x32\...\{30D3B7BC-5798-45D9-822D-05CA18F39E99}) (Version: 1.1.1955.2793 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6087.0 - IDT)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.13 - PACE Anti-Piracy)
iZotope Ozone 4 (HKLM-x32\...\iZotope Ozone 4_is1) (Version: 4.00 - iZotope, Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java™ 6 Update 7 (HKLM-x32\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
JMicron JMB38X Flash Media Controller (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.00.17.07 - JMicron Technology Corp.)
Macromedia Extension Manager (HKLM-x32\...\{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}) (Version: 1.7.240 - Macromedia, Inc.)
M-Audio FastTrack Driver 6.0.6 (x64) (HKLM\...\{91A8C38A-0239-11E0-9658-189EDFD72085}) (Version: 6.0.6 - M-Audio)
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Live Search Toolbar (HKLM-x32\...\{6A370610-3778-44AF-9AAC-69B2FD1A3356}) (Version: 3.0.541.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mixed In Key 4 (HKLM-x32\...\Mixed In Key 4) (Version: 4.0.1 - )
Mixed In Key 5.0 (HKLM-x32\...\{8313B422-7A4E-4003-85D6-A1A95619E5AB}) (Version: 5.0.872.0 - Mixed In Key LLC)
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mp3tag v2.58 (HKLM-x32\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
Native Instruments Kontakt 5 (Version: 5.0.0.5133 - Native Instruments) Hidden
Native Instruments Massive (Version: 1.2.1.1989 - Native Instruments) Hidden
Native Instruments Service Center (Version: 2.2.6.676 - Native Instruments) Hidden
NVIDIA Control Panel 310.90 (Version: 310.90 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 310.90 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 310.90 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
PDG GOLD NCO - 2013 (HKLM-x32\...\com.mcmguides.pdg.NCO.2013) (Version: 5.1.41 - McMillan Study Guides, Inc.)
PDG GOLD NCO - 2013 (x32 Version: 5.1.41 - McMillan Study Guides, Inc.) Hidden
Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)
ProtectSmart Hard Drive Protection (HKLM\...\{2F97CE84-9C33-4631-821B-85EA371EA254}) (Version: 3.10.1.7 - Hewlett-Packard)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QuickShare (HKLM-x32\...\{232F1B14-7126-491F-AC8C-6123BA58FDE2}) (Version: 1.135.60.12323 - Linkury Inc.) <==== ATTENTION
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.6.0 - SAMSUNG Electronics Co., Ltd.)
ScorpionSaver (HKLM-x32\...\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTION
ScorpionSaver Services (HKLM\...\{6E810AB6-F34E-49A3-A93F-9E503660F718}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTION
Scratch Live 2.4.2 (20) (HKLM-x32\...\{8C01DE13-E9D4-4F69-8A46-52034B1579B4}) (Version: 2.4.2 - Serato Inc LP)
Search Protection (HKCU\...\Search Protection) (Version: 8.7.0.2 - Spigot, Inc.)
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Serato Video (HKLM-x32\...\{B2BE8E3F-17E8-4784-A1FC-510575EE0223}) (Version: 1.0.0 - Serato)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Skype™ 6.3 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.3.107 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Strongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.17.4 - Synaptics Incorporated)
Toraverb (HKLM-x32\...\{775500D3-ADB1-4735-B7D2-46DB6706B450}) (Version: 1.0.0.0 - D16 Group Audio Software)
Trapcode Particular (HKLM-x32\...\InstallShield_{E489BCB7-D57D-4751-AAB6-589AF66E2F7F}) (Version: 2.1.0 - Red Giant Software)
Trapcode Particular (Version: 2.1.0 - Red Giant Software) Hidden
Trapcode Shine (HKLM-x32\...\InstallShield_{D4C0D93D-7924-486F-9B30-27ABD4EA3BB3}) (Version: 1.6.0 - Red Giant Software)
Trapcode Shine (Version: 1.6.0 - Red Giant Software) Hidden
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DA2F7ECE-6629-4A80-9CDE-EC95261B75E2}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2775360) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{80F56E3F-1D47-4E45-B6E0-FEF4E919F4F9}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{E78E2B68-8FD1-42EE-BB74-99A4D9E6222D}) (Version:  - Microsoft)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{FD1408CA-47E3-45C8-B7CB-75AEB8F98DA1}) (Version: 2.13.0273 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{D3D2A5FF-55C2-4A5A-BDAC-A502A66E6B8D}) (Version: 2.13.0246 - Samsung Electronics Co., Ltd.)
Virtual DJ - Atomix Productions (HKLM-x32\...\Virtual DJ - Atomix Productions) (Version:  - )
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}) (Version: 8.0.0.35 - GRISOFT, s.r.o.)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC (HKLM-x32\...\{D95CD7BE-A894-4F6C-B9DF-578C3CB411D4}) (Version: 1.0.0.0 - VLC)
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version:  - NCH Software)
WebInternetSecurity (HKLM-x32\...\Webinternetsecurity) (Version:  - Webinternetsecurity)
Windows Driver Package - ENE (enecir) HIDClass  (04/29/2008 2.5.0.0) (HKLM\...\B30ECD0209A21D638611F893829C8AF3A483A302) (Version: 04/29/2008 2.5.0.0 - ENE)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/10/2012 2.4.128.0) (HKLM\...\4214A1CFC1A368A5078729BFD4B211F0CDB5CEC5) (Version: 09/10/2012 2.4.128.0 - Focusrite)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Restore Points  =========================

09-02-2014 07:22:33 Scheduled Checkpoint
15-02-2014 11:01:09 Windows Update
15-02-2014 18:43:55 Windows Update
23-02-2014 07:35:28 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 04:34 - 2006-09-18 13:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {006BBF48-B16C-4BBD-B95D-04A0315F3AE8} - System32\Tasks\HP Health Check => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-06-16] (Hewlett-Packard)
Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {1C7B57E1-7BDD-4E5C-8AF2-52393E5D7DB6} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1905616980-2508883315-2640086917-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation)
Task: {3096CFFD-B485-437A-92F6-C4B0BEAAFC95} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-16] ()
Task: {3B9C8F20-E6CC-4AAF-83EE-7AA873188F3D} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2013-01-31] (AVG)
Task: {3CF1133D-7D27-474B-A556-193CF3879776} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1905616980-2508883315-2640086917-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {479AC48B-6CA2-4D49-95FA-545C4DC7BC72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-20] (Adobe Systems Incorporated)
Task: {5061BD69-6FC1-4B6C-9C3E-B3EE710D0D5B} - System32\Tasks\WebInternetSecurity Update Task => C:\Program Files (x86)\Webinternetsecurity\uninstall.webinternetsecurity.exe [2014-02-01] ()
Task: {55F3A6F2-71A0-4F40-BA97-86056C1EFBD5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {98FC0654-1354-40C6-B965-6E9EC48E92DA} - System32\Tasks\{15F9874D-1014-4C41-BCB7-A5170F04BC8A} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.0.114&amp;LastError=12007
Task: {A5DF022A-7E5A-4928-8B0E-2EB02F3694E1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {CD8871D2-CFC5-4B38-BDCD-EE74543A2538} - System32\Tasks\HPCeeScheduleForOwner => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe [2008-05-19] (Hewlett-Packard)
Task: {D1AC48ED-3C8D-4ED7-B413-9CCFFF556371} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {D4083330-6F5A-4214-BA46-C51AB63D39AA} - System32\Tasks\KMS Activation for Office => C:\Windows\KMSAct.exe
Task: {DFB7D8E4-5C3B-47B0-8866-FFD3E4E1C055} - System32\Tasks\Re-Markable Update => C:\Program Files (x86)\Re-Markable\ReMarkableup.exe [2014-02-01] ()
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForOwner.job => C:\Program Files (x86)\hewlett-packard\sdp\ceement\HPCEE.exe
Task: C:\Windows\Tasks\Re-Markable Update.job => C:\Program Files (x86)\Re-Markable\ReMarkableup.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2013-09-19 14:32 - 2013-09-19 14:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-01-27 12:45 - 2014-01-27 12:45 - 00710976 _____ () C:\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe
2008-10-19 23:34 - 2008-09-23 11:18 - 00365904 _____ () C:\Program Files (x86)\SMINST\BLService.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-10-06 01:25 - 2012-03-31 23:06 - 02689536 _____ () C:\Program Files\File Shredder\fsshell.dll
2009-08-04 23:04 - 2008-06-19 23:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2014-01-07 05:58 - 2014-01-07 05:58 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
2013-12-22 02:07 - 2014-02-05 16:18 - 02535448 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-09-24 10:17 - 2013-09-24 10:17 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2008-10-19 23:34 - 2008-09-23 11:18 - 00132432 _____ () C:\Program Files (x86)\SMINST\STWmiM.dll
2013-10-09 15:36 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-10-09 15:36 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-10-09 15:36 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-10-09 15:36 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-10-09 15:36 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-07 05:58 - 2014-01-07 05:58 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
2013-12-20 06:32 - 2014-02-15 10:45 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:45 - 2010-10-20 14:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-02-20 22:29 - 2014-02-20 22:29 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Microsoft:KTQtAG2U8VG6CXo5n
AlternateDataStreams: C:\ProgramData\Microsoft:vxCejqghsdJ61l9ncxKHmq
AlternateDataStreams: C:\Users\Owner\Desktop\Sebastian Ingrosso & Tommy Trash vs John Dahlbäck (Dirty South Remix) - Reload vs Embrace Me (I-RA Mashup).mp3:TOC.WMV
AlternateDataStreams: C:\Users\Owner\Desktop\untitled.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Owner\Downloads\Universal Spark - Rays of Light Preview 2.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Owner\Downloads\Universal Spark - Unleashed (Teaser).mp3:TOC.WMV
AlternateDataStreams: C:\Users\Owner\Downloads\Where'd You Go Bootleg.mp3:TOC.WMV
AlternateDataStreams: C:\Users\Owner\AppData\Local\Temp:3rrKZ0YXHiswvmeIi
AlternateDataStreams: C:\Users\Owner\AppData\Local\Temp:9boMzydMOBGblBLTGVCrJQgrEu
AlternateDataStreams: C:\Users\Owner\AppData\Local\Temp:GxWuTSZA4YyLpCTqeoVM9RMe6
AlternateDataStreams: C:\Users\Owner\AppData\Local\Temporary Internet Files:5ZZF9jREmYqG2jv6HBv1ZXK7

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AdpeakProxy => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Launch Utility Application.lnk => C:\Windows\pss\Launch Utility Application.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
MSCONFIG\startupreg: 360Amigo => "C:\Program files\360Amigo\360Amigo.exe" -autorun
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Aim => "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG8_TRAY => C:\PROGRA~2\AVG\AVG8\avgtray.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Owner\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: CLMLServer for HP TouchSmart => "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\WI9130~1\Datamngr\DATAMN~1.EXE
MSCONFIG\startupreg: DigidesignMMERefresh => "C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe"
MSCONFIG\startupreg: DVDAgent => "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
MSCONFIG\startupreg: Facebook Update => "C:\Users\Owner\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: HP Health Check Scheduler => c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpWirelessAssistant => C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: M-Audio Taskbar Icon => C:\Windows\system32\M-AudioTaskBarIcon.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NvCplDaemon => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
MSCONFIG\startupreg: NvMediaCenter => RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
MSCONFIG\startupreg: QlbCtrl.exe => "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchProtectAll => "C:\Program Files (x86)\SearchProtect\bin\cltmng.exe"
MSCONFIG\startupreg: SMessaging => C:\Users\Owner\AppData\Local\Strongvault Online Backup\SMessaging.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => %ProgramFiles%\IDT\WDM\sttray64.exe
MSCONFIG\startupreg: TSMAgent => "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
MSCONFIG\startupreg: TVAgent => "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDIRShortCut => "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

==================== Faulty Device Manager Devices =============

Name: Realtek RTL8168/8111 Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
Description: Realtek RTL8168/8111 Family PCI-E Gigabit Ethernet NIC (NDIS 6.0)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8169
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2014 00:40:28 AM) (Source: Application Error) (User: )
Description: Faulting application WLXQuickTimeControlHost.exe, version 15.4.3538.513, time stamp 0x4dcdb20a, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp 0x5180f322, exception code 0xc0000005, fault offset 0x6397cc49,
process id 0x1204, application start time 0xWLXQuickTimeControlHost.exe0.

Error: (02/23/2014 01:14:08 AM) (Source: Application Error) (User: )
Description: Faulting application WLXQuickTimeControlHost.exe, version 15.4.3538.513, time stamp 0x4dcdb20a, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp 0x5180f322, exception code 0xc0000005, fault offset 0x5e8acc49,
process id 0x16b0, application start time 0xWLXQuickTimeControlHost.exe0.

Error: (02/22/2014 11:38:40 PM) (Source: Application Error) (User: )
Description: Faulting application ScratchLive.exe, version 2.4.2.20, time stamp 0x4fe3d275, faulting module QuickTime.qts_unloaded, version 0.0.0.0, time stamp 0x5180f322, exception code 0xc0000005, fault offset 0x61d4cc49,
process id 0x1ab8, application start time 0xScratchLive.exe0.

Error: (02/22/2014 11:15:29 PM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8

Error: (02/22/2014 11:15:27 PM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll8

Error: (02/22/2014 11:15:27 PM) (Source: Perflib) (User: )
Description: ASP.NETC:\Windows\system32\aspnet_counters.dll8

Error: (02/22/2014 08:32:24 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OWNER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A8MPTZL1.DEFAULT\CACHE\6\7A> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/22/2014 08:32:24 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OWNER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A8MPTZL1.DEFAULT\CACHE\6\7A> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/21/2014 00:27:19 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OWNER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A8MPTZL1.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (02/21/2014 00:27:19 AM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\OWNER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\A8MPTZL1.DEFAULT\CACHE\9> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog


Details:
    A device attached to the system is not functioning.   (0x8007001f)


System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-02-24 01:50:18.126
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-24 01:50:17.773
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-24 01:50:17.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-24 01:50:17.379
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidsha.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-16 18:44:24.196
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-16 18:42:46.536
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-16 18:41:10.473
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-16 18:35:05.476
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-16 18:32:59.922
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-02-14 22:10:16.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\nvapo64v.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 58%
Total physical RAM: 4062.02 MB
Available physical RAM: 1695.98 MB
Total Pagefile: 8347.29 MB
Available Pagefile: 5766.28 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.78 GB) (Free:58.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:13.98 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (PDG GOLD NCO - 2013) (CDROM) (Total:0.34 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: FD338468)

Partition: GPT Partition Type.

==================== End Of Log ============================



#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 24 February 2014 - 05:52 AM

Ok, let's get started then:


Step 1

Please uninstall some programs:

  • Click on the Start Menu button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

    MyPC Backup
    QuickShare
    ScorpionSaver
    ScorpionSaver Services
    Search Protection
    WebInternetSecurity

  • Reboot your computer.

 

 

Step 2

Please download AdwCleaner (by Xplode) and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

 

 

Step 3

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#5 ReFx

ReFx
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 24 February 2014 - 06:36 AM

Sir,

 

 I was unable to uninstall Quickshare and ScorpionSaver

 

Says Windows was trying to configure Quickshare when I try to uninstall, the window just closes automatically after idling for a few seconds and does not uninstall..

 

for ScorpionSaver i get this error

 

Could not open key:

  HKEY_CURRENT_USER32\Software|Wow6432Node\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID. Verify that you have sufficient access to that key, or contact your support personnel.

 

Shall I move on to step 2?



#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 24 February 2014 - 06:42 AM

Yes, move on to step 2.

#7 ReFx

ReFx
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 24 February 2014 - 04:57 PM

Sir here is my AdwCleaner Logfile

 

# AdwCleaner v3.019 - Report created 24/02/2014 at 13:17:06
# Updated 17/02/2014 by Xplode
# Operating System : Windows ™ Vista Home Premium Service Pack 2 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Downloads\adwcleaner(1).exe
# Option : Clean

***** [ Services ] *****

Service Deleted : Level Quality Watcher
Service Deleted : vToolbarUpdater17.3.0

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
[!] Folder Deleted : C:\ProgramData\AVG Security Toolbar
[!] Folder Deleted : C:\ProgramData\boost_interprocess
[!] Folder Deleted : C:\ProgramData\Conduit
[!] Folder Deleted : C:\ProgramData\NCH Software
[!] Folder Deleted : C:\ProgramData\ParetoLogic
[!] Folder Deleted : C:\ProgramData\WeCareReminder
[!] Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Program Files (x86)\Conduit
[!] Folder Deleted : C:\Program Files (x86)\lucky leap
[!] Folder Deleted : C:\Program Files (x86)\MyPC Backup
[!] Folder Deleted : C:\Program Files (x86)\NCH Software
[!] Folder Deleted : C:\Program Files (x86)\ScorpionSaver
[!] Folder Deleted : C:\Program Files (x86)\Searchprotect
[!] Folder Deleted : C:\Program Files (x86)\Connect_DLC_5
[!] Folder Deleted : C:\Program Files (x86)\MixiDJ_V37
[!] Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
[!] Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[!] Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
[!] Folder Deleted : C:\Program Files\Level Quality Watcher
[!] Folder Deleted : C:\Windows\System32\ljkb
[!] Folder Deleted : C:\Users\Owner\AppData\Local\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Conduit
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Minibar
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Searchprotect
[!] Folder Deleted : C:\Users\Owner\AppData\Local\webplayer
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Temp\Smartbar
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\AVG SafeGuard toolbar
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\AVG Security Toolbar
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\Conduit
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\PriceGong
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\searchquband
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\Smartbar
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\Connect_DLC_5
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\MixiDJ_V37
[!] Folder Deleted : C:\Users\Owner\AppData\LocalLow\SweetPacks
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\NCH Software
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\ParetoLogic
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Searchprotect
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\strongvault
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Systweak
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\CT3310511
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\CT3306061
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\CT3298573
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\ScorpionSaver@jetpack
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc}
[!] Folder Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{eef3855c-fc2d-41e6-8d91-d368f51b3055}
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf
[!] Folder Deleted : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\firefox@luckyleap.net.xpi
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\Conduit.xml
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\SearchResults.xml
File Deleted : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\user.js
File Deleted : C:\Windows\System32\Tasks\NCH Software

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AdpeakProxy.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298573
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3306061
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9DC8FA51-B596-4F77-802C-5B295919C205}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E28F712-0D6C-4EE3-AC8C-8F060F5D7C33}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C836512-BB70-11D2-A5A7-00105A9C91C6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6CE321DA-DC11-45C6-A0FC-4E8A7D978ABC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EEBC7FF-67DA-4B90-9251-C2C5696E4B48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{74137531-80F7-406F-9543-7D11385FA8C8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{832599B2-55BF-4437-8F3E-030CF5AEB262}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9B7B034B-944A-4261-B487-862F642F7615}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE91F9CE-0900-4E2A-B673-F3F6E4FC54D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B1A429DB-FB06-4645-B7C0-0CC405EAD3CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB797690-40E0-11D2-9BD5-0060082AE372}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD67706E-819E-4EBD-BF8D-6D6147CC7A49}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F62A4AF9-58B4-4FEC-89CC-D717A547D8E8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF3855C-FC2D-41E6-8D91-D368F51B3055}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C84BABA-BF9D-4E42-A684-5288580631D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEF3855C-FC2D-41E6-8D91-D368F51B3055}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEF3855C-FC2D-41E6-8D91-D368F51B3055}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEF3855C-FC2D-41E6-8D91-D368F51B3055}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{24C1F23B-0796-4C3A-8E00-BAB4D876D4A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C84BABA-BF9D-4E42-A684-5288580631D2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FF906B1-8E0B-471C-A728-E8CCA6395CC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89C4DA4B-28C1-49CD-A33C-68688210F237}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF308E48-D707-458A-8053-56C1DFBE1332}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{128ECD68-D5FB-4D6F-9D19-61EE9B922880}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7CC8CBFA-3EBA-41D7-9652-06C905444BC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EC4E630E-E530-4F74-BC9F-C2E5ACA5B6C1}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EEF3855C-FC2D-41E6-8D91-D368F51B3055}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEF3855C-FC2D-41E6-8D91-D368F51B3055}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EEF3855C-FC2D-41E6-8D91-D368F51B3055}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EEF3855C-FC2D-41E6-8D91-D368F51B3055}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2421}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Adpeak, Inc.
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\NCH Software
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\ScorpionSaver
Key Deleted : HKCU\Software\SearchProtect
Key Deleted : HKCU\Software\SearchProtectINT
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\ScorpionSaver
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\SweetPacks
Key Deleted : HKCU\Software\AppDataLow\Software\Connect_DLC_5
Key Deleted : HKCU\Software\AppDataLow\Software\MixiDJ_V37
Key Deleted : HKLM\Software\Adpeak, Inc.
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\NCH Software
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\SweetPacks
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Connect_DLC_5
Key Deleted : HKLM\Software\MixiDJ_V37
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\lucky leap
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\wnlt
Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v27.0.1 (en-US)

[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\prefs.js ]

Line Deleted : user_pref("CT3306061.FF19Solved", "true");
Line Deleted : user_pref("CT3306061.UserID", "UN15881181061475894");
Line Deleted : user_pref("CT3306061.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3306061.fullUserID", "UN15881181061475894.IN.20131116211454");
Line Deleted : user_pref("CT3306061.installDate", "16/11/2013 21:14:57");
Line Deleted : user_pref("CT3306061.installSessionId", "{A2FBC8A8-A018-4A0E-9256-675BFB8BE408}");
Line Deleted : user_pref("CT3306061.installSp", "TRUE");
Line Deleted : user_pref("CT3306061.installerVersion", "1.8.1.4");
Line Deleted : user_pref("CT3306061.keyword", "true");
Line Deleted : user_pref("CT3306061.originalHomepage", "about:home");
Line Deleted : user_pref("CT3306061.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3306061.originalSearchEngine", "");
Line Deleted : user_pref("CT3306061.originalSearchEngineName", "");
Line Deleted : user_pref("CT3306061.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3306061.searchRevert", "true");
Line Deleted : user_pref("CT3306061.searchUninstallUserMode", "2");
Line Deleted : user_pref("CT3306061.searchUserMode", "2");
Line Deleted : user_pref("CT3306061.smartbar.homepage", "true");
Line Deleted : user_pref("CT3306061.toolbarInstallDate", "16-11-2013 21:14:55");
Line Deleted : user_pref("CT3306061.versionFromInstaller", "10.22.3.18");
Line Deleted : user_pref("CT3306061.xpeMode", "0");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "Connect DLC 5 Customized Web Search");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&CUI=UN15881181061475894&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("extensions.helperbar.DockingPositionDown", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarDisabled", false);
Line Deleted : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Line Deleted : user_pref("extensions.helperbar.Visibility", false);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3306061&CUI=UN15881181061475894&UM=2&SearchSource=13");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3306061&SearchSource=2&CUI=UN15881181061475894&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3306061");
Line Deleted : user_pref("smartbar.machineId", "0OG638MOWVNNEUWUBLJELZCMVWR2KKIBHQQ8FJGHVD7VQNXVVNRYJH+WT6VNONQ97IOMFQD2PA3WGEDMFDE6YA");

*************************

AdwCleaner[R0].txt - [25597 octets] - [24/02/2014 13:14:40]
AdwCleaner[S0].txt - [23678 octets] - [24/02/2014 13:17:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23739 octets] ##########
 



#8 ReFx

ReFx
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 24 February 2014 - 05:01 PM

and here is the log for FRST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-02-2014
Ran by Owner (administrator) on OWNER-PC on 24-02-2014 13:58:34
Running from C:\Users\Owner\Downloads
Windows Vista ™ Home Premium Service Pack 2 (X64) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Avid Technology, Inc..) C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
() C:\Program Files (x86)\SMINST\BLService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Hewlett-Packard) c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2096424 2010-05-27] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [450048 2009-07-21] (IDT, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [WebInternetSecurity] - "C:\Program Files (x86)\Webinternetsecurity\WebInternetSecurity.exe"
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\Run: [WMPNSCFG] - C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {21728098-92df-11e3-a5fa-beceff9eb549} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {31f4d11d-692c-11e3-a59d-a3b126b68444} - "F:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {4133c581-0422-11e1-8b5b-00235a3b5278} - F:\unlock.exe autoplay=true
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {73e49148-4560-11e2-95d4-00235a3b5278} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {b3f31d8c-2959-11de-8532-806e6f6e6963} - E:\AutoLaunch.exe
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {b90e7dda-7422-11e2-8ddd-00235a3b5278} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-1905616980-2508883315-2640086917-1000\...\MountPoints2: {db2e5cc6-3204-11de-80da-00235a3b5278} - F:\LaunchU3.exe -a
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\bigcityadventuresf-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\blackhawk2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\blasterball3-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\buildalot2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\chuzzle-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\deathonthenile-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\diner dash - hometown hero-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\dream2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\familyfeud3-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\fate-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\golf-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hptv.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\jojosfashionshow-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\jqsolitaire2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\luxor3-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\misc.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mysterypivegas-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onplay.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\peggle-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\penguins-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\poker3-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\polar-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\polarpool-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\skype.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\slingo-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\thos-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\tpir-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\tw3_vista-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\virtual villagers - the secret city-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\virtualvillagers-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wedding dash-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\wheel of fortune-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\winbej2-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zuma-wt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
GroupPolicyUsers\S-1-5-21-1905616980-2508883315-2640086917-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
URLSearchHook: HKCU - (No Name) - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2421} URL =
SearchScopes: HKLM - {3CF2481F-854A-41B7-9CDF-7113C60591B3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM - {5D9FA932-8D8C-40EC-9192-A538B6854A52} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
SearchScopes: HKLM-x32 - {3CF2481F-854A-41B7-9CDF-7113C60591B3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKLM-x32 - {5D9FA932-8D8C-40EC-9192-A538B6854A52} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF
SearchScopes: HKCU - {0BD40B60-F34F-4263-96A5-CB964DCF586E} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN86494455522771733&UM=2
SearchScopes: HKCU - {3CF2481F-854A-41B7-9CDF-7113C60591B3} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
SearchScopes: HKCU - {476FDD4A-D6FB-4A7C-98A5-09A6A377D958} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Re-Markable - {9ddae43c-ffb2-482c-a6f9-62226370db49} - C:\Program Files (x86)\Re-Markable\150.dll ()
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -  No File
Toolbar: HKLM-x32 - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll (Microsoft Corp.)
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} -  No File
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
DPF: HKLM-x32 {4A85DBE0-BFB2-4119-8401-186A7C6EB653} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/mjss/MJSS.cab109791.cab
DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/Default/uno1/GAME_UNO1.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://mysearch.avg.com?cid={687D9572-7EEC-484A-B8D9-B09382673C0B}&mid=49d855982826374bb6767a000dd7667e-3c8cd7eb87df913e224d8775c9b186ff128fa5db&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-05 16:19:00&v=17.3.1.204&pid=safeguard&sg=0&sap=hp
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\searchplugins\yahoo_ff.xml
FF Extension: TopArcadeHits - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} [2013-09-25]
FF Extension: QuickShare Widget - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8} [2013-09-25]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2012-02-04]
FF Extension: Adblock Plus - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-12]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox
FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-10-10]
FF HKCU\...\Firefox\Extensions: [{B21F5E31-B8E8-41CD-B74C-168A71A10E49}] - C:\Users\Owner\AppData\Local\GreatArcadeHits\gahff.xpi
FF HKCU\...\Firefox\Extensions: [{3070db0f-156f-4dd5-8646-800cf1211847}] - C:\Program Files (x86)\Re-Markable\150.xpi
FF Extension: Re-Markable - C:\Program Files (x86)\Re-Markable\150.xpi [2014-02-01]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [ejdfidgapfiokiphmcjpmmjbdndepoja] - C:\Program Files (x86)\Re-Markable\150.crx [2014-02-01]

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 DigiRefresh; C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe [77824 2010-06-24] (Avid Technology, Inc..)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2013-09-24] (PasswordBox, Inc.)
R2 Recovery Service for Windows; C:\Program Files (x86)\SMINST\BLService.exe [365904 2008-09-23] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_58be29c0\STacSV64.exe [240128 2009-07-21] (IDT, Inc.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2148664 2013-01-31] (AVG)
S4 TVCapSvc; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe [296320 2008-09-24] ()
S4 TVSched; C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe [116096 2008-09-24] ()
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [36664 2013-01-31] (AVG)

==================== Drivers (Whitelisted) ====================

R1 Amfilter; C:\Windows\System32\DRIVERS\Amfltx64.sys [12288 2007-10-15] ((Standard mouse types))
S3 Amusbprt; C:\Windows\System32\DRIVERS\Amusbx64.sys [17920 2008-02-13] (A4Tech Co.,Ltd.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-12-22] (AVG Technologies)
S3 BEHRINGER_2902; C:\Windows\System32\Drivers\BUSB2902.sys [460864 2009-10-30] (BEHRINGER)
S3 BUSB_AUDIO_WDM; C:\Windows\System32\drivers\busbwdm.sys [49728 2009-10-30] (BEHRINGER)
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [125304 2012-09-10] (Focusrite Audio Engineering Limited.)
S3 MAUSBFASTTRACK; C:\Windows\System32\DRIVERS\MAudioFastTrack.sys [187912 2010-12-07] (Avid Technology, Inc.)
S3 SeratoUsb; C:\Windows\System32\Drivers\SeratoUsb.sys [41984 2009-04-25] (Cristalink Ltd)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [11880 2012-07-04] (TuneUp Software)
R2 {55662437-DA8C-40c0-AADA-2C816A897A49}; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\000.fcl [27632 2008-09-26] (Cyberlink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 motandroidusb; System32\Drivers\motoandroid.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]
S3 USBAAPL64; System32\Drivers\usbaapl64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 13:58 - 2014-02-24 13:58 - 00000000 ____D () C:\Users\Owner\Downloads\FRST-OlderVersion
2014-02-24 13:14 - 2014-02-24 13:18 - 00000000 ____D () C:\AdwCleaner
2014-02-24 13:13 - 2014-02-24 13:13 - 01241834 _____ () C:\Users\Owner\Downloads\adwcleaner(1).exe
2014-02-24 13:10 - 2014-02-24 13:10 - 00000347 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe
2014-02-24 03:19 - 2014-02-24 03:19 - 01241834 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe.part
2014-02-24 01:50 - 2014-02-24 01:51 - 00055644 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-02-24 01:49 - 2014-02-24 13:58 - 00024386 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-02-24 01:49 - 2014-02-24 13:58 - 00000000 ____D () C:\FRST
2014-02-24 01:48 - 2014-02-24 13:58 - 02156032 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-02-24 01:48 - 2014-02-24 01:48 - 01144320 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe.part
2014-02-24 00:26 - 2014-02-24 00:37 - 00025644 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-24 00:26 - 2014-02-24 00:26 - 00021269 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-24 00:23 - 2014-02-24 00:23 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-02-22 22:21 - 2014-02-22 22:25 - 00000000 ____D () C:\Mix1
2014-02-18 21:23 - 2014-02-18 21:23 - 00001961 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-18 21:23 - 2014-02-18 21:23 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-02-18 21:23 - 2014-02-18 21:23 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-02-18 21:17 - 2014-02-18 21:18 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Owner\Downloads\AdobeAIRInstaller.exe
2014-02-18 21:05 - 2014-02-18 21:05 - 00000480 _____ () C:\Users\Public\Desktop\PDG GOLD NCO - 2013.lnk
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\TVSwfs
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\testmaker
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\styles
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\security
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\mcmprint
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\mcmcalendar
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\Help
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\game_swf
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\dictionaries
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\assets
2014-02-18 21:04 - 2014-02-18 21:04 - 17102683 _____ () C:\DressRight.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 11471414 _____ () C:\shell.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 10583305 _____ () C:\pirates.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 09488295 _____ () C:\macjack.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 06574705 _____ () C:\whack.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 06359040 _____ () C:\pdg.db
2014-02-18 21:04 - 2014-02-18 21:04 - 05399449 _____ () C:\goldrush.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 04957429 _____ () C:\starsandstripes.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 04010179 _____ () C:\GoldMind.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03293743 _____ () C:\themegames.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03272629 _____ () C:\dontfall.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03210738 _____ () C:\study_mc.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02734923 _____ () C:\testflight.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02663648 _____ () C:\showdown.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02347874 _____ () C:\study_sa.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02321984 _____ () C:\study_rn.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02206173 _____ () C:\target.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01342406 _____ () C:\setup.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01307173 _____ () C:\main.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01082450 _____ () C:\finalexam.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00804808 _____ () C:\dangerzone.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00542362 _____ () C:\testmaker.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00510138 _____ () C:\game_mc.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00306983 _____ () C:\reviewnotes.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00299314 _____ () C:\arcade_game.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00258804 _____ () C:\manifest.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00196415 _____ () C:\flashcards.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00156308 _____ () C:\textLayout_1.0.0.595.swz
2014-02-18 21:04 - 2014-02-18 21:04 - 00142336 _____ () C:\PDG GOLD NCO - 2013.exe
2014-02-18 21:04 - 2014-02-18 21:04 - 00122535 _____ () C:\DressRightData.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00093928 _____ () C:\DexRibbons.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00078760 _____ () C:\fileBackup.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00062697 _____ () C:\arcade.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00053881 _____ () C:\pdg.db_acros.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00047975 _____ () C:\query_manager.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00047054 _____ () C:\bases.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00030006 _____ () C:\_fonts.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00004361 _____ () C:\words.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000885 _____ () C:\wapsCalc.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000660 _____ () C:\printqa.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000646 _____ () C:\LogViewer.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000627 _____ () C:\DatePicker.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000613 _____ () C:\acro_editor.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000607 _____ () C:\about.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000482 _____ () C:\updater_config.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000428 _____ () C:\defaults.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000353 _____ () C:\Users\Owner\AppData\Roaming\com.mcmguides.pdg.NCO.2013_state.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000226 _____ () C:\AdobeSpellingConfig.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000182 _____ () C:\levelNames.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000153 _____ () C:\relnotes.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000059 _____ () C:\mimetype
2014-02-18 20:39 - 2014-02-18 21:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.mcmguides.pdg.NCO.2013
2014-02-16 02:00 - 2014-02-16 02:00 - 01332064 _____ (Koyote-Lab Inc) C:\Users\Owner\Downloads\FreeEasyCDDVDBurnerSetup-r20-n-bf.exe
2014-02-16 01:51 - 2014-02-16 01:58 - 00000000 ____D () C:\Program Files (x86)\mp3cd
2014-02-16 01:50 - 2014-02-16 01:50 - 00930440 _____ (CNET Download.com) C:\Users\Owner\Downloads\cbsidlm-cbsi176-MP3_CD_Maker-ORG-10065486.exe
2014-02-15 22:25 - 2014-02-15 22:25 - 00000000 ____D () C:\Users\Owner\Downloads\Neon (Ummet Ozcan Remix) Remake
2014-02-15 22:22 - 2014-02-15 22:23 - 07032743 _____ () C:\Users\Owner\Downloads\Neon (Ummet Ozcan Remix) Remake.zip
2014-02-15 10:49 - 2014-02-05 02:19 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-15 10:49 - 2014-02-05 02:02 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-15 10:49 - 2014-02-05 02:00 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-15 10:49 - 2014-02-05 01:54 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-15 10:49 - 2014-02-05 01:54 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-15 10:49 - 2014-02-05 01:52 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-15 10:49 - 2014-02-05 01:52 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-15 10:49 - 2014-02-05 01:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-15 10:49 - 2014-02-05 01:51 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-15 10:49 - 2014-02-05 01:50 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-15 10:49 - 2014-02-05 01:50 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-15 10:49 - 2014-02-05 01:50 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-15 10:49 - 2014-02-05 00:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-15 10:49 - 2014-02-05 00:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-15 10:49 - 2014-02-05 00:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-15 10:49 - 2014-02-05 00:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-15 10:49 - 2014-02-05 00:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-15 10:49 - 2014-02-05 00:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-15 10:49 - 2014-02-05 00:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-15 10:49 - 2014-02-05 00:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-15 10:49 - 2014-02-05 00:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-15 10:49 - 2014-02-05 00:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-15 10:49 - 2014-02-05 00:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-15 10:49 - 2014-02-05 00:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-15 10:49 - 2014-02-05 00:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-15 10:49 - 2014-02-05 00:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-15 10:49 - 2014-02-05 00:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-15 10:49 - 2014-02-05 00:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\499351df9dc08935c2ae
2014-02-14 18:23 - 2013-12-04 20:48 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 18:23 - 2013-12-04 18:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-06 19:01 - 2014-02-06 19:51 - 00000000 ____D () C:\Users\Owner\Downloads\Vengeance Sound Trap Essentials Vol.1 [PAZ]
2014-02-06 19:01 - 2014-02-06 19:01 - 00050213 _____ () C:\Users\Owner\Downloads\[kickasstorrents.come.in]vengeance.sound.trap.essentials.vol.1.paz.torrent
2014-02-06 18:36 - 2014-02-06 20:15 - 00000000 ____D () C:\Users\Owner\Desktop\S3 Data
2014-02-06 17:16 - 2014-02-06 17:41 - 00000000 ____D () C:\Users\Owner\Downloads\About Time (2013) [1080p]
2014-02-06 17:15 - 2014-02-06 17:15 - 00019614 _____ () C:\Users\Owner\Downloads\About_Time_2013_1080p_BluRay_x264_YIFY_mp4.torrent
2014-02-06 17:12 - 2014-02-06 18:43 - 00000000 ____D () C:\Users\Owner\Downloads\Ender's Game (2013) [1080p]
2014-02-06 17:12 - 2014-02-06 17:30 - 00000000 ____D () C:\Users\Owner\Downloads\Frozen 2013 DVDSCR x264 AC3-JYK
2014-02-06 17:11 - 2014-02-06 17:11 - 00016856 _____ () C:\Users\Owner\Downloads\Frozen 2013 DVDSCR x264 AC3-JYK [2826947].torrent
2014-02-06 17:10 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\Owner\Downloads\Don.Jon.2013.DVDRip.XviD-eXceSs
2014-02-06 17:08 - 2014-02-06 17:08 - 00017618 _____ () C:\Users\Owner\Downloads\Enders_Game_2013_1080p_BluRay_x264_YIFY_mp4.torrent
2014-02-05 19:14 - 2014-02-05 19:14 - 00000000 ____D () C:\Users\Owner\Downloads\Mystica
2014-02-05 19:13 - 2014-02-05 19:13 - 03527259 _____ () C:\Users\Owner\Downloads\Mystica.zip
2014-02-02 19:11 - 2014-02-02 19:11 - 01754228 _____ () C:\Users\Owner\Downloads\blahpflapflapwillplayaroundmore2.flp
2014-02-01 21:52 - 2014-02-01 21:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\dvdcss
2014-02-01 21:06 - 2014-02-01 21:40 - 00000000 ____D () C:\Users\Owner\Downloads\I Am Hardwell (2013) DTS Eng Sp NL Subs DVDRip-NLU002
2014-02-01 20:16 - 2014-02-06 18:30 - 3442802989 _____ () C:\Users\Owner\Downloads\ReFX Nexus 2.5.9 VSTi + Expansions-AIR.rar
2014-02-01 20:13 - 2014-02-01 20:13 - 00033608 _____ () C:\Users\Owner\Downloads\ReFX_Nexus_2.5.9_VSTi_ _Expansions-AIR.rar
2014-02-01 20:13 - 2014-02-01 20:13 - 00000000 ____D () C:\Users\Owner\Downloads\ReFX_Nexus_2.5.9_VSTi_ _Expansions-AIR
2014-02-01 20:10 - 2014-02-01 20:10 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1905616980-2508883315-2640086917-1000
2014-02-01 20:10 - 2014-02-01 20:10 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1905616980-2508883315-2640086917-1000
2014-02-01 20:10 - 2014-02-01 20:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\WebInternetSecurity
2014-02-01 20:04 - 2014-02-24 13:52 - 00000394 _____ () C:\Windows\Tasks\Re-Markable Update.job
2014-02-01 20:04 - 2014-02-10 22:47 - 00000000 ____D () C:\Program Files (x86)\Re-Markable
2014-02-01 20:04 - 2014-02-01 20:04 - 00003042 _____ () C:\Windows\System32\Tasks\Re-Markable Update
2014-02-01 20:01 - 2014-02-01 20:15 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-01 19:59 - 2014-02-01 20:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Real
2014-02-01 19:57 - 2014-02-01 19:58 - 00476688 _____ () C:\Users\Owner\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2014-02-01 17:21 - 2014-02-18 17:51 - 00000000 ____D () C:\Bovada
2014-02-01 17:21 - 2014-02-01 17:22 - 00417068 _____ () C:\Users\Owner\AppData\Local\dd_vcredistMSI7E3C.txt
2014-02-01 17:21 - 2014-02-01 17:22 - 00011444 _____ () C:\Users\Owner\AppData\Local\dd_vcredistUI7E3C.txt
2014-02-01 17:21 - 2014-02-01 17:21 - 00000391 _____ () C:\Users\Public\Desktop\BovadaPoker.lnk
2014-02-01 17:17 - 2014-02-01 17:18 - 00685816 _____ ( ) C:\Users\Owner\Downloads\BovadaPokerClient(1).exe
2014-02-01 17:17 - 2014-02-01 17:17 - 00685816 _____ ( ) C:\Users\Owner\Downloads\BovadaPokerClient.exe
2014-01-25 20:36 - 2014-01-25 20:36 - 00000000 ____D () C:\Users\Owner\Downloads\ReFX Nexus 2.5.9 VSTi + Expansions-AIR
2014-01-25 17:19 - 2014-01-25 17:19 - 00000000 ____D () C:\Users\Owner\Downloads\Vengeance Dirty Electro Vol.2

==================== One Month Modified Files and Folders =======

2014-02-24 13:59 - 2014-02-24 01:49 - 00024386 _____ () C:\Users\Owner\Downloads\FRST.txt
2014-02-24 13:58 - 2014-02-24 13:58 - 00000000 ____D () C:\Users\Owner\Downloads\FRST-OlderVersion
2014-02-24 13:58 - 2014-02-24 01:49 - 00000000 ____D () C:\FRST
2014-02-24 13:58 - 2014-02-24 01:48 - 02156032 _____ (Farbar) C:\Users\Owner\Downloads\FRST64.exe
2014-02-24 13:52 - 2014-02-01 20:04 - 00000394 _____ () C:\Windows\Tasks\Re-Markable Update.job
2014-02-24 13:51 - 2013-12-30 22:11 - 00350258 _____ () C:\Windows\PFRO.log
2014-02-24 13:51 - 2006-11-02 07:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-24 13:51 - 2006-11-02 07:22 - 00003424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-24 13:51 - 2006-11-02 07:22 - 00003424 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-24 13:49 - 2009-03-26 17:03 - 02056865 _____ () C:\Windows\WindowsUpdate.log
2014-02-24 13:49 - 2008-10-19 21:53 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-02-24 13:49 - 2006-11-02 07:42 - 00032548 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-24 13:30 - 2013-03-19 20:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-24 13:18 - 2014-02-24 13:14 - 00000000 ____D () C:\AdwCleaner
2014-02-24 13:13 - 2014-02-24 13:13 - 01241834 _____ () C:\Users\Owner\Downloads\adwcleaner(1).exe
2014-02-24 13:11 - 2011-09-16 16:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-24 13:10 - 2014-02-24 13:10 - 00000347 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe
2014-02-24 03:25 - 2006-11-02 07:21 - 04965800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-24 03:19 - 2014-02-24 03:19 - 01241834 _____ () C:\Users\Owner\Downloads\AdwCleaner.exe.part
2014-02-24 03:17 - 2009-04-14 17:16 - 00116200 _____ () C:\Users\Owner\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-24 01:51 - 2014-02-24 01:50 - 00055644 _____ () C:\Users\Owner\Downloads\Addition.txt
2014-02-24 01:49 - 2008-10-19 23:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-02-24 01:48 - 2014-02-24 01:48 - 01144320 _____ (Farbar) C:\Users\Owner\Downloads\FRST.exe.part
2014-02-24 00:37 - 2014-02-24 00:26 - 00025644 _____ () C:\Users\Owner\Desktop\dds.txt
2014-02-24 00:26 - 2014-02-24 00:26 - 00021269 _____ () C:\Users\Owner\Desktop\attach.txt
2014-02-24 00:23 - 2014-02-24 00:23 - 00688992 ____R (Swearware) C:\Users\Owner\Downloads\dds.com
2014-02-24 00:09 - 2012-07-29 15:29 - 00002408 _____ () C:\Users\Owner\Desktop\New Text Document.txt
2014-02-23 21:24 - 2013-10-10 18:11 - 00000000 ____D () C:\Program Files (x86)\PasswordBox
2014-02-22 22:25 - 2014-02-22 22:21 - 00000000 ____D () C:\Mix1
2014-02-21 01:17 - 2011-10-29 15:32 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-02-20 22:29 - 2013-03-19 20:32 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-20 22:29 - 2013-03-19 20:32 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-20 22:29 - 2011-09-18 14:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-18 21:24 - 2009-04-21 15:48 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2014-02-18 21:23 - 2014-02-18 21:23 - 00001961 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-18 21:23 - 2014-02-18 21:23 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-02-18 21:23 - 2014-02-18 21:23 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-02-18 21:21 - 2014-02-18 20:39 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.mcmguides.pdg.NCO.2013
2014-02-18 21:18 - 2014-02-18 21:17 - 18126032 _____ (Adobe Systems Inc.) C:\Users\Owner\Downloads\AdobeAIRInstaller.exe
2014-02-18 21:18 - 2011-08-26 14:49 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2014-02-18 21:18 - 2008-10-19 23:17 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-18 21:05 - 2014-02-18 21:05 - 00000480 _____ () C:\Users\Public\Desktop\PDG GOLD NCO - 2013.lnk
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\TVSwfs
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\testmaker
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\styles
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\security
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\mcmprint
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\mcmcalendar
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\Help
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\game_swf
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\dictionaries
2014-02-18 21:05 - 2014-02-18 21:05 - 00000000 ____D () C:\assets
2014-02-18 21:04 - 2014-02-18 21:04 - 17102683 _____ () C:\DressRight.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 11471414 _____ () C:\shell.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 10583305 _____ () C:\pirates.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 09488295 _____ () C:\macjack.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 06574705 _____ () C:\whack.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 06359040 _____ () C:\pdg.db
2014-02-18 21:04 - 2014-02-18 21:04 - 05399449 _____ () C:\goldrush.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 04957429 _____ () C:\starsandstripes.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 04010179 _____ () C:\GoldMind.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03293743 _____ () C:\themegames.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03272629 _____ () C:\dontfall.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 03210738 _____ () C:\study_mc.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02734923 _____ () C:\testflight.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02663648 _____ () C:\showdown.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02347874 _____ () C:\study_sa.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02321984 _____ () C:\study_rn.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 02206173 _____ () C:\target.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01342406 _____ () C:\setup.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01307173 _____ () C:\main.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 01082450 _____ () C:\finalexam.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00804808 _____ () C:\dangerzone.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00542362 _____ () C:\testmaker.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00510138 _____ () C:\game_mc.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00306983 _____ () C:\reviewnotes.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00299314 _____ () C:\arcade_game.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00258804 _____ () C:\manifest.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00196415 _____ () C:\flashcards.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00156308 _____ () C:\textLayout_1.0.0.595.swz
2014-02-18 21:04 - 2014-02-18 21:04 - 00142336 _____ () C:\PDG GOLD NCO - 2013.exe
2014-02-18 21:04 - 2014-02-18 21:04 - 00122535 _____ () C:\DressRightData.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00093928 _____ () C:\DexRibbons.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00078760 _____ () C:\fileBackup.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00062697 _____ () C:\arcade.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00053881 _____ () C:\pdg.db_acros.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00047975 _____ () C:\query_manager.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00047054 _____ () C:\bases.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00030006 _____ () C:\_fonts.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00004361 _____ () C:\words.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000885 _____ () C:\wapsCalc.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000660 _____ () C:\printqa.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000646 _____ () C:\LogViewer.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000627 _____ () C:\DatePicker.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000613 _____ () C:\acro_editor.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000607 _____ () C:\about.swf
2014-02-18 21:04 - 2014-02-18 21:04 - 00000482 _____ () C:\updater_config.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000428 _____ () C:\defaults.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000353 _____ () C:\Users\Owner\AppData\Roaming\com.mcmguides.pdg.NCO.2013_state.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000226 _____ () C:\AdobeSpellingConfig.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000182 _____ () C:\levelNames.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000153 _____ () C:\relnotes.xml
2014-02-18 21:04 - 2014-02-18 21:04 - 00000059 _____ () C:\mimetype
2014-02-18 17:51 - 2014-02-01 17:21 - 00000000 ____D () C:\Bovada
2014-02-16 21:34 - 2011-10-28 20:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\BitTorrent
2014-02-16 02:11 - 2011-10-08 13:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\FreeBurner
2014-02-16 02:01 - 2013-08-16 06:45 - 00000993 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Easy CD DVD Burner.lnk
2014-02-16 02:01 - 2013-08-16 06:44 - 00000941 _____ () C:\Users\Owner\Desktop\Free Easy Burner.lnk
2014-02-16 02:01 - 2011-10-08 13:15 - 00000000 ____D () C:\Program Files (x86)\Free Easy CD DVD Burner
2014-02-16 02:00 - 2014-02-16 02:00 - 01332064 _____ (Koyote-Lab Inc) C:\Users\Owner\Downloads\FreeEasyCDDVDBurnerSetup-r20-n-bf.exe
2014-02-16 01:58 - 2014-02-16 01:51 - 00000000 ____D () C:\Program Files (x86)\mp3cd
2014-02-16 01:50 - 2014-02-16 01:50 - 00930440 _____ (CNET Download.com) C:\Users\Owner\Downloads\cbsidlm-cbsi176-MP3_CD_Maker-ORG-10065486.exe
2014-02-15 22:25 - 2014-02-15 22:25 - 00000000 ____D () C:\Users\Owner\Downloads\Neon (Ummet Ozcan Remix) Remake
2014-02-15 22:23 - 2014-02-15 22:22 - 07032743 _____ () C:\Users\Owner\Downloads\Neon (Ummet Ozcan Remix) Remake.zip
2014-02-15 12:59 - 2013-11-10 22:28 - 02198445 _____ () C:\Users\Owner\Downloads\Traplol3.flp
2014-02-15 12:38 - 2013-05-22 21:42 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\iZotope
2014-02-15 11:08 - 2012-05-06 14:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-15 10:56 - 2013-07-21 10:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 10:51 - 2006-11-02 04:35 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-15 10:45 - 2013-12-20 06:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-15 10:36 - 2012-07-21 17:29 - 00753386 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-15 10:36 - 2006-11-02 04:46 - 00753386 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\499351df9dc08935c2ae
2014-02-15 10:31 - 2006-11-02 04:34 - 00000219 _____ () C:\Windows\win.ini
2014-02-14 06:35 - 2013-12-30 21:37 - 00001057 _____ () C:\Windows\setupact.log
2014-02-10 22:47 - 2014-02-01 20:04 - 00000000 ____D () C:\Program Files (x86)\Re-Markable
2014-02-10 21:42 - 2009-04-14 17:11 - 00000000 ____D () C:\Users\Owner
2014-02-08 21:18 - 2012-10-15 11:35 - 00000000 ___HD () C:\Users\Owner\AppData\Local\O6rJF6sMYgNaA36
2014-02-08 21:18 - 2011-11-14 16:43 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\PACE Anti-Piracy
2014-02-08 21:18 - 2011-11-14 16:43 - 00000000 ____D () C:\ProgramData\PACE Anti-Piracy
2014-02-06 20:15 - 2014-02-06 18:36 - 00000000 ____D () C:\Users\Owner\Desktop\S3 Data
2014-02-06 19:51 - 2014-02-06 19:01 - 00000000 ____D () C:\Users\Owner\Downloads\Vengeance Sound Trap Essentials Vol.1 [PAZ]
2014-02-06 19:01 - 2014-02-06 19:01 - 00050213 _____ () C:\Users\Owner\Downloads\[kickasstorrents.come.in]vengeance.sound.trap.essentials.vol.1.paz.torrent
2014-02-06 18:43 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\Owner\Downloads\Ender's Game (2013) [1080p]
2014-02-06 18:30 - 2014-02-01 20:16 - 3442802989 _____ () C:\Users\Owner\Downloads\ReFX Nexus 2.5.9 VSTi + Expansions-AIR.rar
2014-02-06 17:41 - 2014-02-06 17:16 - 00000000 ____D () C:\Users\Owner\Downloads\About Time (2013) [1080p]
2014-02-06 17:30 - 2014-02-06 17:12 - 00000000 ____D () C:\Users\Owner\Downloads\Frozen 2013 DVDSCR x264 AC3-JYK
2014-02-06 17:15 - 2014-02-06 17:15 - 00019614 _____ () C:\Users\Owner\Downloads\About_Time_2013_1080p_BluRay_x264_YIFY_mp4.torrent
2014-02-06 17:12 - 2014-02-06 17:10 - 00000000 ____D () C:\Users\Owner\Downloads\Don.Jon.2013.DVDRip.XviD-eXceSs
2014-02-06 17:11 - 2014-02-06 17:11 - 00016856 _____ () C:\Users\Owner\Downloads\Frozen 2013 DVDSCR x264 AC3-JYK [2826947].torrent
2014-02-06 17:08 - 2014-02-06 17:08 - 00017618 _____ () C:\Users\Owner\Downloads\Enders_Game_2013_1080p_BluRay_x264_YIFY_mp4.torrent
2014-02-05 19:14 - 2014-02-05 19:14 - 00000000 ____D () C:\Users\Owner\Downloads\Mystica
2014-02-05 19:13 - 2014-02-05 19:13 - 03527259 _____ () C:\Users\Owner\Downloads\Mystica.zip
2014-02-05 16:19 - 2013-05-27 16:56 - 00003745 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2014-02-05 16:19 - 2013-05-02 08:54 - 00000000 ____D () C:\Windows\SysWOW64\cache
2014-02-05 02:19 - 2014-02-15 10:49 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 02:02 - 2014-02-15 10:49 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 02:00 - 2014-02-15 10:49 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 01:54 - 2014-02-15 10:49 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 01:54 - 2014-02-15 10:49 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 01:52 - 2014-02-15 10:49 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 01:52 - 2014-02-15 10:49 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 01:52 - 2014-02-15 10:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 01:51 - 2014-02-15 10:49 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 01:50 - 2014-02-15 10:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 01:50 - 2014-02-15 10:49 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-05 01:50 - 2014-02-15 10:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 00:58 - 2014-02-15 10:49 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-05 00:56 - 2014-02-15 10:49 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-05 00:53 - 2014-02-15 10:49 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-05 00:51 - 2014-02-15 10:49 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-05 00:50 - 2014-02-15 10:49 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-05 00:49 - 2014-02-15 10:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-05 00:49 - 2014-02-15 10:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-05 00:48 - 2014-02-15 10:49 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-05 00:48 - 2014-02-15 10:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-02-05 00:48 - 2014-02-15 10:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-05 00:48 - 2014-02-15 10:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-05 00:48 - 2014-02-15 10:49 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-05 00:47 - 2014-02-15 10:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-05 00:47 - 2014-02-15 10:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-05 00:47 - 2014-02-15 10:49 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-05 00:46 - 2014-02-15 10:49 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-02 19:11 - 2014-02-02 19:11 - 01754228 _____ () C:\Users\Owner\Downloads\blahpflapflapwillplayaroundmore2.flp
2014-02-01 21:57 - 2012-02-08 09:05 - 00000680 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2014-02-01 21:57 - 2011-09-08 19:17 - 00000732 _____ () C:\Users\Owner\AppData\Local\d3d9caps64.dat
2014-02-01 21:52 - 2014-02-01 21:52 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\dvdcss
2014-02-01 21:40 - 2014-02-01 21:06 - 00000000 ____D () C:\Users\Owner\Downloads\I Am Hardwell (2013) DTS Eng Sp NL Subs DVDRip-NLU002
2014-02-01 20:23 - 2009-04-14 17:15 - 00000000 ___RD () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-01 20:15 - 2014-02-01 20:01 - 00000000 ____D () C:\Program Files (x86)\Real
2014-02-01 20:15 - 2014-02-01 19:59 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Real
2014-02-01 20:15 - 2013-07-16 13:25 - 00000000 ____D () C:\ProgramData\Real
2014-02-01 20:13 - 2014-02-01 20:13 - 00033608 _____ () C:\Users\Owner\Downloads\ReFX_Nexus_2.5.9_VSTi_ _Expansions-AIR.rar
2014-02-01 20:13 - 2014-02-01 20:13 - 00000000 ____D () C:\Users\Owner\Downloads\ReFX_Nexus_2.5.9_VSTi_ _Expansions-AIR
2014-02-01 20:10 - 2014-02-01 20:10 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1905616980-2508883315-2640086917-1000
2014-02-01 20:10 - 2014-02-01 20:10 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1905616980-2508883315-2640086917-1000
2014-02-01 20:10 - 2014-02-01 20:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\WebInternetSecurity
2014-02-01 20:04 - 2014-02-01 20:04 - 00003042 _____ () C:\Windows\System32\Tasks\Re-Markable Update
2014-02-01 19:58 - 2014-02-01 19:57 - 00476688 _____ () C:\Users\Owner\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe
2014-02-01 17:22 - 2014-02-01 17:21 - 00417068 _____ () C:\Users\Owner\AppData\Local\dd_vcredistMSI7E3C.txt
2014-02-01 17:22 - 2014-02-01 17:21 - 00011444 _____ () C:\Users\Owner\AppData\Local\dd_vcredistUI7E3C.txt
2014-02-01 17:21 - 2014-02-01 17:21 - 00000391 _____ () C:\Users\Public\Desktop\BovadaPoker.lnk
2014-02-01 17:18 - 2014-02-01 17:17 - 00685816 _____ ( ) C:\Users\Owner\Downloads\BovadaPokerClient(1).exe
2014-02-01 17:17 - 2014-02-01 17:17 - 00685816 _____ ( ) C:\Users\Owner\Downloads\BovadaPokerClient.exe
2014-01-25 20:36 - 2014-01-25 20:36 - 00000000 ____D () C:\Users\Owner\Downloads\ReFX Nexus 2.5.9 VSTi + Expansions-AIR
2014-01-25 17:20 - 2009-04-14 22:41 - 00172032 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-25 17:19 - 2014-01-25 17:19 - 00000000 ____D () C:\Users\Owner\Downloads\Vengeance Dirty Electro Vol.2

Files to move or delete:
====================
C:\ProgramData\SymUpdate.exe


Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\Quarantine.exe
C:\Users\Owner\AppData\Local\Temp\SearchProtectionSetup.exe
C:\Users\Owner\AppData\Local\Temp\System.Data.SQLite.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-24 13:58

==================== End Of Log ============================



#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 25 February 2014 - 02:55 AM

Very good.
Now do the following fix. How is your computer running afterwards? Which problems still persist?


Please download this attached Attached File  fixlist.txt   1.55KB   5 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to same location the tool was run from.
    Please copy and paste its contents in your next reply.


#10 ReFx

ReFx
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 25 February 2014 - 03:30 AM

no more annoying pop ups and advertisement :bananas:

 

just like magic...thanks!

 

here is the fixlog

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-02-2014
Ran by Owner at 2014-02-25 00:18:13 Run:1
Running from C:\Users\Owner\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKLM-x32\...\Run: [WebInternetSecurity] - "C:\Program Files (x86)\Webinternetsecurity\WebInternetSecurity.exe"
C:\Program Files (x86)\Webinternetsecurity
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
GroupPolicyUsers\S-1-5-21-1905616980-2508883315-2640086917-1001\User: Group Policy restriction detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com/?type=714647&fr=spigot-yhp-ie
SearchScopes: HKCU - {0BD40B60-F34F-4263-96A5-CB964DCF586E} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3306061&CUI=UN86494455522771733&UM=2
BHO-x32: Re-Markable - {9ddae43c-ffb2-482c-a6f9-62226370db49} - C:\Program Files (x86)\Re-Markable\150.dll ()
C:\Program Files (x86)\Re-Markable
FF HKCU\...\Firefox\Extensions: [{3070db0f-156f-4dd5-8646-800cf1211847}] - C:\Program Files (x86)\Re-Markable\150.xpi
FF Extension: Re-Markable - C:\Program Files (x86)\Re-Markable\150.xpi [2014-02-01]
CHR HKLM-x32\...\Chrome\Extension: [ejdfidgapfiokiphmcjpmmjbdndepoja] - C:\Program Files (x86)\Re-Markable\150.crx [2014-02-01]
FF Extension: QuickShare Widget - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8} [2013-09-25]
2014-02-01 20:10 - 2014-02-01 20:10 - 00000000 ____D () C:\Users\Owner\AppData\Local\WebInternetSecurity
2014-02-01 20:04 - 2014-02-01 20:04 - 00003042 _____ () C:\Windows\System32\Tasks\Re-Markable Update
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\WebInternetSecurity => Value deleted successfully.
"C:\Program Files (x86)\Webinternetsecurity" => File/Directory not found.
"C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll" => Value Data removed successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-1905616980-2508883315-2640086917-1001\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0BD40B60-F34F-4263-96A5-CB964DCF586E} => Key deleted successfully.
HKCR\CLSID\{0BD40B60-F34F-4263-96A5-CB964DCF586E} => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9ddae43c-ffb2-482c-a6f9-62226370db49} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{9ddae43c-ffb2-482c-a6f9-62226370db49} => Key deleted successfully.
C:\Program Files (x86)\Re-Markable => Moved successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\{3070db0f-156f-4dd5-8646-800cf1211847} => Value deleted successfully.
C:\Program Files (x86)\Re-Markable\150.xpi not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ejdfidgapfiokiphmcjpmmjbdndepoja => Key deleted successfully.
"C:\Program Files (x86)\Re-Markable\150.crx" => File/Directory not found.
C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8} => Moved successfully.
C:\Users\Owner\AppData\Local\WebInternetSecurity => Moved successfully.
C:\Windows\System32\Tasks\Re-Markable Update => Moved successfully.


The system needs a manual reboot.

==== End of Fixlog ====



#11 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 25 February 2014 - 03:36 AM

Great!
So let's do a final check up then to make sure that no more malicious files show up:


Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
  • Note: Do not forget to re-enable your antivirus application after running the above scan!


#12 ReFx

ReFx
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:04:59 AM

Posted 26 February 2014 - 06:18 PM

Thank you sir,

 

here is the log for ESET, said it found 75 infected files..

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=84fb6ea1792796408f913284e7c4501e
# engine=17232
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-02-26 04:10:57
# local_time=2014-02-26 08:10:57 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=5892 16776574 100 100 76458465 230029763 0 0
# scanned=382281
# found=75
# cleaned=0
# scan_time=20991
sh=245E258FE57EF5B4D6B0812DE929E2E98956DBE2 ft=1 fh=e9abe8efb2d2eda1 vn="Win32/DownloadAdmin.G potentially unwanted application" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-1905616980-2508883315-2640086917-1000\$RCWV8IM.exe"
sh=80DC1B8044FE7F2BC57777F9559C5050B1DF5736 ft=1 fh=3a2e66d2f7d1673f vn="a variant of Win32/AdWare.Adpeak.D application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe.vir"
sh=408E4906C3F215C0E44282D24B340DAF03D014A4 ft=1 fh=94d81bcdb603e2f9 vn="a variant of Win64/Adware.Adpeak.C application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe.vir"
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=C58417722C0B741EA8D55D06914E692180900885 ft=1 fh=f4976c33c2ff8570 vn="Win32/Toolbar.Conduit.V potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Connect_DLC_5\Connect_DLC_5ToolbarHelper.exe.vir"
sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Connect_DLC_5\hk64tbConn.dll.vir"
sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Connect_DLC_5\hktbConn.dll.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Connect_DLC_5\ldrtbConn.dll.vir"
sh=49F05B2770D4CAE7550D8268FDCF50E3BAEBB7CC ft=1 fh=f6f4f0e4f3b1176c vn="Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Connect_DLC_5\prxtbConn.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Connect_DLC_5\tbConn.dll.vir"
sh=639EC700B0AE3E4022B0E2194154C35804C1495D ft=1 fh=cea679b0d15a81f3 vn="Win64/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MixiDJ_V37\hk64tbMixi.dll.vir"
sh=E81DDA2EB87C2B9FC5567266DCB0F473CA8879DD ft=1 fh=ce9365354cde4d2d vn="Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MixiDJ_V37\hktbMixi.dll.vir"
sh=BB64EAB4A8D339B38E2C84ECCDC1EB9BCB508661 ft=1 fh=b9050071cbb9d4b1 vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MixiDJ_V37\ldrtbMixi.dll.vir"
sh=2C045C32F1C57A81BE00FDFF133AEBB50C693ED0 ft=1 fh=c72f580699259768 vn="Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll.vir"
sh=41565A5C7C5DE65C949CC2C3566265E05A0BA782 ft=1 fh=95024ab9b65b3320 vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MixiDJ_V37\tbMixi.dll.vir"
sh=A033CC58A848309C839C636370383A81481BD426 ft=1 fh=cc9ff824932b8bdf vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Prism\prism.exe.vir"
sh=31D8C3EDE22AFD8B1CA5CAC4FDD27A245F6CC7B6 ft=1 fh=5dda5872f4087e13 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Prism\prismsetup_v1.82.exe.vir"
sh=7841824088542F907AD2A804AE53FE62D201E298 ft=1 fh=36a1bcee932b8bdf vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\Prism\uninst.exe.vir"
sh=A697B34B3447DCF1CE2A9343C9324FD93B330C5F ft=1 fh=0ebccbbfe8285be0 vn="a variant of Win32/Toolbar.Conduit.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\WavePad\uninst.exe.vir"
sh=10109EF0E5644A5E9C99B1A61E6A5058BAA1BE22 ft=1 fh=f4828f75e8285be0 vn="a variant of Win32/Toolbar.Conduit.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\WavePad\wavepad.exe.vir"
sh=8556DCFE6A3649298E88F6C715AF130CBD9AF29A ft=1 fh=7d7b0c2c230bf45e vn="a variant of Win32/Toolbar.Conduit.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\NCH Software\WavePad\wpsetup_v5.02.exe.vir"
sh=F78886499FB89659025325395990157CB22F2872 ft=1 fh=ac1f9e8b89f73bab vn="a variant of Win32/AdWare.Adpeak.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\CustomActionInstall.vir"
sh=C9681A9E2E9BB9AA393472F7BABAF6B1976E54E9 ft=1 fh=5839279b415b7fbc vn="a variant of Win32/AdWare.Adpeak.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\CustomActionUninstall.vir"
sh=95002853221B674FFD6DD378925D8C3840AB7922 ft=1 fh=0ba32f5e40bfce9c vn="a variant of Win32/AdWare.Adpeak.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ScorpionSaver\IECore.dll.vir"
sh=4B5D3F28D53D4B23D42D87A1DB8B5400AED41984 ft=1 fh=6f98768c3952313c vn="Win32/Conduit.SearchProtect.F potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\CltMngSvc.exe.vir"
sh=341E8F6AA8D19A8D8A6C19E33C678B74772650B1 ft=1 fh=d05a6ea6d0937c00 vn="a variant of Win32/Conduit.SearchProtect.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\cltmng.exe.vir"
sh=AFF6026DD64A6AD95B73CD2D1EE61EAEBA192C4E ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\bootstrap.js.old.vir"
sh=2EA8702D4000B6CFA7567B855CC4CB6C8A0F52DB ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\bootstrap.js.vir"
sh=3E96B9735719402FC4DF891275A3B0CEACABC6F1 ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\oclgomenfkljhfkfflghppidonpkljjg\5.0_0\manifest.json.vir"
sh=068A54F966DB6AC14BCA0E39E2A99E3F0027304D ft=1 fh=39f7a16b0423d981 vn="Win64/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\Connect_DLC_5\hk64tbConn.dll.vir"
sh=CC6AF3A384A61C1C621BA5AB43583E82FF281530 ft=1 fh=bbbd034bf7d0bf76 vn="Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\Connect_DLC_5\hktbConn.dll.vir"
sh=9B3B44428CC80CC43F085AE514E7E16F7963EACC ft=1 fh=4c03fc1250fa29f9 vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\Connect_DLC_5\ldrtbConn.dll.vir"
sh=33457E2F2405727124C107D6DEAF24C94E992463 ft=1 fh=e719e166edfd7994 vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\Connect_DLC_5\tbConn.dll.vir"
sh=639EC700B0AE3E4022B0E2194154C35804C1495D ft=1 fh=cea679b0d15a81f3 vn="Win64/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\MixiDJ_V37\hk64tbMixi.dll.vir"
sh=E81DDA2EB87C2B9FC5567266DCB0F473CA8879DD ft=1 fh=ce9365354cde4d2d vn="Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\MixiDJ_V37\hktbMixi.dll.vir"
sh=BB64EAB4A8D339B38E2C84ECCDC1EB9BCB508661 ft=1 fh=b9050071cbb9d4b1 vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\MixiDJ_V37\ldrtbMixi.dll.vir"
sh=81AF7CFB10091601ED1B82B92BDA2A254AA2B82F ft=1 fh=b76578e523b80dbc vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\MixiDJ_V37\tbMix1.dll.vir"
sh=41565A5C7C5DE65C949CC2C3566265E05A0BA782 ft=1 fh=95024ab9b65b3320 vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\MixiDJ_V37\tbMixi.dll.vir"
sh=B5C93DA0C608B26C9487ABC49CCB643C9A15ED33 ft=1 fh=75f1c65aa8a331ed vn="a variant of Win32/PriceGong.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\MixiDJ_V37\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll.vir"
sh=639EC700B0AE3E4022B0E2194154C35804C1495D ft=1 fh=cea679b0d15a81f3 vn="Win64/Toolbar.Conduit.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\SweetPacks\hk64tbSwee.dll.vir"
sh=E81DDA2EB87C2B9FC5567266DCB0F473CA8879DD ft=1 fh=ce9365354cde4d2d vn="Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\SweetPacks\hktbSwee.dll.vir"
sh=BB64EAB4A8D339B38E2C84ECCDC1EB9BCB508661 ft=1 fh=b9050071cbb9d4b1 vn="a variant of Win32/Toolbar.Conduit.P potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\SweetPacks\ldrtbSwee.dll.vir"
sh=41565A5C7C5DE65C949CC2C3566265E05A0BA782 ft=1 fh=95024ab9b65b3320 vn="a variant of Win32/Toolbar.Conduit.X potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\LocalLow\SweetPacks\tbSwee.dll.vir"
sh=77E3B8C01D35824C5A7690FC16CAC4DB5F56B84F ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\firefox@luckyleap.net.xpi.vir"
sh=9CA4774891E9538150DBC295BC303D11173CE7FB ft=0 fh=0000000000000000 vn="Win32/DealPly.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\a8mptzl1.default\Extensions\{906000A4-88D9-4D52-B209-7A772970D91F}\chrome\content\dealplyshopping.xul.vir"
sh=9EE6ADA24ED5797D8A1FA848A5A184FA8E83818E ft=1 fh=c71c0011a4c47781 vn="a variant of Win32/AdWare.AddLyrics.AB application" ac=I fn="C:\FRST\Quarantine\Re-Markable25-02-2014_00-18-13\ReMarkableup.exe"
sh=C7E054C7BA58AE2D703DB29C52346A3ED84FEF57 ft=1 fh=53532950b9749a4f vn="Win32/Toolbar.Linkury.D potentially unwanted application" ac=I fn="C:\FRST\Quarantine\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8}25-02-2014_00-18-14\components\SmartbarFireFoxRemotePlugin_20.dll"
sh=C546BA3CA78F93EB65DCCEA191BC40B9F940E2EA ft=1 fh=6fd80785d353cf5d vn="Win32/Toolbar.Linkury.D potentially unwanted application" ac=I fn="C:\FRST\Quarantine\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8}25-02-2014_00-18-14\components\SmartbarFireFoxRemotePlugin_21.dll"
sh=7C15DA5A80F24F0383C992CFB03CF68E95A464B1 ft=1 fh=be427aaf403ae2ff vn="a variant of Win32/Toolbar.Linkury.D potentially unwanted application" ac=I fn="C:\FRST\Quarantine\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8}25-02-2014_00-18-14\components\SmartbarFireFoxRemotePlugin_22.dll"
sh=95544372D9D68E8AFAE5E9DA8B07C14CE5406ABB ft=1 fh=dd489ec711c15129 vn="a variant of Win32/Toolbar.Linkury.D potentially unwanted application" ac=I fn="C:\FRST\Quarantine\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8}25-02-2014_00-18-14\components\SmartbarFireFoxRemotePlugin_23.dll"
sh=BA8871127FB23B24A8963B6A5992DED58259E590 ft=1 fh=65df87dcc97c6ea8 vn="a variant of Win32/Toolbar.Linkury.D potentially unwanted application" ac=I fn="C:\FRST\Quarantine\{092dddb1-ecaf-3f7c-0855-2a49cc643ce8}25-02-2014_00-18-14\components\SmartbarFireFoxRemotePlugin_24.dll"
sh=2505F12AFFC37484174EE534CA330B12506FBC99 ft=0 fh=0000000000000000 vn="a variant of Win32/HackTool.Patcher.T potentially unsafe application" ac=I fn="C:\John stuff\Downloadssss\Ableton_Live_8.1.4__www.Downloadha.com_.part1.rar"
sh=8DC417F774F6C052E1F4CA13879F35C866EED7B6 ft=0 fh=0000000000000000 vn="BAT/HostsChanger.A potentially unsafe application" ac=I fn="C:\John stuff\Laptop Stuff\Adobe Dreamweaver CS4\Adobe CS4 Activation Patch\Activation Blocker.cmd"
sh=753708B21A190F0BFA98D7C65AC53492D68CA205 ft=1 fh=036dd4c0cd709774 vn="a variant of Win32/Toolbar.SearchSuite.P potentially unwanted application" ac=I fn="C:\Program Files (x86)\Free Easy CD DVD Burner\Helper.dll"
sh=2D1B5CB309792CD3D8DB67D0DFE3C9C42837CBEC ft=1 fh=d1bbe9de3d190a0b vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\temp\scorpionsaver.exe"
sh=984A3D07E011615674265ABE4C899B915B9A715F ft=0 fh=0000000000000000 vn="Win32/AdWare.Adpeak.B application" ac=I fn="C:\temp\ScorpionSaver.msi"
sh=8520DF5EF7B924D99959F967FC7664FEAC3C73AD ft=0 fh=0000000000000000 vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YD8GV8OS\stubinst_pkg_en-us[1].cab"
sh=9B3E5B195B8CAF4F337D65AB99C5AA72DE2B08FD ft=1 fh=ff8f90d6f0117da0 vn="a variant of MSIL/Adware.StrongVault.A application" ac=I fn="C:\Users\Owner\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YL9CMVJF\DesktopWeatherAlertsSetup[1].exe"
sh=9EC6354A6485E25CD46268B84EAD7F14ECA72ED9 ft=0 fh=0000000000000000 vn="a variant of Android/NoComA.B trojan" ac=I fn="C:\Users\Owner\Desktop\S3 Data\Download\security.update-1.apk"
sh=9EC6354A6485E25CD46268B84EAD7F14ECA72ED9 ft=0 fh=0000000000000000 vn="a variant of Android/NoComA.B trojan" ac=I fn="C:\Users\Owner\Desktop\S3 Data\Download\security.update.apk"
sh=C5A07C6647A4228B39A382EE5246235CFDD94A82 ft=1 fh=1901ca3fd08316cd vn="a variant of Win32/CNETInstaller.B potentially unwanted application" ac=I fn="C:\Users\Owner\Downloads\cbsidlm-cbsi134-Free_MP4_to_WMV_Converter-SEO-75898999.exe"
sh=686FFA84B518F63667B17939C4F8B475226C06C6 ft=1 fh=ef34117524fb94cb vn="a variant of Win32/CNETInstaller.B potentially unwanted application" ac=I fn="C:\Users\Owner\Downloads\cbsidlm-cbsi176-MP3_CD_Maker-ORG-10065486.exe"
sh=49CF643356375FED3BAA673F503F429DBE29F807 ft=0 fh=0000000000000000 vn="a variant of Win32/HackTool.Patcher.AD potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\Fl_Studio.11_crack.rar"
sh=A1FA43D9D3C98C592B1E69A786466C47E8D77B46 ft=1 fh=9bb9462d48fb6491 vn="a variant of Win32/Verti.A potentially unwanted application" ac=I fn="C:\Users\Owner\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe"
sh=896E714EDA7501B1803505392B0E410B044C150E ft=0 fh=0000000000000000 vn="a variant of Win32/HackTool.Patcher.X potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\PokerBooks.rar"
sh=AE8A93CD8F131EE15647833A6E7F3D515CAD3CC5 ft=0 fh=0000000000000000 vn="BAT/HostsChanger.A potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\Adobe CS6 Master Collection - Windows\xforce-keygen-win.zip"
sh=0CC90FBFDDC353D04E8FFA47D5521C9B3346F7DF ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.AD potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\D16.Group.Toraverb.VST.v1.2.0.Incl.Keygen-AiR { www.torrentkit.com }\a-dtv120.zip"
sh=FD6A1336FA590D9A8E22C4A86C1F55E7BA3403A2 ft=0 fh=0000000000000000 vn="a variant of Win32/Keygen.AD potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\D16.Group.Toraverb.VST.v1.2.0.Incl.Keygen-AiR { www.torrentkit.com }\a-dtv120\a-dtv120.rar"
sh=D6316404586855F8ED8C7360F9432BED27FF055A ft=1 fh=1f5aa5282a05119b vn="a variant of Win32/Keygen.AD potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\D16.Group.Toraverb.VST.v1.2.0.Incl.Keygen-AiR { www.torrentkit.com }\a-dtv120\a-dtv120\Keygen.exe"
sh=204530442D73013A195B789219A491ABA865C5E7 ft=1 fh=b8e681b79875ce9b vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\FLS10.0.9 [MC Tutoriales]\FL Studio 10.0.9\flstudio_10.0.9c.exe"
sh=B09A9DF3A2068BC9C431F4066F9DC12080FFB814 ft=1 fh=601ce0bf8d93704f vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\Fl_Studio.11_crack\flstudio_11.0.2.exe"
sh=4CE66ABF8F95798FBEF42D836E756E21BF4C1EDF ft=1 fh=3a31d5ec7f9e4f4a vn="Win32/OpenCandy potentially unsafe application" ac=I fn="C:\Users\Owner\Downloads\Image-Line.FL.Studio.Edition.v10.0.0+Cracked!\flstudio_10.0.exe"
sh=50A8C2EE75A0394DF77C68B78B706535CF249F3D ft=0 fh=0000000000000000 vn="a variant of Win32/AdWare.Adpeak.B application" ac=I fn="C:\Windows\Installer\1660f9.msi"
sh=3C4CA6E4387894829EDF820845109B6BE59F0E4D ft=0 fh=0000000000000000 vn="a variant of MSIL/Toolbar.Linkury.C potentially unwanted application" ac=I fn="C:\Windows\Installer\2aef6c5.msi"
 



#13 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 27 February 2014 - 02:52 AM

Hi,

this looks good. No more active malware has been found!
(Running cracks/keygens is very risky as they are often infected - but I'm sure you already know that.)


That's it! Your logs look clean to me at the moment.
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!



Clean Up

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download DelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

 

 

 

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefor it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:


Java 7 Update 25
Java™ 6 Update 29
Java™ 6 Update 7




Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.



#14 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:59 PM

Posted 12 March 2014 - 12:04 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users