Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

getting redirected to a linkbucks site everytime I click ANY link


  • This topic is locked This topic is locked
12 replies to this topic

#1 Haseo98

Haseo98

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 28 February 2014 - 10:54 PM

This is a picture of where I get linked to:
link.jpg

this is my HJT log...

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:43:45 PM, on 2/28/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
 
Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
C:\Users\Marlene\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Users\Marlene\AppData\Local\Akamai\netsession_win.exe
C:\Users\Marlene\AppData\Local\Akamai\netsession_win.exe
C:\Users\Marlene\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Marlene\Downloads\HijackThis.exe
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: (no name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
R3 - URLSearchHook: (no name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost127.0.0.1 practivate.adobe.newoa
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O3 - Toolbar: (no name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - (no file)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HP HD Webcam [Fixed]_Monitor] C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe
O4 - HKLM\..\Run: [DTRun] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [HPQuickWebProxy] "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [InstaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] "C:\windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer
O4 - HKCU\..\Run: [Google Update] "C:\Users\Marlene\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [cdloader] "C:\Users\Marlene\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Marlene\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [Raptr] C:\PROGRA~2\Raptr\raptrstub.exe --startup
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Marlene\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Marlene\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [Pinger] "C:\Program Files (x86)\Pinger\Pinger.exe"
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
O4 - Global Startup: GamersFirst LIVE!.lnk = C:\Program Files (x86)\GamersFirst\LIVE!\Live.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Evernote 4.0 - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://*.aeriagames.com
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\AESTSr64.exe
O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Belkin Local Backup Service - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
O23 - Service: Belkin Network USB Helper - Unknown owner - C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel® Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: XobniService - Xobni Corporation - C:\Program Files (x86)\Xobni\XobniService.exe
 
--
End of file - 20430 bytes
 


BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:59 AM

Posted 01 March 2014 - 05:44 AM

Hi there,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 Haseo98

Haseo98
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 01 March 2014 - 09:39 AM

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-03-2014
Ran by Marlene (administrator) on CHARLIE-HP on 01-03-2014 09:36:26
Running from C:\Users\Marlene\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(AMD) C:\windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Hewlett-Packard Company) C:\windows\system32\Hpservice.exe
(Validity Sensors, Inc.) C:\windows\system32\vcsFPService.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
() C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Hewlett-Packard Company) c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
(Microsoft Corporation) C:\windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
() C:\windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Akamai Technologies, Inc.) C:\Users\Marlene\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Akamai Technologies, Inc.) C:\Users\Marlene\AppData\Local\Akamai\netsession_win.exe
(BitTorrent Inc.) C:\Users\Marlene\AppData\Roaming\BitTorrent\BitTorrent.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Belkin International, Inc.) C:\Program Files\Belkin\Belkin USB Print and Storage Center\connect.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinSetup.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSdkHelperx64.exe
(Intel Corporation) C:\windows\system32\igfxext.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Trend Micro Inc.) C:\Users\Marlene\Downloads\HijackThis.exe
(Microsoft Corporation) C:\windows\SysWOW64\NOTEPAD.EXE
(Google Inc.) C:\Users\Marlene\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\windows\system32\igfxsrvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2887440 2012-04-30] (Synaptics Incorporated)
HKLM\...\Run: [AtherosBtStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] - C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379040 2011-01-06] (Atheros Commnucations)
HKLM\...\Run: [MfeEpePcMonitor] - C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2012-04-05] ()
HKLM\...\Run: [HPPowerAssistant] - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2996792 2011-07-15] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [1664000 2014-01-27] (IDT, Inc.)
HKLM-x32\...\Run: [File Sanitizer] - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12274688 2011-02-07] (Hewlett-Packard)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [HP HD Webcam [Fixed]_Monitor] - C:\Program Files (x86)\HP HD Webcam [Fixed]\monitor.exe [267128 2010-11-26] ()
HKLM-x32\...\Run: [DTRun] - c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] - C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [169528 2012-03-06] (Hewlett-Packard Company)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [InstaLAN] - C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [1485208 2010-07-28] (Affinegy, Inc.)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-01-29] (DivX, LLC)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1263952 2013-02-12] ()
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Aeria Ignite] - C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1794224 2013-01-07] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HPConnectionManager] - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [184736 2012-09-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-27] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] - "C:\windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer [194912 2013-02-07] (DivX, LLC)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\Run: [Google Update] - C:\Users\Marlene\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-02] (Google Inc.)
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\Run: [cdloader] - C:\Users\Marlene\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\Run: [Facebook Update] - C:\Users\Marlene\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-11] (Facebook Inc.)
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\Run: [Raptr] - C:\Program Files (x86)\Raptr\raptrstub.exe [55360 2014-02-18] (Raptr, Inc)
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\Run: [Akamai NetSession Interface] - C:\Users\Marlene\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\Run: [BitTorrent] - C:\Users\Marlene\AppData\Roaming\BitTorrent\BitTorrent.exe [900696 2014-02-23] (BitTorrent Inc.)
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\Run: [Pinger] - C:\Program Files (x86)\Pinger\Pinger.exe [10581504 2013-08-23] ()
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\RunOnce: [Uninstall C:\Users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64] - C:\windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\MountPoints2: {b0d5b943-fdff-11e2-9bdd-d0df9a32003b} - I:\setup.exe
HKU\S-1-5-21-1577214117-580987070-1299483787-1004\...\MountPoints2: {c22b4dae-8ddb-11e2-a1ed-2c4138047e3c} - H:\LGAutoRun.exe
Lsa: [Notification Packages] DPPassFilter EpePcNp64 scecli
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM/1
URLSearchHook: HKLM-x32 - (No Name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File
URLSearchHook: HKCU - (No Name) - {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - No File
URLSearchHook: HKCU - (No Name) - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {895C8167-6EC4-45F1-BB7A-ED5759C2C226} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 200.48.225.130 200.48.225.146
 
FireFox:
========
FF ProfilePath: C:\Users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\xjwul3wj.default
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @gamersfirst.com/LiveLauncher - C:\Program Files (x86)\GamersFirst\LIVE!\nplivelauncher.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Marlene\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Marlene\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Marlene\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Marlene\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Marlene\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Marlene\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Marlene\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Marlene\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Marlene\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Marlene\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\xjwul3wj.default\searchplugins\yahoo_ff.xml
FF Extension: No Name - C:\Users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\xjwul3wj.default\Extensions\staged [2013-12-06]
FF Extension: Address Bar Search - C:\Users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\xjwul3wj.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} [2013-08-31]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-01-03]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-02-18]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-02-23]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-02]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-11-02]
 
Chrome: 
=======
CHR RestoreOnStartup: "translate_accepted_count": {
      "es": 0,
      "zh-CN"
CHR Extension: (avast! Online Security) - C:\Users\Marlene\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-28]
CHR Extension: (Google Wallet) - C:\Users\Marlene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Marlene\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2013-09-15]
CHR HKCU\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Marlene\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-11-20]
CHR HKCU\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Marlene\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Marlene\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-11-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-01-03]
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Marlene\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-02-07]
CHR HKLM-x32\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Charlie\AppData\Local\Temp\ccex.crx [2013-02-07]
CHR HKLM-x32\...\Chrome\Extension: [pbkdpahkifcigckmhiafindmaflfifgm] - C:\Users\Marlene\AppData\Local\Coupon Companion\Chrome\Coupon Companion.crx [2013-02-07]
CHR StartMenuInternet: Google Chrome - C:\Users\Charlie\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [569752 2010-07-28] (Affinegy, Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [138400 2011-01-06] (Atheros)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-27] (AVAST Software)
R2 Belkin Local Backup Service; C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [181760 2010-02-17] ()
R2 Belkin Network USB Helper; C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [55296 2010-02-09] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363616 2014-01-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748640 2014-01-03] (Microsoft Corporation)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [476728 2011-09-05] (Hewlett-Packard Company)
R2 HPDayStarterService; c:\Program Files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [133688 2011-01-28] (Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2012-04-05] ()
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2012-11-07] ()
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
 
==================== Drivers (Whitelisted) ====================
 
R1 archlp; C:\Windows\System32\drivers\archlp.sys [136192 2010-07-07] ()
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R2 aswMonFlt; C:\windows\system32\drivers\aswMonFlt.sys [78648 2014-02-27] (AVAST Software)
R1 aswRdr; C:\windows\system32\drivers\aswRdr2.sys [92544 2014-02-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-27] ()
R1 aswSnx; C:\windows\system32\drivers\aswSnx.sys [1038072 2014-02-27] (AVAST Software)
R1 aswSP; C:\windows\system32\drivers\aswSP.sys [421704 2014-02-27] (AVAST Software)
R3 aswStm; C:\windows\system32\drivers\aswStm.sys [80184 2014-02-27] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2014-01-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-27] ()
R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [46368 2013-12-15] (AVG Technologies)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
S2 Htsysm; C:\windows\SysWOW64\HtsysmNT.sys [2304 2010-11-04] ()
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [100808 2012-04-05] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158920 2012-04-05] (McAfee, Inc.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-09-09] (Duplex Secure Ltd.)
R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [2611704 2011-01-12] (Sunplus Technology)
R2 sxuptp; C:\Windows\System32\DRIVERS\sxuptp.sys [291352 2009-06-22] (silex technology, Inc.)
S3 usbio; C:\Windows\System32\Drivers\dsiarhwprog_x64.sys [54200 2012-09-26] (Thesycon GmbH, Germany)
U3 a2ngueu2; No ImagePath
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-01 09:36 - 2014-03-01 09:36 - 00033801 _____ () C:\Users\Marlene\Downloads\FRST.txt
2014-03-01 09:36 - 2014-03-01 09:36 - 00000000 ____D () C:\FRST
2014-03-01 09:35 - 2014-03-01 09:36 - 02155520 _____ (Farbar) C:\Users\Marlene\Downloads\FRST64.exe
2014-02-28 22:43 - 2014-02-28 22:43 - 00020432 _____ () C:\Users\Marlene\Downloads\hijackthis.log
2014-02-28 22:42 - 2014-02-28 22:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marlene\Downloads\HijackThis.exe
2014-02-28 21:40 - 2014-02-28 21:41 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Marlene\Downloads\tdsskiller.exe
2014-02-28 21:25 - 2014-02-28 21:26 - 00003734 _____ () C:\Users\Marlene\Desktop\Rkill.txt
2014-02-28 21:11 - 2014-02-28 21:12 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Marlene\Downloads\rkill.com
2014-02-28 20:52 - 2014-02-28 20:52 - 00308682 _____ () C:\Users\Marlene\Documents\cc_20140228_205216.reg
2014-02-28 15:44 - 2014-02-28 20:37 - 00000000 ____D () C:\AdwCleaner
2014-02-28 15:44 - 2014-02-28 15:44 - 01244192 _____ () C:\Users\Marlene\Downloads\adwcleaner.exe
2014-02-28 08:49 - 2014-02-28 08:49 - 00000000 ____D () C:\Users\Marlene\AppData\Roaming\AVAST Software
2014-02-27 18:34 - 2014-02-27 18:33 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-02-27 18:21 - 2014-02-28 22:36 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-02-27 18:21 - 2014-02-27 18:33 - 00207904 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-02-27 18:21 - 2014-02-27 18:33 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-02-27 18:21 - 2014-02-27 18:33 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-02-26 11:29 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-26 11:29 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-26 11:29 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-26 11:29 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-26 11:29 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-26 11:29 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-26 11:29 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-26 11:29 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-26 11:29 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-26 11:29 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-26 11:29 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-26 11:29 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-26 11:29 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-26 11:29 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-26 11:29 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-26 11:29 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-26 11:29 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-26 11:29 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-26 11:29 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-26 11:29 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-26 11:29 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-26 11:29 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-26 11:29 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-26 11:29 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-26 11:29 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-26 11:29 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-26 11:29 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-26 11:29 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-26 11:29 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-26 11:29 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-26 11:29 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-26 11:29 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-26 11:29 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-26 11:28 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-26 11:28 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-26 11:28 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-26 11:28 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-26 11:28 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-26 11:28 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-23 19:35 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2014-02-23 19:35 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2014-02-23 19:35 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2014-02-23 19:35 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2014-02-23 18:35 - 2014-02-28 22:40 - 00003198 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMarlene
2014-02-23 18:35 - 2014-02-28 22:40 - 00000340 _____ () C:\windows\Tasks\HPCeeScheduleForMarlene.job
2014-02-23 13:48 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-02-23 13:47 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-02-21 18:00 - 2013-12-31 18:05 - 00420008 _____ () C:\windows\SysWOW64\locale.nls
2014-02-21 18:00 - 2013-12-31 18:04 - 00420008 _____ () C:\windows\system32\locale.nls
2014-02-21 18:00 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-02-21 18:00 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-02-21 18:00 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-02-21 18:00 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2014-02-21 18:00 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
2014-02-21 18:00 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
2014-02-21 18:00 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
2014-02-21 18:00 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
2014-02-21 18:00 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
2014-02-21 18:00 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
2014-02-21 18:00 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
2014-02-21 18:00 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
2014-02-21 18:00 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
2014-02-21 18:00 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
2014-02-21 18:00 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
2014-02-21 18:00 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
2014-02-21 18:00 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
2014-02-21 18:00 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
2014-02-21 18:00 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
2014-02-21 18:00 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
2014-02-21 18:00 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
2014-02-21 18:00 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-19 21:54 - 2014-02-24 16:30 - 00000000 ____D () C:\Users\Marlene\Desktop\dsgames
2014-02-19 21:54 - 2014-02-19 21:54 - 00000000 ____D () C:\Users\Marlene\Desktop\sam
2014-02-15 23:12 - 2014-02-14 12:54 - 2122437204 ____R () C:\Users\Marlene\Desktop\Left 4 Dead 2.rar
2014-02-12 23:05 - 2014-02-12 23:05 - 00000000 ____D () C:\Users\Marlene\Desktop\States
2014-02-12 23:05 - 2014-02-12 23:05 - 00000000 ____D () C:\Users\Marlene\Desktop\Roms
2014-02-12 23:05 - 2014-02-12 23:05 - 00000000 ____D () C:\Users\Marlene\Desktop\Cheats
2014-02-12 23:02 - 2014-02-12 23:22 - 00001501 _____ () C:\Users\Marlene\Desktop\desmume.ini
2014-02-12 22:27 - 2014-02-12 22:29 - 00000000 ____D () C:\Users\Marlene\Downloads\Justice.League.War.2014.1080p.WEB-DL.H264-PublicHD
2014-02-08 13:44 - 2014-02-08 13:44 - 00198875 _____ () C:\Users\Marlene\Downloads\Smart TVs   BrandsMart USA.htm
2014-02-08 13:44 - 2014-02-08 13:44 - 00097946 _____ () C:\Users\Marlene\Downloads\50+Class+1080P+240Hz+LED+Smart+HDTV+With+Wi+Fi.htm
2014-02-08 13:44 - 2014-02-08 13:44 - 00000000 ____D () C:\Users\Marlene\Downloads\Smart TVs   BrandsMart USA_files
2014-02-03 20:23 - 2014-02-03 20:23 - 00162034 _____ () C:\Users\Marlene\Downloads\3ec016d5a3c6f94ab9dfd82113d854d1fdd7a086.jpeg
2014-02-03 20:21 - 2014-02-03 20:21 - 00478765 _____ () C:\Users\Marlene\Downloads\e076eb6c2b3d5f37b9ffea4d86ab935f80468d14.jpeg
2014-02-03 13:58 - 2014-02-16 13:36 - 00000000 ____D () C:\Users\Marlene\Downloads\Black Butler (Kurobleepsuji) Season 1 (+OVA) BDRip [1080p - Duel Audio]
2014-02-02 23:26 - 2014-02-02 23:26 - 00154771 _____ () C:\Users\Marlene\Downloads\3D+42+Class+Cinema+1080P+LED+Smart+HDTV+With+Wi+Fi.htm
2014-02-02 12:04 - 2014-02-02 12:04 - 00574901 _____ () C:\Users\Marlene\Downloads\Amazon.com  Samsung UN46F7100 46-Inch 1080p 240Hz 3D Ultra Slim Smart LED HDTV  Televisions & Video.htm
2014-02-02 12:04 - 2014-02-02 12:04 - 00000000 ____D () C:\Users\Marlene\Downloads\Amazon.com  Samsung UN46F7100 46-Inch 1080p 240Hz 3D Ultra Slim Smart LED HDTV  Televisions & Video_files
2014-02-02 11:53 - 2014-02-02 11:53 - 00425292 _____ () C:\Users\Marlene\Downloads\Amazon.com  LED TVs  Electronics.htm
2014-02-02 11:53 - 2014-02-02 11:53 - 00000000 ____D () C:\Users\Marlene\Downloads\Amazon.com  LED TVs  Electronics_files
2014-02-01 12:46 - 2014-02-01 12:46 - 00001131 _____ () C:\Users\Public\Desktop\FanFictionDownloader.lnk
2014-01-30 21:24 - 2014-01-30 21:24 - 00000923 _____ () C:\Users\Public\Desktop\Shin Megami Tensei Imagine.lnk
2014-01-30 21:16 - 2014-01-30 21:16 - 00000000 ____D () C:\Marvelous USA
2014-01-30 19:40 - 2014-01-30 19:40 - 00000000 ____D () C:\Users\Marlene\Desktop\Shin Megami Tensei Imagine
2014-01-30 18:49 - 2014-01-30 18:49 - 00000180 _____ () C:\console.log
 
==================== One Month Modified Files and Folders =======
 
2014-03-01 09:36 - 2014-03-01 09:36 - 00033801 _____ () C:\Users\Marlene\Downloads\FRST.txt
2014-03-01 09:36 - 2014-03-01 09:36 - 00000000 ____D () C:\FRST
2014-03-01 09:36 - 2014-03-01 09:35 - 02155520 _____ (Farbar) C:\Users\Marlene\Downloads\FRST64.exe
2014-03-01 09:35 - 2013-02-23 18:37 - 00000900 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-01 09:35 - 2012-05-08 17:27 - 00000000 ____D () C:\Users\Marlene\AppData\Roaming\BitTorrent
2014-03-01 09:35 - 2012-05-02 17:00 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA.job
2014-03-01 09:34 - 2012-07-10 13:37 - 00000936 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA.job
2014-03-01 09:34 - 2012-04-08 05:54 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-03-01 09:34 - 2012-02-18 00:19 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1002UA.job
2014-03-01 09:34 - 2011-07-06 08:43 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-03-01 09:34 - 2011-07-06 08:30 - 01462735 _____ () C:\windows\WindowsUpdate.log
2014-02-28 22:43 - 2014-02-28 22:43 - 00020432 _____ () C:\Users\Marlene\Downloads\hijackthis.log
2014-02-28 22:43 - 2012-05-02 16:46 - 00000000 ____D () C:\Users\Marlene\AppData\Local\VirtualStore
2014-02-28 22:42 - 2014-02-28 22:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Marlene\Downloads\HijackThis.exe
2014-02-28 22:41 - 2009-07-13 23:45 - 00020944 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-28 22:41 - 2009-07-13 23:45 - 00020944 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-28 22:40 - 2014-02-23 18:35 - 00003198 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMarlene
2014-02-28 22:40 - 2014-02-23 18:35 - 00000340 _____ () C:\windows\Tasks\HPCeeScheduleForMarlene.job
2014-02-28 22:40 - 2012-05-02 16:46 - 00000000 ____D () C:\Users\Marlene
2014-02-28 22:36 - 2014-02-27 18:21 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-02-28 22:34 - 2013-02-23 18:37 - 00000896 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-28 22:33 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-02-28 22:33 - 2009-07-13 23:51 - 00100389 _____ () C:\windows\setupact.log
2014-02-28 21:44 - 2012-02-18 00:19 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1002Core.job
2014-02-28 21:41 - 2014-02-28 21:40 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Marlene\Downloads\tdsskiller.exe
2014-02-28 21:26 - 2014-02-28 21:25 - 00003734 _____ () C:\Users\Marlene\Desktop\Rkill.txt
2014-02-28 21:12 - 2014-02-28 21:11 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Marlene\Downloads\rkill.com
2014-02-28 20:52 - 2014-02-28 20:52 - 00308682 _____ () C:\Users\Marlene\Documents\cc_20140228_205216.reg
2014-02-28 20:50 - 2012-05-08 17:35 - 00000000 ____D () C:\Users\Marlene\AppData\Roaming\vlc
2014-02-28 20:37 - 2014-02-28 15:44 - 00000000 ____D () C:\AdwCleaner
2014-02-28 20:37 - 2012-05-02 17:00 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core.job
2014-02-28 15:57 - 2009-07-14 00:13 - 00783360 _____ () C:\windows\system32\PerfStringBackup.INI
2014-02-28 15:53 - 2012-11-07 14:28 - 00000000 ____D () C:\Users\Marlene\AppData\Roaming\Raptr
2014-02-28 15:44 - 2014-02-28 15:44 - 01244192 _____ () C:\Users\Marlene\Downloads\adwcleaner.exe
2014-02-28 08:49 - 2014-02-28 08:49 - 00000000 ____D () C:\Users\Marlene\AppData\Roaming\AVAST Software
2014-02-28 06:33 - 2011-07-06 08:56 - 00647852 _____ () C:\windows\PFRO.log
2014-02-28 03:01 - 2011-05-02 13:48 - 00778228 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2014-02-27 22:16 - 2013-11-19 22:03 - 00000000 ____D () C:\Users\Marlene\Desktop\mlp
2014-02-27 22:16 - 2013-06-23 12:32 - 00000000 ____D () C:\Users\Marlene\Desktop\ponies
2014-02-27 18:34 - 2012-02-18 00:24 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-27 18:33 - 2014-02-27 18:34 - 00080184 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-02-27 18:33 - 2014-02-27 18:21 - 00207904 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-02-27 18:33 - 2014-02-27 18:21 - 00092544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-02-27 18:33 - 2014-02-27 18:21 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-02-27 18:33 - 2012-02-18 00:24 - 01038072 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-02-27 18:33 - 2012-02-18 00:24 - 00421704 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
2014-02-27 18:33 - 2012-02-18 00:24 - 00334136 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-02-27 18:33 - 2012-02-18 00:24 - 00078648 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-02-27 18:33 - 2012-02-18 00:23 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-02-27 18:22 - 2012-02-18 00:23 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-02-27 18:21 - 2012-02-18 00:24 - 00000000 _____ () C:\windows\SysWOW64\config.nt
2014-02-27 17:47 - 2012-07-10 13:37 - 00000914 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core.job
2014-02-27 15:08 - 2012-11-07 14:28 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-02-26 17:15 - 2012-05-02 16:49 - 00000000 ____D () C:\Users\Marlene\AppData\Roaming\Mozilla
2014-02-26 11:47 - 2013-08-01 06:45 - 00000000 ____D () C:\windows\system32\MRT
2014-02-26 11:44 - 2012-02-21 22:42 - 88567024 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-02-25 12:11 - 2012-05-02 16:46 - 00000000 ____D () C:\Users\Marlene\Documents\Bluetooth Folder
2014-02-25 11:21 - 2013-12-10 14:19 - 00000000 ____D () C:\Users\Marlene\Desktop\My_Images
2014-02-25 09:04 - 2012-05-04 15:47 - 00000999 _____ () C:\Users\Marlene\Desktop\magicJack.lnk
2014-02-25 09:04 - 2012-05-04 15:47 - 00000985 _____ () C:\Users\Marlene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\magicJack.lnk
2014-02-25 09:04 - 2012-05-04 15:31 - 00000000 ____D () C:\Users\Marlene\AppData\Roaming\mjusbsp
2014-02-24 21:20 - 2012-04-08 05:54 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-02-24 21:20 - 2012-04-08 05:54 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-02-24 21:20 - 2012-03-14 06:44 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-24 20:55 - 2012-04-28 23:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-02-24 20:55 - 2011-07-06 08:51 - 00000000 ____D () C:\ProgramData\Skype
2014-02-24 20:38 - 2012-02-17 05:08 - 00000000 ____D () C:\windows\rescache
2014-02-24 19:41 - 2013-08-01 06:41 - 00000000 ____D () C:\Users\Marlene\Desktop\more
2014-02-24 17:37 - 2012-05-02 17:00 - 00002376 _____ () C:\Users\Marlene\Desktop\Google Chrome.lnk
2014-02-24 16:30 - 2014-02-19 21:54 - 00000000 ____D () C:\Users\Marlene\Desktop\dsgames
2014-02-23 18:44 - 2012-05-02 17:00 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA
2014-02-23 18:44 - 2012-05-02 17:00 - 00003494 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core
2014-02-19 21:54 - 2014-02-19 21:54 - 00000000 ____D () C:\Users\Marlene\Desktop\sam
2014-02-17 21:54 - 2012-05-02 16:47 - 00065536 _____ () C:\Users\Marlene\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-17 19:42 - 2012-02-20 10:29 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2014-02-17 19:41 - 2012-03-05 08:53 - 00000000 _____ () C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-16 13:36 - 2014-02-03 13:58 - 00000000 ____D () C:\Users\Marlene\Downloads\Black Butler (Kurobleepsuji) Season 1 (+OVA) BDRip [1080p - Duel Audio]
2014-02-14 12:54 - 2014-02-15 23:12 - 2122437204 ____R () C:\Users\Marlene\Desktop\Left 4 Dead 2.rar
2014-02-12 23:22 - 2014-02-12 23:02 - 00001501 _____ () C:\Users\Marlene\Desktop\desmume.ini
2014-02-12 23:05 - 2014-02-12 23:05 - 00000000 ____D () C:\Users\Marlene\Desktop\States
2014-02-12 23:05 - 2014-02-12 23:05 - 00000000 ____D () C:\Users\Marlene\Desktop\Roms
2014-02-12 23:05 - 2014-02-12 23:05 - 00000000 ____D () C:\Users\Marlene\Desktop\Cheats
2014-02-12 22:29 - 2014-02-12 22:27 - 00000000 ____D () C:\Users\Marlene\Downloads\Justice.League.War.2014.1080p.WEB-DL.H264-PublicHD
2014-02-12 18:53 - 2013-02-23 18:37 - 00003896 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-12 18:53 - 2013-02-23 18:37 - 00003644 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-10 20:46 - 2014-01-24 19:21 - 663714934 _____ () C:\Users\Marlene\Downloads\1000Facials Sadie Santana 1080p.mp4
2014-02-08 13:44 - 2014-02-08 13:44 - 00198875 _____ () C:\Users\Marlene\Downloads\Smart TVs   BrandsMart USA.htm
2014-02-08 13:44 - 2014-02-08 13:44 - 00097946 _____ () C:\Users\Marlene\Downloads\50+Class+1080P+240Hz+LED+Smart+HDTV+With+Wi+Fi.htm
2014-02-08 13:44 - 2014-02-08 13:44 - 00000000 ____D () C:\Users\Marlene\Downloads\Smart TVs   BrandsMart USA_files
2014-02-08 11:32 - 2012-04-18 10:31 - 00003222 _____ () C:\windows\System32\Tasks\HPCeeScheduleForCHARLIE-HP$
2014-02-08 11:32 - 2012-04-18 10:31 - 00000346 _____ () C:\windows\Tasks\HPCeeScheduleForCHARLIE-HP$.job
2014-02-07 12:06 - 2012-05-10 12:07 - 00000000 ____D () C:\Users\Marlene\AppData\Local\CrashDumps
2014-02-06 07:16 - 2014-02-26 11:29 - 23170048 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-26 11:29 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-26 11:29 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-26 11:29 - 02765824 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-26 11:29 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-26 11:29 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-26 11:29 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-26 11:29 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-26 11:29 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-26 11:29 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-26 11:29 - 00708608 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-26 11:29 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-26 11:28 - 17103872 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-26 11:29 - 00218624 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-26 11:29 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-26 11:29 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-26 11:28 - 05768704 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-26 11:29 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-26 11:29 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-26 11:29 - 02168320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-26 11:29 - 00627200 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-26 11:29 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-26 11:29 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-26 11:28 - 02041856 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-26 11:29 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-26 11:29 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-26 11:29 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-26 11:29 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-02-06 04:25 - 2014-02-26 11:28 - 04244480 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-02-06 04:24 - 2014-02-26 11:29 - 02334208 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-26 11:28 - 13051392 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-26 11:29 - 00524288 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-26 11:29 - 01964032 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-26 11:28 - 11266048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-26 11:29 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-26 11:29 - 01820160 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-26 11:29 - 00817664 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-26 11:29 - 01156096 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-26 11:29 - 00703488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-02-04 13:50 - 2014-01-12 00:54 - 109754416 _____ () C:\Users\Marlene\Downloads\(C77)[COSPLAY][結城紗代]麗鳳.zip
2014-02-03 20:23 - 2014-02-03 20:23 - 00162034 _____ () C:\Users\Marlene\Downloads\3ec016d5a3c6f94ab9dfd82113d854d1fdd7a086.jpeg
2014-02-03 20:21 - 2014-02-03 20:21 - 00478765 _____ () C:\Users\Marlene\Downloads\e076eb6c2b3d5f37b9ffea4d86ab935f80468d14.jpeg
2014-02-02 23:26 - 2014-02-02 23:26 - 00154771 _____ () C:\Users\Marlene\Downloads\3D+42+Class+Cinema+1080P+LED+Smart+HDTV+With+Wi+Fi.htm
2014-02-02 12:04 - 2014-02-02 12:04 - 00574901 _____ () C:\Users\Marlene\Downloads\Amazon.com  Samsung UN46F7100 46-Inch 1080p 240Hz 3D Ultra Slim Smart LED HDTV  Televisions & Video.htm
2014-02-02 12:04 - 2014-02-02 12:04 - 00000000 ____D () C:\Users\Marlene\Downloads\Amazon.com  Samsung UN46F7100 46-Inch 1080p 240Hz 3D Ultra Slim Smart LED HDTV  Televisions & Video_files
2014-02-02 11:53 - 2014-02-02 11:53 - 00425292 _____ () C:\Users\Marlene\Downloads\Amazon.com  LED TVs  Electronics.htm
2014-02-02 11:53 - 2014-02-02 11:53 - 00000000 ____D () C:\Users\Marlene\Downloads\Amazon.com  LED TVs  Electronics_files
2014-02-02 09:54 - 2012-06-03 16:34 - 00000000 ____D () C:\Users\Marlene\AppData\Roaming\Skype
2014-02-01 12:46 - 2014-02-01 12:46 - 00001131 _____ () C:\Users\Public\Desktop\FanFictionDownloader.lnk
2014-02-01 12:46 - 2012-04-06 11:48 - 00000000 ____D () C:\Program Files (x86)\FanFictionDownloader
2014-01-30 21:24 - 2014-01-30 21:24 - 00000923 _____ () C:\Users\Public\Desktop\Shin Megami Tensei Imagine.lnk
2014-01-30 21:16 - 2014-01-30 21:16 - 00000000 ____D () C:\Marvelous USA
2014-01-30 19:40 - 2014-01-30 19:40 - 00000000 ____D () C:\Users\Marlene\Desktop\Shin Megami Tensei Imagine
2014-01-30 18:49 - 2014-01-30 18:49 - 00000180 _____ () C:\console.log
 
Some content of TEMP:
====================
C:\Users\Marlene\AppData\Local\Temp\905D.exe
C:\Users\Marlene\AppData\Local\Temp\AtpTimerInfo.dll
C:\Users\Marlene\AppData\Local\Temp\catalyst_mobility_64-bit_util.exe
C:\Users\Marlene\AppData\Local\Temp\DivXSetup.exe
C:\Users\Marlene\AppData\Local\Temp\Extract.exe
C:\Users\Marlene\AppData\Local\Temp\GenericWndApi.dll
C:\Users\Marlene\AppData\Local\Temp\hcuninstaller_20130913_184611_8104.exe
C:\Users\Marlene\AppData\Local\Temp\helper.exe
C:\Users\Marlene\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Marlene\AppData\Local\Temp\incredibar_installer.exe
C:\Users\Marlene\AppData\Local\Temp\instsl.exe
C:\Users\Marlene\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Marlene\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Marlene\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Marlene\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Marlene\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\Marlene\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\Marlene\AppData\Local\Temp\libmfxsw32.dll
C:\Users\Marlene\AppData\Local\Temp\mirc729.exe
C:\Users\Marlene\AppData\Local\Temp\oi_{D2CD92CE-1CCF-4ADD-8A13-6C516B1B494B}.exe
C:\Users\Marlene\AppData\Local\Temp\oi_{F2B8E286-5B50-4D98-A987-CCCF85D0B5AF}.exe
C:\Users\Marlene\AppData\Local\Temp\PidGenX.dll
C:\Users\Marlene\AppData\Local\Temp\PreferencesJson.exe
C:\Users\Marlene\AppData\Local\Temp\Quarantine.exe
C:\Users\Marlene\AppData\Local\Temp\Resource.exe
C:\Users\Marlene\AppData\Local\Temp\setup.exe
C:\Users\Marlene\AppData\Local\Temp\setup_vodburner.exe
C:\Users\Marlene\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Marlene\AppData\Local\Temp\SP52641.exe
C:\Users\Marlene\AppData\Local\Temp\SP56247.exe
C:\Users\Marlene\AppData\Local\Temp\SP56395.exe
C:\Users\Marlene\AppData\Local\Temp\SP56729.exe
C:\Users\Marlene\AppData\Local\Temp\SP56876.exe
C:\Users\Marlene\AppData\Local\Temp\SP57014.exe
C:\Users\Marlene\AppData\Local\Temp\SP57272.exe
C:\Users\Marlene\AppData\Local\Temp\SP57495.exe
C:\Users\Marlene\AppData\Local\Temp\SP57498.exe
C:\Users\Marlene\AppData\Local\Temp\SP57698.exe
C:\Users\Marlene\AppData\Local\Temp\SP57879.exe
C:\Users\Marlene\AppData\Local\Temp\SP57930.exe
C:\Users\Marlene\AppData\Local\Temp\sp58915.exe
C:\Users\Marlene\AppData\Local\Temp\SP58930.exe
C:\Users\Marlene\AppData\Local\Temp\SP59003.exe
C:\Users\Marlene\AppData\Local\Temp\SP59202.exe
C:\Users\Marlene\AppData\Local\Temp\SP59213.exe
C:\Users\Marlene\AppData\Local\Temp\SP59291.exe
C:\Users\Marlene\AppData\Local\Temp\SP59529.exe
C:\Users\Marlene\AppData\Local\Temp\SP59624.exe
C:\Users\Marlene\AppData\Local\Temp\SP60769.exe
C:\Users\Marlene\AppData\Local\Temp\SP61104.exe
C:\Users\Marlene\AppData\Local\Temp\sp64126.exe
C:\Users\Marlene\AppData\Local\Temp\SpOrder.dll
C:\Users\Marlene\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Marlene\AppData\Local\Temp\sqlite3.exe
C:\Users\Marlene\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Marlene\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\Marlene\AppData\Local\Temp\tbBitT.dll
C:\Users\Marlene\AppData\Local\Temp\tbuTor.dll
C:\Users\Marlene\AppData\Local\Temp\uninst1.exe
C:\Users\Marlene\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Marlene\AppData\Local\Temp\uttA797.tmp.exe
C:\Users\Marlene\AppData\Local\Temp\uttFD89.tmp.exe
C:\Users\Marlene\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Marlene\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\Marlene\AppData\Local\Temp\vlc-2.0.4-win32.exe
C:\Users\Marlene\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\Marlene\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Marlene\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\Marlene\AppData\Local\Temp\{2E046F5B-4E21-4A0B-9EE9-646D7CFE62D4}.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-28 02:32
 
==================== End Of Log ============================

adittion:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-03-2014
Ran by Marlene at 2014-03-01 09:37:41
Running from C:\Users\Marlene\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3 - )
3DS Compatible Action Replay Firmware Update version 1.1 (HKLM\...\3DS Compatible Action Replay Firmware Update_is1) (Version: 1.1 - )
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
6400_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Action Replay DSi Code Manager (HKLM\...\Action Replay DSi Code Manager_is1) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.11.2111) (Version: 1.11.2111 - Aeria Games & Entertainment)
Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.11.2111 - Aeria Games & Entertainment)
Aeria Ignite (x32 Version: 1.11.2111 - Aeria Games & Entertainment) Hidden
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD APP SDK Runtime (Version: 2.5.793.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{03520551-508E-EDCA-4A14-90C706A54A41}) (Version: 3.0.851.0 - Advanced Micro Devices, Inc.)
AMD Media Foundation Decoders (Version: 1.0.61013.1636 - Advanced Micro Devices, Inc.) Hidden
Any Video Converter 5.5.2 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.12 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.48.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Argazki Galeria (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Belkin USB Print and Storage Center (HKLM\...\Belkin USB Print and Storage Center) (Version: 1.0.0 - Belkin International, Inc.)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.8.2.30489 - BitTorrent Inc.)
Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.55 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build-a-Lot - The Elizabethan Era (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2011.1013.1702.28713 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.1013.1702.28713 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1013.1702.28713 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1013.1702.28713 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.1013.1702.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1013.1701.28713 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1013.1702.28713 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Combined Community Codec Pack 2011-11-11 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2011.11.11.0 - CCCP Project)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC Universe Online (HKCU\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)
DC Universe Online Live (HKCU\...\SOE-DC Universe Online Live) (Version:  - Sony Online Entertainment)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.1.0.1 - Hewlett-Packard Company)
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.24 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.99.30652 - Hewlett-Packard Company)
DVD Catalyst 4 v4.4.4.2 (HKLM-x32\...\DVD Catalyst 4) (Version: v4.4.4.2 - Tools4Movies)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.6 (HKLM-x32\...\{A23AADDA-3DBF-11E2-A6F2-984BE15F174E}) (Version: 4.6.0.7670 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4407 - Hewlett-Packard Company)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FanFictionDownloader version 0.8.8 (HKLM-x32\...\{1D868954-1083-4BBA-8379-C7A9B2705CBA}_is1) (Version: 0.8.8 - Raimond Eisele)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 6.0.0.8 - Hewlett-Packard Company)
Galeria de Fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galeria fotogràfica (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
GamersFirst LIVE! (HKLM-x32\...\GamersFirst LIVE!) (Version:  - GamersFirst)
Google Chrome (HKCU\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{5DBC79DA-87D2-376D-A65D-B14097C06C71}) (Version: 2.8.7.6830 - Google)
Google Talk Plugin (HKLM-x32\...\{CCE68200-4ED0-3E0A-A7F2-504897E356AB}) (Version: 5.1.5.17733 - Google)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 1.386 - Happy Cloud, Inc.)
Hatsune Miku Vocaloid3 Library (HKLM-x32\...\Hatsune Miku Vocaloid3 Library_is1) (Version: Vocaloid3 Library - Voronov Nikolay)
Hawken (HKCU\...\Hawken) (Version:  - Meteor Entertainment)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{54CE68A8-4F2D-4328-B1F7-D6C720405F7F}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Auto (Version: 1.0.12494.3472 - Hewlett-Packard Company) Hidden
HP Connection Manager (HKLM-x32\...\{5DCA44EB-03F6-44A3-A294-F3E5DE98D7F6}) (Version: 4.4.10.1 - Hewlett-Packard Company)
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP DayStarter (HKLM\...\{483D5A49-A26B-4CB8-AA2D-0D1811322061}) (Version: 2.0.0.12 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
HP HD Webcam [Fixed] (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.3.4.07 - SunplusIT)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.4.1 - Hewlett-Packard Company)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP OfficeJet J6400 (HKLM\...\{8AB2AC00-AFFF-4043-83D9-0086528B337F}) (Version: 13.0 - HP)
HP Power Assistant (HKLM\...\{FBFC2FD4-DF47-4FBF-8D6D-275B488D87D5}) (Version: 2.1.0.6 - Hewlett-Packard Company)
HP Product Detection (HKLM-x32\...\{8A9FC225-75F6-4B5D-911C-0ED230565643}) (Version: 11.15.0009 - HP)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.08.1017 - Hewlett-Packard Company)
HP ProtectTools Security Manager (Version: 6.08.1017 - Hewlett-Packard Company) Hidden
HP QuickWeb (HKLM-x32\...\{3F437675-F102-4866-BDE1-FFFC7B45EC0B}) (Version: 3.1.2.10229 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP SoftPaq Download Manager (HKLM-x32\...\{FE465061-894A-4023-8580-56FCDD4F23F9}) (Version: 3.4.4.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{675D093B-815D-47FD-AB2C-192EC751E8E2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{D2A2E5CD-801A-4B8D-8119-F79449A09B67}) (Version: 2.3.1.2 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT)
IMAGINE (HKLM-x32\...\Shin Megami Tensei) (Version: 1.408 - )
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel® Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
J6400 (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
KaraFun Player (HKLM-x32\...\KaraFun Player_is1) (Version: 1.20.86.771 - Recisio)
Mabinogi (HKLM-x32\...\Mabinogi) (Version:  - devCAT)
magicJack (HKCU\...\magicJack) (Version: 2.0.6073.4413 - magicJack L.P.)
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Megurine Luka ENG Vocaloid3 Library (HKLM-x32\...\Megurine Luka ENG Vocaloid3 Library_is1) (Version: Vocaloid3 Library - Voronov Nikolay)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miku Sweet Vocaloid3 Library (HKLM-x32\...\Miku Sweet Vocaloid3 Library_is1) (Version: Vocaloid3 Library - Voronov Nikolay)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 10.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 10.0.2 (x86 en-US)) (Version: 10.0.2 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (Version: 130.0.579.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice 4.0.1 (HKLM-x32\...\{47F460DA-D1BE-4D85-8DF2-AA1F31D3445F}) (Version: 4.01.9714 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PandoraSaga version 1.0 (HKLM-x32\...\{0BD4A941-1E31-4E1E-9FC2-114889FC4B95}_is1) (Version: 1.0 - Atlus Online)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Pepakura Designer 3 (HKLM-x32\...\pepakura_designer3en) (Version:  - TamaSoftware)
Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version:  - TamaSoftware)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pinger (HKCU\...\Pinger 1.4.0.0) (Version: 1.4.0.0 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.0 - Pinger Inc.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
ProductContext (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Ragnarok Online (HKLM-x32\...\{C93C1D7D-DF06-49BD-990F-EAFED3E41C57}) (Version: 14.1.3 - Gravity Interactive, Inc.)
Ragnarok Online 2 (HKLM-x32\...\{717BD14A-BE61-40A4-9865-17AACF611FE0}) (Version: 1.0.0 - Gravity Interactive, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 1.12.0016 - Realtek)
Repulse (HKLM-x32\...\Repulse) (Version:  - )
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
ScorpionSaver (HKLM-x32\...\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTION
SDK (x32 Version: 2.26.012 - Portrait Displays, Inc.) Hidden
Shin Megami Tensei Imagine (HKLM-x32\...\5257AC64-44EB-4D0A-9421-BADA0C4054A5_is1) (Version: 1.0 - Marvelous USA, Inc.)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.0.14735.1561 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.3.0 - Synaptics Incorporated)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.33 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 6.0.0.33 - Hewlett-Packard Company) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UTAU 歌声合成ツール (HKLM-x32\...\{5C134C7E-537D-4BA2-913D-A6F163DF10D4}) (Version: 1.0.74 - 飴屋プロジェクト)
Validity Fingerprint Sensor Driver (HKLM\...\{AA51ED2E-DCE7-415F-9C32-CB9B561D216D}) (Version: 4.4.228.0 - Validity Sensors, Inc.)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIP Access SDK x64(1.0.0.50)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Vocaloid3 Free Edition v3.0.5.0 (HKLM-x32\...\Vocaloid3 Free Edition v3.0.5.0_is1) (Version: Vocaloid3 Free Edition v3.0.5.0 - )
VY2V3 Vocaloid3 Library (HKLM-x32\...\VY2V3 Vocaloid3 Library_is1) (Version: Vocaloid3 Library - )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Driver Package - Datel Design & Development (usbio) USBIOControlledDevices  (04/21/2009 2.40.0.0) (HKLM\...\30853F7174C6EB267FDAABE50A369169D18DA611) (Version: 04/21/2009 2.40.0.0 - Datel Design & Development)
Windows Driver Package - Datel Design & Development USBIOControlledDevices  (04/21/2009 2.40.0.0) (HKLM\...\8555DF8099612EF2F8333DC0EC454113D4537E7B) (Version: 04/21/2009 2.40.0.0 - Datel Design & Development)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 4.10 beta 5 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.5 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (x32 Version: 1.0.0 - Xobni, Inc.) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
26-02-2014 16:26:37 Windows Update
27-02-2014 23:22:48 avast! antivirus system restore point
28-02-2014 08:00:11 Windows Update
 
==================== Hosts content: ==========================
 
2013-01-15 20:29 - 2013-01-15 22:47 - 00002005 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com 
127.0.0.1                   practivate.adobe.ntp
127.0.0.1                   practivate.adobe.ipp
127.0.0.1 ereg.adobe.com
127.0.0.1 ereg.wip.adobe.com
127.0.0.1 ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 ereg.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
 
There are 6 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {06A33F91-B9FE-41B3-81D9-4860DC05E233} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1002UA => C:\Users\Charlie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {145D4BA9-CA1A-48D0-9EF8-600BDD86D4C3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {185B9D43-6B8E-4EEE-81A0-209EACEF15AC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core => C:\Users\Marlene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02] (Google Inc.)
Task: {42FB5831-A4AA-435C-9BC8-77B7E2DD8276} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {664C812C-8828-4570-8569-796B0EF0DAB5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1002Core => C:\Users\Charlie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {72B6D186-B1F0-4B06-806F-06C208DA594C} - System32\Tasks\AdobeAAMUpdater-1.0-Charlie-HP-Marlene => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {751A2B16-71A3-4825-A1F4-6348C914F1AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23] (Google Inc.)
Task: {95678928-0832-473B-AFCE-2ED235893516} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23] (Google Inc.)
Task: {9EAB669E-9621-46A7-806F-C2F56C5D05A2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core => C:\Users\Marlene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: {9F8D4DAA-3AFF-4C68-AEB3-5968A3847FCF} - System32\Tasks\HPCeeScheduleForCHARLIE-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {B61066F4-9E9C-4F37-B8F5-6CADC43FF268} - System32\Tasks\{F1067AAD-3313-463F-9422-1AB59524B2C3} => Chrome.exe http://ui.skype.com/ui/0/6.3.0.107/en/go/help.faq.installer?LastError=1601
Task: {B92D3D81-C0D7-4CCE-99DC-33B3206FA028} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA => C:\Users\Marlene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02] (Google Inc.)
Task: {C45F6C9B-3469-4E67-B116-30B1B17F1A8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CB2DDDC0-BD31-42D5-9391-E104511DA820} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CCB3B09B-FDE2-4B18-94C6-0CE0FD7B7726} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {D5CA2EC7-91BA-4B46-870D-1C2B44C9FFDB} - \BackgroundContainer Startup Task No Task File
Task: {E51FBEAD-7E88-4C52-916F-205EB8D449BE} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-24] (Adobe Systems Incorporated)
Task: {E8C66F50-35F9-4F6F-97DE-D18C284392EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {EBA3C593-D766-4991-94B7-4DE01EBE458D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-27] (AVAST Software)
Task: {F590C942-2002-4F38-90A1-DAE5D25AD529} - System32\Tasks\HPCeeScheduleForMarlene => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {FBA6860A-80E1-4CE9-BE48-4C3B89DC5F19} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA => C:\Users\Marlene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-11] (Facebook Inc.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core.job => C:\Users\Marlene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA.job => C:\Users\Marlene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1002Core.job => C:\Users\Charlie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1002UA.job => C:\Users\Charlie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core.job => C:\Users\Marlene\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA.job => C:\Users\Marlene\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForCHARLIE-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForMarlene.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-07-18 15:48 - 2011-07-18 15:48 - 00156216 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2012-04-05 17:39 - 2012-04-05 17:39 - 03401216 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 13:18 - 2010-09-06 13:18 - 01412608 _____ () C:\windows\system32\LIBEAY32.dll
2012-04-05 16:40 - 2012-04-05 16:40 - 00141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2012-06-02 21:13 - 2010-02-17 17:25 - 00181760 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
2012-06-02 21:13 - 2010-02-09 14:55 - 00055296 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
2012-04-05 16:41 - 2012-04-05 16:41 - 01323008 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2012-11-07 13:13 - 2012-11-07 15:14 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-04-05 17:21 - 2012-04-05 17:21 - 00200704 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
2011-01-27 00:11 - 2011-01-27 00:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2010-11-26 06:31 - 2010-11-26 06:31 - 00267128 _____ () C:\Program Files (x86)\HP HD Webcam [Fixed]\Monitor.exe
2013-02-12 21:37 - 2013-02-12 21:37 - 01263952 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-06-02 21:13 - 2010-02-17 17:25 - 00149504 ____N () C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkLocalBackup.dll
2011-05-02 14:21 - 2011-06-11 12:42 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2011-11-09 09:55 - 2011-11-09 09:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-11-02 14:03 - 2011-11-02 14:03 - 00024576 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2011-10-13 16:01 - 2011-10-13 16:01 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-02-28 14:55 - 2014-02-28 12:22 - 02186240 _____ () C:\Program Files\AVAST Software\Avast\defs\14022803\algo.dll
2014-03-01 09:34 - 2014-03-01 05:15 - 02186240 _____ () C:\Program Files\AVAST Software\Avast\defs\14030100\algo.dll
2012-06-02 21:12 - 2010-07-28 16:34 - 00022424 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinServicePS.dll
2012-02-20 21:29 - 2012-02-20 21:29 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-02-20 21:28 - 2012-02-20 21:28 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-04-05 17:17 - 2012-04-05 17:17 - 02830336 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2012-04-05 16:40 - 2012-04-05 16:40 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2012-04-05 17:20 - 2012-04-05 17:20 - 02863104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2012-04-05 17:18 - 2012-04-05 17:18 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2012-04-05 16:44 - 2012-04-05 16:44 - 02035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2012-04-05 16:45 - 2012-04-05 16:45 - 01945600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2012-04-05 17:15 - 2012-04-05 17:15 - 03092480 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2012-06-02 21:12 - 2010-06-23 17:11 - 00325632 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtXml4.dll
2012-06-02 21:12 - 2010-06-23 17:11 - 01954304 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtCore4.dll
2012-06-02 21:12 - 2010-06-23 17:12 - 07187456 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtGui4.dll
2012-06-02 21:12 - 2010-06-23 17:11 - 00847360 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\QtNetwork4.dll
2012-06-02 21:12 - 2010-06-23 16:38 - 00119808 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\imageformats\qjpeg4.dll
2013-02-12 21:38 - 2013-02-12 21:38 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2012-06-22 16:53 - 2012-06-22 16:53 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2012-06-22 16:24 - 2012-06-22 16:24 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2012-06-22 16:39 - 2012-06-22 16:39 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2012-06-22 16:55 - 2012-06-22 16:55 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00124928 _____ () C:\Program Files (x86)\Raptr\_elementtree.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2012-02-06 15:28 - 2012-02-06 15:28 - 00031744 _____ () C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
2012-02-06 15:28 - 2012-02-06 15:28 - 00010752 _____ () C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
2012-02-06 15:28 - 2012-02-06 15:28 - 00011264 _____ () C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
2011-05-10 14:01 - 2011-05-10 14:01 - 00030208 _____ () C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
2012-06-22 16:59 - 2012-06-22 16:59 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 13:17 - 2011-02-15 13:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 17:56 - 2010-11-22 17:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 17:56 - 2010-11-22 17:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 17:57 - 2010-11-22 17:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2012-06-02 21:12 - 2010-07-28 16:02 - 00658432 _____ () C:\Program Files (x86)\Belkin\Router Setup and Monitor\gateways\GenericBelkinGatewayLOC.dll
2014-02-27 18:32 - 2014-02-27 18:33 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2010-11-22 17:57 - 2010-11-22 17:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2012-10-27 02:53 - 2012-10-27 02:53 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 13:17 - 2011-02-15 13:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-22 18:06 - 2010-11-22 18:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-09 18:52 - 2013-05-09 18:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 13:56 - 2013-05-03 13:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 13:57 - 2013-05-03 13:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-02-24 19:56 - 2014-02-24 19:56 - 00169472 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-07-06 08:33 - 2011-01-12 20:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-04-27 17:05 - 2011-04-27 17:05 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2014-02-24 17:37 - 2014-02-19 20:02 - 00051016 _____ () C:\Users\Marlene\AppData\Local\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-24 17:37 - 2014-02-19 20:02 - 00716616 _____ () C:\Users\Marlene\AppData\Local\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-24 17:37 - 2014-02-19 20:02 - 00100168 _____ () C:\Users\Marlene\AppData\Local\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-24 17:37 - 2014-02-19 20:03 - 04060488 _____ () C:\Users\Marlene\AppData\Local\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-24 17:37 - 2014-02-19 20:03 - 00394568 _____ () C:\Users\Marlene\AppData\Local\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-24 17:37 - 2014-02-19 20:02 - 01647432 _____ () C:\Users\Marlene\AppData\Local\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2014-02-24 17:37 - 2014-02-19 20:03 - 13632840 _____ () C:\Users\Marlene\AppData\Local\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\77275831.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\77275831.sys => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: AATQ6J9E IDE Controller
Description: AATQ6J9E IDE Controller
Class Guid: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard mass storage controllers)
Service: a2ngueu2
Problem: : Windows cannot load the device driver for this hardware. The driver may be corrupted or missing. (Code 39)
Resolution: Reasons for this error include a driver that is not present; a binary file that is corrupt; a file I/O problem, or a driver that references an entry point in another binary file that could not be loaded.
Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
 
Name: Bluetooth Peripheral Device
Description: Bluetooth Peripheral Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/01/2014 09:34:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 38362361
 
Error: (03/01/2014 09:34:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 38362361
 
Error: (03/01/2014 09:34:19 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/01/2014 09:34:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 38361316
 
Error: (03/01/2014 09:34:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 38361316
 
Error: (03/01/2014 09:34:18 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/28/2014 10:54:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2012
 
Error: (02/28/2014 10:54:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2012
 
Error: (02/28/2014 10:54:59 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/28/2014 10:54:58 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
 
 
System errors:
=============
Error: (03/01/2014 09:35:13 AM) (Source: cdrom) (User: )
Description: The driver detected a controller error on \Device\CdRom0.
 
Error: (03/01/2014 09:34:36 AM) (Source: Server) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{58FB56F3-F950-4DBC-8279-B8D357BD2FFE} because another computer on the network has the same name.  The server could not start.
 
Error: (02/28/2014 10:33:51 PM) (Source: Service Control Manager) (User: )
Description: The Htsysm service failed to start due to the following error: 
%%2
 
Error: (02/28/2014 10:32:20 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (02/28/2014 08:39:45 PM) (Source: Service Control Manager) (User: )
Description: The Htsysm service failed to start due to the following error: 
%%2
 
Error: (02/28/2014 06:08:48 PM) (Source: Service Control Manager) (User: )
Description: The Htsysm service failed to start due to the following error: 
%%2
 
Error: (02/28/2014 04:00:25 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
Error: (02/28/2014 03:51:17 PM) (Source: Service Control Manager) (User: )
Description: The Htsysm service failed to start due to the following error: 
%%2
 
Error: (02/28/2014 02:08:27 PM) (Source: Service Control Manager) (User: )
Description: The Htsysm service failed to start due to the following error: 
%%2
 
Error: (02/28/2014 09:04:20 AM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
 
 
Microsoft Office Sessions:
=========================
Error: (03/01/2014 09:34:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 38362361
 
Error: (03/01/2014 09:34:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 38362361
 
Error: (03/01/2014 09:34:19 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/01/2014 09:34:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 38361316
 
Error: (03/01/2014 09:34:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 38361316
 
Error: (03/01/2014 09:34:18 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/28/2014 10:54:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2012
 
Error: (02/28/2014 10:54:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2012
 
Error: (02/28/2014 10:54:59 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/28/2014 10:54:58 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 52%
Total physical RAM: 8126.36 MB
Available physical RAM: 3872.12 MB
Total Pagefile: 16250.9 MB
Available Pagefile: 10691.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:676.38 GB) (Free:107.58 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:16.96 GB) (Free:2.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.1 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 4FB50E24)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=676 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:59 AM

Posted 01 March 2014 - 10:13 AM

Please download Combofix (by sUBs) and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)

#5 Haseo98

Haseo98
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 01 March 2014 - 11:25 AM

ComboFix 14-02-24.02 - Marlene 03/01/2014  10:19:53.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.8126.5411 [GMT -5:00]
Running from: c:\users\Marlene\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Marlene\AppData\Local\assembly\tmp
c:\users\Marlene\AppData\Local\Microsoft\Windows\Temporary Internet Files\outobox_iels
c:\users\Marlene\AppData\Local\Temp\1.tmp\F_IN_BOX.dll
c:\users\Marlene\AppData\Roaming\mIRC\logs\status.log
c:\users\Marlene\Documents\~WRL2826.tmp
c:\users\Marlene\Documents\~ytA021.tmp
c:\windows\apppatch\AppLoc.exe
c:\windows\AppPatch\Custom\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb
c:\windows\Installer\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}
c:\windows\Installer\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}\icon64.ico
.
.
(((((((((((((((((((((((((   Files Created from 2014-02-01 to 2014-03-01  )))))))))))))))))))))))))))))))
.
.
2014-03-01 15:38 . 2014-03-01 15:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-01 14:36 . 2014-03-01 14:38 -------- d-----w- C:\FRST
2014-02-28 20:44 . 2014-03-01 01:37 -------- d-----w- C:\AdwCleaner
2014-02-28 13:49 . 2014-02-28 13:49 -------- d-----w- c:\users\Marlene\AppData\Roaming\AVAST Software
2014-02-28 08:33 . 2014-02-06 09:01 10536864 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{175CFD7F-ED18-48B4-9666-4CB32C6BF03A}\mpengine.dll
2014-02-27 23:34 . 2014-02-27 23:33 80184 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-02-27 23:21 . 2014-02-27 23:33 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-02-27 23:21 . 2014-02-27 23:33 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-02-27 23:21 . 2014-02-27 23:33 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-02-26 16:37 . 2014-02-26 16:37 -------- d-----w- c:\windows\Migration
2014-02-26 16:28 . 2014-02-06 09:50 2041856 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-26 16:28 . 2014-02-06 09:22 13051392 ----a-w- c:\windows\system32\ieframe.dll
2014-02-26 16:28 . 2014-02-06 09:25 4244480 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-02-26 16:28 . 2014-02-06 10:11 5768704 ----a-w- c:\windows\system32\jscript9.dll
2014-02-24 00:35 . 2013-12-24 23:09 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-02-24 00:35 . 2013-12-24 22:48 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-02-24 00:35 . 2013-11-26 08:16 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2014-02-24 00:35 . 2013-11-22 22:48 3928064 ----a-w- c:\windows\system32\d2d1.dll
2014-02-23 18:48 . 2013-12-21 08:56 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-02-23 18:47 . 2013-12-21 09:53 548864 ----a-w- c:\windows\system32\vbscript.dll
2014-01-31 02:16 . 2014-01-31 02:16 -------- d-----w- C:\Marvelous USA
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-27 23:33 . 2012-02-18 05:24 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-27 23:33 . 2012-02-18 05:24 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-27 23:33 . 2012-02-18 05:24 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-27 23:33 . 2012-02-18 05:24 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-27 23:33 . 2012-02-18 05:23 43152 ----a-w- c:\windows\avastSS.scr
2014-02-26 16:44 . 2012-02-22 03:42 88567024 ----a-w- c:\windows\system32\MRT.exe
2014-02-25 02:20 . 2012-04-08 10:54 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-25 02:20 . 2012-03-14 11:44 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-27 17:55 . 2014-01-27 17:55 175928 ----a-w- c:\windows\system32\drivers\jmcr.sys
2014-01-27 17:52 . 2014-01-27 17:53 543744 ----a-w- c:\windows\system32\drivers\stwrt64.sys
2014-01-27 17:52 . 2011-07-06 13:51 1664000 ----a-w- c:\windows\sttray64.exe
2014-01-27 17:52 . 2014-01-27 17:53 499200 ----a-w- c:\windows\system32\stcplx64.dll
2014-01-27 17:52 . 2012-07-23 23:20 6102016 ----a-w- c:\windows\system32\stlang64.dll
2014-01-27 17:52 . 2014-01-27 17:53 2188800 ----a-w- c:\windows\system32\stapo64.dll
2014-01-27 17:52 . 2014-01-27 17:53 672256 ------w- c:\windows\system32\stapi64.dll
2014-01-27 17:52 . 2014-01-27 17:53 255488 ----a-w- c:\windows\system32\st646428.dll
2014-01-27 17:52 . 2012-07-23 23:20 2214912 ----a-w- c:\windows\system32\IDTNX.dll
2014-01-27 17:52 . 2012-07-23 23:20 8013312 ----a-w- c:\windows\system32\IDTNHP.dll
2014-01-27 17:52 . 2012-07-23 23:20 8003072 ----a-w- c:\windows\system32\IDTNGUI.exe
2014-01-27 17:52 . 2012-07-23 23:20 253952 ----a-w- c:\windows\system32\IDTNJ.exe
2014-01-27 17:52 . 2012-07-23 23:20 1821184 ----a-w- c:\windows\system32\IDTNC64.cpl
2014-01-27 17:52 . 2012-07-23 23:20 74336 ----a-w- c:\windows\system32\AESTAR64.dll
2014-01-27 17:52 . 2012-07-23 23:20 224256 ----a-w- c:\windows\system32\HPToneCtrls64.dll
2014-01-27 17:52 . 2012-07-23 23:20 200288 ----a-w- c:\windows\system32\AESTAC64.dll
2014-01-27 17:52 . 2011-07-06 13:51 442368 ----a-w- c:\windows\system32\AESTEC64.dll
2014-01-27 17:52 . 2011-07-06 13:51 90624 ----a-w- c:\windows\system32\AESTCo64.dll
2014-01-22 14:52 . 2012-02-18 05:24 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-12-19 02:09 . 2014-01-20 06:25 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-12-18 11:13 . 2012-02-18 05:25 270496 ------w- c:\windows\system32\MpSigStub.exe
2013-12-15 19:33 . 2013-12-15 19:34 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys
2013-12-07 08:03 . 2013-12-07 08:03 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-07 08:03 . 2013-12-07 08:03 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-07 08:03 . 2013-12-07 08:03 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-07 08:03 . 2013-12-07 08:03 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-07 08:03 . 2013-12-07 08:03 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-07 08:03 . 2013-12-07 08:03 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-07 08:03 . 2013-12-07 08:03 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-07 08:03 . 2013-12-07 08:03 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-07 08:03 . 2013-12-07 08:03 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-07 08:03 . 2013-12-07 08:03 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-07 08:03 . 2013-12-07 08:03 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-07 08:03 . 2013-12-07 08:03 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-07 08:03 . 2013-12-07 08:03 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-07 08:03 . 2013-12-07 08:03 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-07 08:03 . 2013-12-07 08:03 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-07 08:03 . 2013-12-07 08:03 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-07 08:03 . 2013-12-07 08:03 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-07 08:03 . 2013-12-07 08:03 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-07 08:03 . 2013-12-07 08:03 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-07 08:03 . 2013-12-07 08:03 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-07 08:03 . 2013-12-07 08:03 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-07 08:03 . 2013-12-07 08:03 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-07 08:03 . 2013-12-07 08:03 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-07 08:03 . 2013-12-07 08:03 413696 ----a-w- c:\windows\system32\html.iec
2013-12-07 08:03 . 2013-12-07 08:03 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-07 08:03 . 2013-12-07 08:03 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-07 08:03 . 2013-12-07 08:03 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-07 08:03 . 2013-12-07 08:03 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-07 08:03 . 2013-12-07 08:03 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-07 08:03 . 2013-12-07 08:03 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-07 08:03 . 2013-12-07 08:03 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-07 08:03 . 2013-12-07 08:03 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-07 08:03 . 2013-12-07 08:03 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-07 08:03 . 2013-12-07 08:03 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-07 08:03 . 2013-12-07 08:03 235520 ----a-w- c:\windows\system32\url.dll
2013-12-07 08:03 . 2013-12-07 08:03 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-07 08:03 . 2013-12-07 08:03 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-07 08:03 . 2013-12-07 08:03 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-07 08:03 . 2013-12-07 08:03 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-07 08:03 . 2013-12-07 08:03 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-07 08:03 . 2013-12-07 08:03 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-07 08:03 . 2013-12-07 08:03 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-07 08:03 . 2013-12-07 08:03 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-07 08:03 . 2013-12-07 08:03 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-07 08:03 . 2013-12-07 08:03 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-07 08:03 . 2013-12-07 08:03 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-07 08:03 . 2013-12-07 08:03 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-07 08:03 . 2013-12-07 08:03 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-07 08:03 . 2013-12-07 08:03 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-07 08:03 . 2013-12-07 08:03 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-07 08:03 . 2013-12-07 08:03 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-07 08:03 . 2013-12-07 08:03 101376 ----a-w- c:\windows\system32\inseng.dll
2013-08-16 15:13 . 2013-08-16 15:13 727029 ----a-w- c:\program files (x86)\unins000.exe
2012-07-21 18:28 . 2013-08-16 15:13 306783 ----a-w- c:\program files (x86)\activation_tool.exe
2012-07-21 15:55 . 2013-08-16 15:13 9873920 ----a-w- c:\program files (x86)\VOCALOID3.exe
2012-07-15 16:37 . 2013-08-16 15:13 7962624 ----a-w- c:\program files (x86)\DSE3.dll
2012-07-12 15:22 . 2013-08-16 15:13 423424 ----a-w- c:\program files (x86)\DSCL3.dll
2012-07-12 14:59 . 2013-08-16 15:13 137728 ----a-w- c:\program files (x86)\dbm3.dll
2012-05-21 20:41 . 2013-08-16 15:13 124416 ----a-w- c:\program files (x86)\g2pa3_CHS.dll
2012-04-24 14:19 . 2013-08-16 15:13 624640 ----a-w- c:\program files (x86)\Vsq3.dll
2012-04-16 15:02 . 2013-08-16 15:13 177152 ----a-w- c:\program files (x86)\VstHost3.dll
2012-04-16 15:00 . 2013-08-16 15:13 136704 ----a-w- c:\program files (x86)\vedit3.dll
2012-04-16 14:58 . 2013-08-16 15:13 76288 ----a-w- c:\program files (x86)\udm3_eng.dll
2011-11-16 14:46 . 2013-08-16 15:13 245248 ----a-w- c:\program files (x86)\g2pa3_ESP.dll
2011-11-11 19:23 . 2013-08-16 15:13 160256 ----a-w- c:\program files (x86)\g2pa3_KOR.dll
2011-11-10 23:56 . 2013-08-16 15:13 4886528 ----a-w- c:\program files (x86)\g2pa3_ENG.dll
2011-11-01 00:34 . 2013-08-16 15:13 117760 ----a-w- c:\program files (x86)\g2pa3_JPN.dll
2011-10-31 14:16 . 2013-08-16 15:13 1888256 ----a-w- c:\program files (x86)\xerces-c_3_1.dll
2011-10-31 14:16 . 2013-08-16 15:13 24229376 ----a-w- c:\program files (x86)\DSE3_DFT.dll
2011-10-20 22:00 . 2013-08-16 15:13 4479832 ----a-w- c:\program files (x86)\vcredist_x86.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-19 01:24 220632 ----a-w- c:\users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-19 01:24 220632 ----a-w- c:\users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-19 01:24 220632 ----a-w- c:\users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdloader"="c:\users\Marlene\AppData\Roaming\mjusbsp\cdloader2.exe" [2012-02-01 50592]
"Raptr"="c:\progra~2\Raptr\raptrstub.exe" [2014-02-18 55360]
"Akamai NetSession Interface"="c:\users\Marlene\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
"BitTorrent"="c:\users\Marlene\AppData\Roaming\BitTorrent\BitTorrent.exe" [2014-02-24 900696]
"Pinger"="c:\program files (x86)\Pinger\Pinger.exe" [2013-08-23 10581504]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"File Sanitizer"="c:\program files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe" [2011-02-07 12274688]
"IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2011-01-26 283160]
"HP HD Webcam [Fixed]_Monitor"="c:\program files (x86)\HP HD Webcam [Fixed]\monitor.exe" [2010-11-26 11:31 267128]
"DTRun"="c:\program files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe" [2010-11-24 517456]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-13 343168]
"HPQuickWebProxy"="c:\program files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe" [2012-03-06 169528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
"QLBController"="c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe" [2012-06-20 333728]
"DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-01-30 450560]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-02-13 1263952]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"Aeria Ignite"="c:\program files (x86)\Aeria Games\Ignite\aeriaignite.exe" [2013-01-08 1794224]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-02 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"HPConnectionManager"="c:\program files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe" [2012-09-05 184736]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-27 3767096]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
GamersFirst LIVE!.lnk - c:\program files (x86)\GamersFirst\LIVE!\Live.exe /silent [2011-8-15 2589808]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-23 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
2011-02-03 22:09 75360 ----a-w- c:\windows\System32\DeviceNP.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ   DPPassFilter scecli
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Power Assistant Service;HP Power Assistant Service;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe;c:\program files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 Htsysm;Htsysm;c:\windows\system32\HtsysmNT.sys;c:\windows\SYSNATIVE\HtsysmNT.sys [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 XobniService;XobniService;c:\program files (x86)\Xobni\XobniService.exe;c:\program files (x86)\Xobni\XobniService.exe [x]
R3 DAMDrv;DAMDrv;c:\windows\system32\DRIVERS\DAMDrv64.sys;c:\windows\SYSNATIVE\DRIVERS\DAMDrv64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;c:\windows\SysWOW64\flcdlock.exe;c:\windows\SysWOW64\flcdlock.exe [x]
R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 MfeEpeOpal;MfeEpeOpal; [x]
S0 MfeEpePc;MfeEpePc; [x]
S0 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
S1 archlp;archlp;c:\windows\system32\drivers\archlp.sys;c:\windows\SYSNATIVE\drivers\archlp.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [x]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HPDayStarterService;HP DayStarter Service;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe;c:\program files\Hewlett-Packard\HP DayStarter\32-bit\HPDayStarterService.exe [x]
S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [x]
S2 HPFSService;File Sanitizer for HP ProtectTools;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe;c:\program files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [x]
S2 hpHotkeyMonitor;hpHotkeyMonitor;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe;c:\program files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 jhi_service;Intel® Identity Protection Technology Host Interface Service;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe;c:\program files (x86)\Intel\Services\IPT\jhi_service.exe [x]
S2 McAfee Endpoint Encryption Agent;McAfee Endpoint Encryption Agent;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe;c:\program files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [x]
S2 PdiService;Portrait Displays SDK Service;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe;c:\program files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
S2 uArcCapture;ArcCapture;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe;c:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver;c:\windows\system32\DRIVERS\ArcSoftVCapture.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftVCapture.sys [x]
S3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys;c:\windows\SYSNATIVE\DRIVERS\jmcr.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-08 02:20]
.
2014-02-27 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core.job
- c:\users\Marlene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-10 21:42]
.
2014-03-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA.job
- c:\users\Marlene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-10 21:42]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 23:37]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-02-23 23:37]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004Core.job
- c:\users\Marlene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 22:00]
.
2014-03-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1577214117-580987070-1299483787-1004UA.job
- c:\users\Marlene\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-02 22:00]
.
2014-02-08 c:\windows\Tasks\HPCeeScheduleForCHARLIE-HP$.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 09:43]
.
2014-03-01 c:\windows\Tasks\HPCeeScheduleForMarlene.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15 09:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2012-11-19 01:24 244696 ----a-w- c:\users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2012-11-19 01:24 244696 ----a-w- c:\users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2012-11-19 01:24 244696 ----a-w- c:\users\Marlene\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-27 23:33 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-01-07 615584]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-01-07 379040]
"MfeEpePcMonitor"="c:\program files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe" [2012-04-05 200704]
"HPPowerAssistant"="c:\program files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe" [2011-07-15 14904]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-02-27 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-02-27 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-02-27 416024]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2014-01-27 1664000]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Add to Evernote 4.0 - c:\program files (x86)\Evernote\Evernote\EvernoteIE.dll/204
Trusted Zone: aeriagames.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 200.48.225.130 200.48.225.146
FF - ProfilePath - c:\users\Marlene\AppData\Roaming\Mozilla\Firefox\Profiles\xjwul3wj.default\
FF - prefs.js: keyword.URL - 
FF - ExtSQL: !HIDDEN! 2012-04-11 12:09; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{88c7f2aa-f93f-432c-8f0e-b7d85967a527} - (no file)
URLSearchHooks-{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - (no file)
Toolbar-{d1b5aad5-d1ae-4b20-88b1-feeaeb4c1ebc} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-77275831.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{88C7F2AA-F93F-432C-8F0E-B7D85967A527} - (no file)
WebBrowser-{D1B5AAD5-D1AE-4B20-88B1-FEEAEB4C1EBC} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_blr.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1577214117-580987070-1299483787-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1577214117-580987070-1299483787-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_70.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Completion time: 2014-03-01  10:56:11 - machine was rebooted
ComboFix-quarantined-files.txt  2014-03-01 15:56
.
Pre-Run: 131,009,560,576 bytes free
Post-Run: 153,631,997,952 bytes free
.
- - End Of File - - 7FABF5590F32083698E2D839F7D982C9


#6 Haseo98

Haseo98
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 02 March 2014 - 02:20 PM

please help!



#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:59 AM

Posted 02 March 2014 - 02:37 PM

Hello,

your internet traffic is routed via Peru. Are you aware of that or is it unexpected?
Does this problem occur in all browsers or just in one of them?


Please download this attached Attached File  fixlist.txt   858bytes   3 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to same location the tool was run from.
    Please copy and paste its contents in your next reply.


#8 Haseo98

Haseo98
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 02 March 2014 - 02:52 PM

Yeah... I am in Peru currently... and it happen son all browsers



#9 Haseo98

Haseo98
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 02 March 2014 - 02:57 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-03-2014 02
Ran by Marlene at 2014-03-02 14:57:05 Run:1
Running from C:\Users\Marlene\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [pbkdpahkifcigckmhiafindmaflfifgm] - C:\Users\Marlene\AppData\Local\Coupon Companion\Chrome\Coupon Companion.crx [2013-02-07]
CHR HKLM-x32\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Marlene\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-21]
CHR HKLM-x32\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Marlene\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-11-20]
CHR HKCU\...\Chrome\Extension: [lipgolpfajiadodbcbljdpmbmbdmfcil] - C:\Users\Marlene\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx [2013-11-21]
CHR HKCU\...\Chrome\Extension: [banjjklfojcdbofbhbgiedekefohoaff] - C:\Users\Marlene\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx [2013-11-20]
*****************
 
HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pbkdpahkifcigckmhiafindmaflfifgm => Key deleted successfully.
"C:\Users\Marlene\AppData\Local\Coupon Companion\Chrome\Coupon Companion.crx" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil => Key deleted successfully.
C:\Users\Marlene\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff => Key deleted successfully.
C:\Users\Marlene\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx => Moved successfully.
HKCU\SOFTWARE\Google\Chrome\Extensions\lipgolpfajiadodbcbljdpmbmbdmfcil => Key deleted successfully.
"C:\Users\Marlene\AppData\Local\CRE\lipgolpfajiadodbcbljdpmbmbdmfcil.crx" => File/Directory not found.
HKCU\SOFTWARE\Google\Chrome\Extensions\banjjklfojcdbofbhbgiedekefohoaff => Key deleted successfully.
"C:\Users\Marlene\AppData\Local\CRE\banjjklfojcdbofbhbgiedekefohoaff.crx" => File/Directory not found.
 
==== End of Fixlog ====


#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:59 AM

Posted 02 March 2014 - 05:36 PM

Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

Edited by aharonov, 02 March 2014 - 05:36 PM.


#11 Haseo98

Haseo98
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:59 PM

Posted 02 March 2014 - 07:41 PM

It said no malware in my computer.... weird... but I still get linked to that site



#12 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:59 AM

Posted 03 March 2014 - 05:52 AM

Ok.


Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!

#13 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:59 AM

Posted 18 March 2014 - 05:36 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users