Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

CPU usage soaring


  • This topic is locked This topic is locked
13 replies to this topic

#1 JoeMn

JoeMn

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:57 PM

Posted 01 March 2014 - 12:35 PM

I recently bought Saints Row IV off Steam, and now my CPU is screaming at 69% when I start up. I am concerned there may be something working against me in the background.

 

I have collected a hijackthis log on the off chance its something simple.

Thanks in advance for taking a look.

Attached Files


Edited by JoeMn, 01 March 2014 - 12:35 PM.


BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:57 AM

Posted 01 March 2014 - 03:06 PM

Hi,

Hijackthis unfortuantely is not very usefule anymore nowadays.
Please run a FRST scan instead:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 JoeMn

JoeMn
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:57 PM

Posted 02 March 2014 - 05:05 PM

I have ran the requested scan however, it keeps locking up when I attempt to paste the frst.txt log here. I think it has to do with these huge sections that look like alien writing. I am unsure what to do as it makes my Chrome browser go non-responsive.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-03-2014 02
Ran by Stephanie (administrator) on MORPHEUS on 02-03-2014 15:13:15
Running from G:\Windows install
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Acronis) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
(Spigot, Inc.) C:\Program Files\Application Updater\ApplicationUpdater.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
( ) C:\Windows\system32\dlbacoms.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(Razer USA Ltd) C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
() C:\Users\Stephanie\Desktop\Desktop Icons\Xpadder.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intuit Inc.) C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [Razer Naga Driver] - C:\Program Files\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-12-25] (Realtek Semiconductor)
HKLM\...\Run: [IObit Malware Fighter] - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [] - [X]
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe -update activex
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [SmartRAM] - C:\Program Files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe [542496 2014-02-27] (IObit)
Lsa: [Authentication Packages] msv1_0 relog_ap
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=800236&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAE1825CAB67ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://smart.westwood.edu:8106/psp/EPPR01/EMPLOYEE/HRMS/h/?tab=DEFAULT
URLSearchHook: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
URLSearchHook: HKCU - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.8\iobitappsToolbarIE.dll (Spigot, Inc.)
URLSearchHook: HKCU - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
SearchScopes: HKCU - {AFCE25B8-253A-49F0-AF0B-6045C2360F45} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
SearchScopes: HKCU - {B730E2FB-931E-C117-652C-C429D0471E60} URL = http://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF
BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
BHO: IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.8\iobitappsToolbarIE.dll (Spigot, Inc.)
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
Toolbar: HKLM - Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files\Vuze_Remote\prxtbVuze.dll (Conduit Ltd.)
Toolbar: HKLM - Conduit Engine - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
Toolbar: HKLM - Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll (AOL Inc.)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - IObit Apps Toolbar - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files\IObit Apps Toolbar\IE\8.8\iobitappsToolbarIE.dll (Spigot, Inc.)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Jojo's%20Fashion%20Show/Images/stg_drm.ocx
DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\STEPHA~1\AppData\Local\Temp\f5tmp\urxvpn.cab
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\STEPHA~1\AppData\Local\Temp\f5tmp\f5tunsrv.cab
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\STEPHA~1\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab#-1,-1,-1,-1
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {7417F730-7BAB-409E-8BB7-6936D361B869} http://csweb.netgame.com/main/MLauncher.cab
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.com/mplugin/mglaunch_USAv1005.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/The%20Scruffs/Images/armhelper.ocx
DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\STEPHA~1\AppData\Local\Temp\f5tmp\urxshost.cab
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\STEPHA~1\AppData\Local\Temp\f5tmp\urxhost.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: bw+0 - No CLSID Value - 
Handler: bw+0s - No CLSID Value - 
Handler: bw-0 - No CLSID Value - 
Handler: bw-0s - No CLSID Value - 
Handler: bw00 - No CLSID Value - 
Handler: bw00s - No CLSID Value - 
Handler: bw10 - No CLSID Value - 
Handler: bw10s - No CLSID Value - 
Handler: bw20 - No CLSID Value - 
Handler: bw20s - No CLSID Value - 
Handler: bw30 - No CLSID Value - 
Handler: bw30s - No CLSID Value - 
Handler: bw40 - No CLSID Value - 
Handler: bw40s - No CLSID Value - 
Handler: bw50 - No CLSID Value - 
Handler: bw50s - No CLSID Value - 
Handler: bw60 - No CLSID Value - 
Handler: bw60s - No CLSID Value - 
Handler: bw70 - No CLSID Value - 
Handler: bw70s - No CLSID Value - 
Handler: bw80 - No CLSID Value - 
Handler: bw80s - No CLSID Value - 
Handler: bw90 - No CLSID Value - 
Handler: bw90s - No CLSID Value - 
Handler: bwa0 - No CLSID Value - 
Handler: bwa0s - No CLSID Value - 
Handler: bwb0 - No CLSID Value - 
Handler: bwb0s - No CLSID Value - 
Handler: bwc0 - No CLSID Value - 
Handler: bwc0s - No CLSID Value - 
Handler: bwd0 - No CLSID Value - 
Handler: bwd0s - No CLSID Value - 
Handler: bwe0 - No CLSID Value - 
Handler: bwe0s - No CLSID Value - 
Handler: bwf0 - No CLSID Value - 
Handler: bwf0s - No CLSID Value - 
Handler: bwg0 - No CLSID Value - 
Handler: bwg0s - No CLSID Value - 
Handler: bwh0 - No CLSID Value - 
Handler: bwh0s - No CLSID Value - 
Handler: bwi0 - No CLSID Value - 
Handler: bwi0s - No CLSID Value - 
Handler: bwj0 - No CLSID Value - 
Handler: bwj0s - No CLSID Value - 
Handler: bwk0 - No CLSID Value - 
Handler: bwk0s - No CLSID Value - 
Handler: bwl0 - No CLSID Value - 
Handler: bwl0s - No CLSID Value - 
Handler: bwm0 - No CLSID Value - 
Handler: bwm0s - No CLSID Value - 
Handler: bwn0 - No CLSID Value - 
Handler: bwn0s - No CLSID Value - 
Handler: bwo0 - No CLSID Value - 
Handler: bwo0s - No CLSID Value - 
Handler: bwp0 - No CLSID Value - 
Handler: bwp0s - No CLSID Value - 
Handler: bwq0 - No CLSID Value - 
Handler: bwq0s - No CLSID Value - 
Handler: bwr0 - No CLSID Value - 
Handler: bwr0s - No CLSID Value - 
Handler: bws0 - No CLSID Value - 
Handler: bws0s - No CLSID Value - 
Handler: bwt0 - No CLSID Value - 
Handler: bwt0s - No CLSID Value - 
Handler: bwu0 - No CLSID Value - 
Handler: bwu0s - No CLSID Value - 
Handler: bwv0 - No CLSID Value - 
Handler: bwv0s - No CLSID Value - 
Handler: bww0 - No CLSID Value - 
Handler: bww0s - No CLSID Value - 
Handler: bwx0 - No CLSID Value - 
Handler: bwx0s - No CLSID Value - 
Handler: bwy0 - No CLSID Value - 
Handler: bwy0s - No CLSID Value - 
Handler: bwz0 - No CLSID Value - 
Handler: bwz0s - No CLSID Value - 
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: offline-8876480 - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  No File [ ]
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 24.159.193.40 24.205.224.36 68.190.192.35
 
FireFox:
========
FF ProfilePath: C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default
FF user.js: detected! => C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\user.js
FF Homepage: hxxp://search.yahoo.com?type=800236&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - G:\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @eximion.com/KalydoPlayer3.10.04 - C:\Users\Stephanie\AppData\Roaming\Kalydo\KalydoPlayer\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @g2.com/iggweb3dupdater - C:\Users\Stephanie\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG)
FF Plugin HKCU: @g2.com/joyconnectshell - C:\Users\Stephanie\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Stephanie\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Stephanie\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Stephanie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Stephanie\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npatgpc.dll (WebEx Communications, Inc)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\searchplugins\aol-search.xml
FF SearchPlugin: C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\searchplugins\aol-web-search.xml
FF SearchPlugin: C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\searchplugins\winamp-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: No Name - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\adsremoval@adsremoval.net [2014-02-27]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\ascsurfingprotection@iobit.com [2014-01-13]
FF Extension: Разпознаване на устройство Logitech - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\DeviceDetection@logitech.com [2011-08-14]
FF Extension: Winamp Toolbar - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{0b38152b-1b20-484d-a11f-5e04a9b0661f} [2013-04-30]
FF Extension: IE Tab 2 (FF 3.6+) - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB} [2013-01-01]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-04-28]
FF Extension: Flash Game Maximizer - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{258735dc-6743-4805-95fc-f95941fffdad} [2010-10-26]
FF Extension: Yahoo! Toolbar - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-08-21]
FF Extension: Address Bar Search - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9} [2013-08-30]
FF Extension: Embedded Objects - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\firefox@red-cog.com.xpi [2011-08-19]
FF Extension: Personas Plus - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\personas@christopher.beard.xpi [2013-03-31]
FF Extension: Adblock Plus - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-27]
FF Extension: DownThemAll! - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-10-17]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2008-09-21]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009-03-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009-09-07]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2009-11-22]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-27]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-09-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-11-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-05-15]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-30]
FF HKLM\...\Firefox\Extensions: [{98e34367-8df7-42b4-837b-20b892ff0849}] - C:\ProgramData\iWin Games\firefox
FF Extension: iWinGames Plugin - C:\ProgramData\iWin Games\firefox [2009-10-27]
FF HKLM\...\Firefox\Extensions: [crossriderapp435@crossrider.com] - C:\ProgramData\CodecCheck\firefox
FF Extension: Premiumplay Codec-C - C:\ProgramData\CodecCheck\firefox [2011-07-15]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-05-25]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-31]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-01]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\5.0\firefox.exe
 
Chrome: 
=======
CHR HomePage: hxxp://search.yahoo.com?type=800236&fr=spigot-yhp-ch
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\5.0\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\5.0\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (RealPlayer™ HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\5.0\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\5.0\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\5.0\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\5.0\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\5.0\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\5.0\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files\Mozilla Firefox\5.0\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\5.0\plugins\nprjplug.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files\Mozilla Firefox\5.0\plugins\npwachk.dll (Nullsoft, Inc.)
 
At this point I hit the chunk that locks it up, here is a portion of what is there:
 
CHR Plugin: (MicrosoftÃÆâÃÃââ
 
That goes on and on and on, and repeats a bit further down, here is whats after that:
 
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\Windows\system32\npdeployJava1.dll No File
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (downloadUpdater) - C:\Program Files\Mozilla Firefox\plugins\npdnu.dll No File
CHR Plugin: (downloadUpdater2) - C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll No File
CHR Plugin: (Windows Genuine Advantage) - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Yahoo! activeX Plug-in Bridge) - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
CHR Plugin: (Zylom Plugin) - C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll (Zylom)
CHR Plugin: (ActiveTouch General Plugin Container) - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npatgpc.dll (WebEx Communications, Inc)
CHR Plugin: (Google Talk Plugin) - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
CHR Plugin: (Google Talk Plugin Video Accelerator) - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
 
Then more:
 
CHR Plugin: (Windows LiveÃÆÃÂÂÂÃâ€
 
Followed by: 
 
€šÃ‚¢ Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RealNetworks™ Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (Unity Player) - C:\Users\Stephanie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Stephanie\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
CHR Plugin: (Kalydo Player Plugin for Mozilla) - C:\Users\Stephanie\AppData\Roaming\Kalydo\KalydoPlayer\npkalydo.dll (Eximion B.V.)
CHR Plugin: (Windows Presentation Foundation) - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (Shockwave for Director) - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2013-07-06]
CHR Extension: (From Dust) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\anelkojiepicmcldgnmkplocifmegpfj [2013-07-06]
CHR Extension: (TV) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bppbpeijolfcampacpljolaegibfhjph [2013-07-06]
CHR Extension: (Pandora) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fbangkleohkafngihneedemihgfeikcl [2013-07-06]
CHR Extension: (Where is my fruits) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdmdifgmlahajohgmlnnnoanabgghkma [2013-07-06]
CHR Extension: (Planetarium) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gheikhdfflhlbemfmhcfpeblehemeklp [2013-07-06]
CHR Extension: (avast! Online Security) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-07-10]
CHR Extension: (mysms - Text anywhere) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2013-07-06]
CHR Extension: (ButtonBass Dubstep Balls) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmjadonkmcblbkocpaaefjbceiijfdg [2013-07-06]
CHR Extension: (RealDownloader) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2012-12-17]
CHR Extension: (Codec-V) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho [2011-09-07]
CHR Extension: (SparkChess 7) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\khgabmflimjjbclkmljlpmgaleanedem [2013-07-06]
CHR Extension: (Talking Tom Cat 2) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lenalfnmlbapkomcbobjfdmlbbmdpeef [2013-07-06]
CHR Extension: (Skype Click to Call) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-19]
CHR Extension: (Zuma) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmlohpfojplnfgcbgooclnhidniofegn [2013-07-06]
CHR Extension: (Fishing Joy) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlonhgnjdlnjgalpdigmbpfpielpadmc [2013-07-06]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-27]
CHR Extension: (Google Wallet) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-09-01]
CHR Extension: (GIFPAL) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2013-07-06]
CHR Extension: (Picky Wallpapers) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\odklcfojpedohplkimfdpcamkjnhanaj [2013-07-06]
CHR Extension: (Mini Ninjas) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oijfbknbncemokdnlboeabbcfhobechi [2013-07-06]
CHR Extension: (Bastion) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid [2013-07-06]
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [jpnbdefcbnoefmmcpelplabbkfmfhlho] - C:\ProgramData\CodecCheck\chrome\codec_check.crx [2011-07-15]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2013-11-17]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
 
========================== Services (Whitelisted) =================
 
R2 AcrSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [411168 2007-04-19] (Acronis)
S4 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
S2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
S4 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144712 2009-06-05] (Apple Inc.)
R2 Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [807800 2014-02-19] (Spigot, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-05-13] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-05-13] (BlueStack Systems, Inc.)
R2 dlba_device; C:\Windows\system32\dlbacoms.exe [538096 2007-03-05] ( )
S4 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-07-28] (WildTangent, Inc.)
S4 HauppaugeTVServer; C:\Program Files\WinTV\HCWTVServer.exe [815104 2007-02-20] (Hauppauge Computer Works)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
S2 iWinTrusted; C:\Program Files\iWin Games\iWinTrusted.exe [176408 2010-07-07] (iWin Inc.)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3004416 2007-11-07] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-11-11] (Overwolf Ltd)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
S2 PavPrSrv; "C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [18544 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\system32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770344 2013-07-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2013-07-07] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [175176 2013-07-07] ()
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
S3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [699896 2009-11-06] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-05-13] (BlueStack Systems)
S3 f5ipfw; C:\Windows\system32\drivers\urfltwlh.sys [24624 2013-04-13] (F5 Networks, Inc.)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
S3 hcwPP2; C:\Windows\System32\DRIVERS\hcwPP2.sys [185728 2007-02-06] (Hauppauge Computer Works, Inc.)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [106296 2014-02-19] (JMicron Technology Corp.)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows ® Codename Longhorn DDK provider)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28624 2010-08-24] (Logitech, Inc.)
S3 MSIGreenPower; C:\Program Files\MSI\DualCoreCenter\Green Power Center\NTGLM7X.sys [28160 2008-03-12] (MICRO-STAR INT'L CO., LTD.)
S3 MSIGreenPowerRushTop; C:\Program Files\MSI\DualCoreCenter\Green Power Center\RushTop.sys [55296 2008-04-23] (Your Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [655872 2008-10-29] (Ralink Technology Corp.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [21792 2011-04-13] (Microsoft Corporation)
S3 P1370Afx; C:\Windows\system32\Drivers\P1370Afx.sys [143136 2007-04-02] (Creative Technology Ltd.)
S3 P1370Aud; C:\Windows\system32\Drivers\P1370Aud.sys [93056 2005-12-05] (Creative Technology Ltd.)
S3 P1370Aul; C:\Windows\system32\Drivers\P1370Aul.sys [4992 2005-12-06] (Creative Technology Ltd.)
S3 P1370Vfx; C:\Windows\System32\DRIVERS\P1370Vfx.sys [7424 2007-03-05] (EyePower Games Pte. Ltd.)
S3 P1370VID; C:\Windows\System32\DRIVERS\P1370Vid.sys [297888 2007-03-28] (Creative Technology Ltd.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys [32288 2013-11-19] (IObit.com)
S3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [299520 2009-02-26] (Ralink Technology Corp.)
S3 RushTopDevice_J; C:\Program Files\MSI\DualCoreCenter\Green Power Center\RushJ.sys [18944 2008-04-23] (Your Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [103424 2011-11-15] (Razer USA Ltd)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2013-12-16] (Power Software Ltd)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2009-09-07] ()
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [32768 2008-10-06] (Acronis)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com)
R3 urvpndrv; C:\Windows\System32\DRIVERS\covpnwlh.sys [40528 2013-04-13] (F5 Networks, Inc.)
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-11] (Microsoft Corporation)
S3 VSPerfDrv100; C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [54144 2011-01-18] (Microsoft Corporation)
S3 WEBNTACCESS; C:\Program Files\MSI\Live Update 3\NTACCESS.SYS [17920 2008-06-10] (Your Corporation)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-20] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\Users\STEPHA~1\AppData\Local\Temp\catchme.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S2 eamonm; system32\DRIVERS\eamonm.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 PavProc; \??\C:\Windows\system32\DRIVERS\PavProc.sys [X]
S1 ShldDrv; System32\DRIVERS\ShlDrv51.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-02 15:12 - 2014-03-02 15:13 - 00000000 ____D () C:\FRST
2014-03-02 13:03 - 2014-03-02 13:03 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-02 10:09 - 2014-03-02 10:41 - 00000000 ____D () C:\Users\Stephanie\Documents\TurboTax
2014-03-02 10:07 - 2014-03-02 10:07 - 00000000 ____D () C:\Users\Stephanie\AppData\Local\IsolatedStorage
2014-03-02 10:04 - 2014-03-02 10:04 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Intuit
2014-03-02 10:03 - 2014-03-02 10:15 - 00000451 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-03-02 10:01 - 2014-03-02 10:01 - 00001838 _____ () C:\Users\Public\Desktop\TurboTax 2012.lnk
2014-03-02 09:58 - 2014-03-02 10:01 - 00000000 ____D () C:\Program Files\Common Files\Intuit
2014-03-02 09:57 - 2014-03-02 10:01 - 00000000 ____D () C:\ProgramData\Intuit
2014-03-02 09:57 - 2014-03-02 09:57 - 00000000 ____D () C:\Program Files\TurboTax
2014-02-27 19:10 - 2014-02-27 19:10 - 00000874 _____ () C:\Users\Stephanie\Desktop\SaintsRowIV.exe - Shortcut.lnk
2014-02-27 16:58 - 2014-02-27 16:58 - 00000202 _____ () C:\Users\Stephanie\Desktop\Saints Row IV.url
2014-02-26 10:27 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-02-26 10:27 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-02-26 10:27 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-02-26 10:27 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-02-26 10:27 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-02-26 10:27 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-02-26 10:27 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-02-26 10:27 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
 
2014-02-26 10:27 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-02-26 10:27 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-02-26 10:27 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-02-26 10:27 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-02-26 10:27 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-02-26 10:27 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-02-26 10:27 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-02-26 10:27 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-02-26 10:27 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-02-26 10:27 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-02-26 10:27 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-02-26 10:27 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-02-26 10:27 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-02-26 10:27 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-02-26 10:27 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-02-26 10:27 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-02-26 10:27 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-02-26 10:27 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-02-26 10:27 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-02-26 10:27 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-02-26 10:27 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-02-26 10:27 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-02-26 10:27 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-02-26 10:27 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-02-26 10:27 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-02-26 10:27 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-02-26 10:27 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-02-26 10:27 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-02-26 10:27 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-02-26 10:27 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-02-26 10:27 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-02-26 10:27 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-02-26 10:27 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-02-26 10:27 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-02-26 10:27 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-02-26 10:27 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-02-26 10:27 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-02-26 10:27 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-02-26 10:27 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-02-26 10:27 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-02-26 10:27 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-02-26 10:27 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-02-26 10:27 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-02-26 10:27 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-02-26 10:27 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-02-26 10:27 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-02-26 10:27 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-02-26 10:27 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-02-26 10:27 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-02-26 10:27 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-02-26 10:27 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-02-26 10:27 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-02-26 10:27 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-02-26 10:27 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-02-26 10:27 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-02-26 10:27 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-02-26 10:26 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-02-26 10:26 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-02-26 10:26 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-02-26 10:26 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-02-26 10:26 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-02-26 10:26 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-02-26 10:26 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-02-26 10:26 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-02-26 10:26 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-02-26 10:26 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-02-26 10:26 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-02-26 10:26 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-02-26 10:26 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-02-26 10:26 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-02-26 10:26 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-02-26 10:26 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-02-26 10:26 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-02-25 16:03 - 2014-03-01 07:51 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-25 15:54 - 2014-02-27 09:04 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-02-25 15:53 - 2014-02-25 15:53 - 00000471 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-23 17:41 - 2014-02-23 17:41 - 00000000 ____D () C:\Program Files\IObit Apps Toolbar
2014-02-23 17:41 - 2014-02-23 17:41 - 00000000 ____D () C:\Program Files\Application Updater
2014-02-19 23:26 - 2014-02-19 23:26 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-19 23:26 - 2014-02-19 23:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-19 23:26 - 2014-02-19 23:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-19 23:26 - 2014-02-19 23:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-19 23:24 - 2014-02-19 23:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-19 23:24 - 2014-02-19 23:24 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-02-19 23:24 - 2014-02-19 23:24 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-19 23:24 - 2014-02-19 23:24 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-19 23:24 - 2014-02-19 23:24 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-19 23:24 - 2014-02-19 23:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-19 23:24 - 2014-02-19 23:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-19 23:24 - 2014-02-19 23:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-19 23:24 - 2014-02-19 23:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2014-02-19 23:23 - 2014-02-19 23:23 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-19 22:45 - 2014-02-19 22:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-02-19 22:45 - 2014-02-19 22:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-02-19 22:16 - 2014-02-19 22:16 - 00106296 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-02-19 21:57 - 2014-02-19 21:57 - 02937432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-02-19 21:57 - 2014-02-19 21:57 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-02-19 21:57 - 2014-02-19 21:57 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-02-19 21:57 - 2014-02-19 21:57 - 00693385 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-19 21:57 - 2014-02-19 21:57 - 00125144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-02-19 21:55 - 2014-02-19 21:55 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-02-19 21:55 - 2014-02-19 21:55 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-02-08 19:04 - 2014-02-08 19:04 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\AdobeMuseLibrary
2014-02-08 16:42 - 2014-02-08 19:06 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\AdobeMuse
2014-02-02 17:40 - 2014-03-02 12:56 - 00000000 ____D () C:\Users\Stephanie\Desktop\Drawing Class
2014-01-31 12:18 - 2014-01-31 12:18 - 00002684 _____ () C:\Users\Stephanie\Desktop\Windows Compatibility Report.htm
 
==================== One Month Modified Files and Folders =======
 
2014-03-02 15:23 - 2012-07-02 06:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-02 15:13 - 2014-03-02 15:12 - 00000000 ____D () C:\FRST
2014-03-02 15:00 - 2010-09-25 21:22 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002UA.job
2014-03-02 14:41 - 2010-07-03 02:03 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-02 14:17 - 2006-11-02 06:47 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-02 14:17 - 2006-11-02 06:47 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-02 13:50 - 2013-07-23 07:02 - 00000000 ____D () C:\Users\Stephanie\Desktop\Taxes
2014-03-02 13:03 - 2014-03-02 13:03 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-02 13:03 - 2008-09-23 22:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-02 13:03 - 2008-05-21 08:16 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Adobe
2014-03-02 12:56 - 2014-02-02 17:40 - 00000000 ____D () C:\Users\Stephanie\Desktop\Drawing Class
2014-03-02 12:53 - 2014-01-26 14:10 - 00000000 ____D () C:\Users\Stephanie\Desktop\Design basics class
2014-03-02 11:00 - 2010-09-25 21:22 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002Core.job
2014-03-02 10:41 - 2014-03-02 10:09 - 00000000 ____D () C:\Users\Stephanie\Documents\TurboTax
2014-03-02 10:15 - 2014-03-02 10:03 - 00000451 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-03-02 10:07 - 2014-03-02 10:07 - 00000000 ____D () C:\Users\Stephanie\AppData\Local\IsolatedStorage
2014-03-02 10:07 - 2009-06-20 06:16 - 00124392 _____ () C:\Users\Stephanie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-02 10:06 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-02 10:04 - 2014-03-02 10:04 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Intuit
2014-03-02 10:01 - 2014-03-02 10:01 - 00001838 _____ () C:\Users\Public\Desktop\TurboTax 2012.lnk
2014-03-02 10:01 - 2014-03-02 09:58 - 00000000 ____D () C:\Program Files\Common Files\Intuit
2014-03-02 10:01 - 2014-03-02 09:57 - 00000000 ____D () C:\ProgramData\Intuit
2014-03-02 09:57 - 2014-03-02 09:57 - 00000000 ____D () C:\Program Files\TurboTax
2014-03-02 09:57 - 2008-01-20 19:35 - 01423654 _____ () C:\Windows\WindowsUpdate.log
2014-03-02 07:41 - 2010-07-03 02:03 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-02 02:00 - 2008-05-21 08:16 - 00000000 ____D () C:\Users\Stephanie\AppData\Local\Adobe
2014-03-01 12:19 - 2013-10-09 12:01 - 00000274 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-03-01 12:17 - 2006-11-02 07:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-01 12:14 - 2013-07-13 22:15 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-03-01 12:14 - 2006-11-02 07:01 - 00032656 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-01 12:13 - 2013-07-18 15:57 - 00000000 ____D () C:\Users\Stephanie\Desktop\Hijack this!
2014-03-01 11:15 - 2008-10-25 13:45 - 00000000 ____D () C:\Windows\pss
2014-03-01 10:06 - 2013-07-27 10:00 - 43429888 _____ () C:\Windows\system32\config\COMPONENTS.iobit
2014-03-01 10:06 - 2013-07-27 10:00 - 110440448 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-01 10:06 - 2013-07-27 10:00 - 04685824 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-01 10:06 - 2013-07-27 10:00 - 00061440 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-01 10:06 - 2013-07-27 10:00 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-01 10:06 - 2008-05-21 08:14 - 00000000 ____D () C:\Users\Stephanie
2014-03-01 07:51 - 2014-02-25 16:03 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-27 20:22 - 2013-07-20 19:32 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\IObit
2014-02-27 20:22 - 2013-07-20 19:32 - 00000000 ____D () C:\Program Files\IObit
2014-02-27 19:10 - 2014-02-27 19:10 - 00000874 _____ () C:\Users\Stephanie\Desktop\SaintsRowIV.exe - Shortcut.lnk
2014-02-27 16:58 - 2014-02-27 16:58 - 00000202 _____ () C:\Users\Stephanie\Desktop\Saints Row IV.url
2014-02-27 09:04 - 2014-02-25 15:54 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-02-27 07:04 - 2013-11-17 10:32 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-27 06:16 - 2009-09-12 22:45 - 00008512 _____ () C:\Users\Stephanie\AppData\Local\d3d9caps.dat
2014-02-27 06:15 - 2009-05-16 05:04 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-02-25 15:53 - 2014-02-25 15:53 - 00000471 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-23 17:41 - 2014-02-23 17:41 - 00000000 ____D () C:\Program Files\IObit Apps Toolbar
2014-02-23 17:41 - 2014-02-23 17:41 - 00000000 ____D () C:\Program Files\Application Updater
2014-02-21 01:35 - 2006-11-02 04:33 - 00871564 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-21 01:27 - 2006-11-02 06:47 - 04009768 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-19 23:26 - 2014-02-19 23:26 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-19 23:26 - 2014-02-19 23:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-19 23:26 - 2014-02-19 23:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-19 23:26 - 2014-02-19 23:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-19 23:26 - 2014-02-19 23:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-19 23:24 - 2014-02-19 23:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-19 23:24 - 2014-02-19 23:24 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-02-19 23:24 - 2014-02-19 23:24 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-19 23:24 - 2014-02-19 23:24 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-19 23:24 - 2014-02-19 23:24 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-19 23:24 - 2014-02-19 23:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-19 23:24 - 2014-02-19 23:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-19 23:24 - 2014-02-19 23:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-19 23:24 - 2014-02-19 23:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2014-02-19 23:24 - 2008-01-20 20:23 - 01304064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-02-19 23:23 - 2014-02-19 23:23 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-19 23:21 - 2009-03-11 05:10 - 00000000 ____D () C:\Windows\Minidump
2014-02-19 22:46 - 2014-01-13 17:12 - 00001910 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-02-19 22:46 - 2014-01-13 17:12 - 00001908 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-02-19 22:46 - 2014-01-13 17:12 - 00001898 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-02-19 22:45 - 2014-02-19 22:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-02-19 22:45 - 2014-02-19 22:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-02-19 22:16 - 2014-02-19 22:16 - 00106296 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-02-19 22:14 - 2008-09-19 21:43 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-02-19 21:57 - 2014-02-19 21:57 - 02937432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-02-19 21:57 - 2014-02-19 21:57 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-02-19 21:57 - 2014-02-19 21:57 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-02-19 21:57 - 2014-02-19 21:57 - 00693385 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-19 21:57 - 2014-02-19 21:57 - 00125144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-02-19 21:57 - 2008-09-19 21:42 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-02-19 21:56 - 2013-10-09 13:27 - 00332568 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp32.dll
2014-02-19 21:55 - 2014-02-19 21:55 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-02-19 21:55 - 2014-02-19 21:55 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-02-19 21:40 - 2013-10-09 11:59 - 00000976 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-02-14 19:32 - 2013-07-23 07:02 - 00000000 ____D () C:\Users\Stephanie\Desktop\Resume
2014-02-10 19:33 - 2012-11-26 22:19 - 00000000 ____D () C:\Users\Stephanie\Desktop\Psy475
2014-02-10 15:51 - 2009-03-27 13:38 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Winamp
2014-02-08 19:06 - 2014-02-08 16:42 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\AdobeMuse
2014-02-08 19:04 - 2014-02-08 19:04 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\AdobeMuseLibrary
2014-02-08 16:44 - 2010-06-07 09:57 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR
2014-02-04 14:46 - 2013-07-19 22:03 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-02-04 14:46 - 2013-07-19 22:03 - 00001908 _____ () C:\Windows\diagerr.xml
2014-02-02 17:47 - 2012-12-15 20:04 - 00000000 ____D () C:\Users\Stephanie\Desktop\Desktop Icons
2014-01-31 12:18 - 2014-01-31 12:18 - 00002684 _____ () C:\Users\Stephanie\Desktop\Windows Compatibility Report.htm
 
Files to move or delete:
====================
C:\Users\Stephanie\R153049.exe
C:\Users\Stephanie\R153717.exe
C:\Users\Stephanie\R74855.EXE
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-02 12:38
 
==================== End Of Log ============================
 
 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-03-2014 02
Ran by Stephanie at 2014-03-02 15:32:17
Running from G:\Windows install
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30303 - BitTorrent Inc.)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.1.0 - Adobe Systems Incorporated) Hidden
Add or Remove Adobe Creative Suite 3 Design Premium (HKLM\...\Adobe_c14ac4070fd9614ffe63f4bb533db2c) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Acrobat 9 Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}{AC76BA86-1033-F400-7760-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.5.5 - Adobe Systems) Hidden
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-7760-000000000004}_955) (Version:  - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Audition CS6 (HKLM\...\{30FD541D-3C9D-41C4-B240-A994EE4E0231}) (Version: 5.0.2 - Adobe Systems Incorporated)
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe BridgeTalk Plugin CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color EU Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Color NA Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Connect 9 Add-in (HKCU\...\Adobe Connect 9 Add-in) (Version: 11,2,369,0 - Adobe Systems Incorporated)
Adobe Creative Suite 3 Design Premium (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS3 (Version: 9 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CS6 (HKLM\...\{A4ED5E53-7AA0-11E1-BF04-B2D4D4A5360E}) (Version: 12.2.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (HKLM\...\Adobe_3e054d2218e7aa282c2369d939e58ff) (Version: 2.0.2 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (Version: 2.0.2 - Adobe Systems Incorporated) Hidden
Adobe ExtendScript Toolkit CC (HKLM\...\{6297487E-3778-4F72-B458-55690418DB98}) (Version: 4.0.0.0 - Adobe Systems Incorporated)
Adobe Extension Manager CS3 (Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS3 (HKLM\...\Adobe_bbef028176efa5abf0233d3e1747be8) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Fireworks CS3 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Fireworks CS6 (HKLM\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.1 - Adobe Systems Incorporated)
Adobe Flash Builder 4.7 (HKLM\...\{CBD24290-23FA-4041-A3B4-6D899479FBE0}) (Version: 4.7 - Adobe Systems Incorporated)
Adobe Flash CS3 (Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Flash Video Encoder (Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Gaming SDK 1.3 (HKLM\...\{62FFC6DD-18BB-49FC-AF65-71FB1C0B08AA}) (Version: 1.3 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS3 (Version: 13.0 - Adobe Systems Incorporated) Hidden
Adobe Illustrator CS6 (HKLM\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InCopy CS6 (HKLM\...\{977850E4-8D75-1014-87D4-F826BE331F6A}) (Version: 8.0.2.413 - Adobe Systems Incorporated)
Adobe InDesign CS3 (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS3 Icon Handler (Version: 5.0 - Adobe Systems Incorporated) Hidden
Adobe InDesign CS6 (HKLM\...\{CFB770D7-8D43-1014-922B-CC2715FADE3F}) (Version: 8.0.2.413 - Adobe Systems Incorporated)
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe MotionPicture Color Files (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Muse (HKLM\...\{9A554C9D-E12D-4205-8101-9F4337CD5673}) (Version: 7.1 - Adobe Systems Incorporated)
Adobe Muse (HKLM\...\AdobeMuse) (Version: 7.2.232 - Adobe Systems Incorporated)
Adobe Muse (Version: 7.2.232 - Adobe Systems Incorporated) Hidden
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS6 (HKLM\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Prelude CS6 (HKLM\...\{E0D1B182-6827-4AD8-9C1D-CFFD4314DFE4}) (Version: 1.0.3 - Adobe Systems Incorporated)
Adobe Reader 9.4.6 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.6 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 11.5 (HKLM\...\Adobe Shockwave Player) (Version: 11.5.2.602 - Adobe Systems, Inc.)
Adobe SING CS3 (Version: 0.1 - Adobe Systems Incorporated) Hidden
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden
Adobe Version Cue CS3 Server {ko_KR}  (Version: 3.0.0.0 {ko_KR}  - Adobe Systems Incorporated) Hidden
Adobe WAS CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden
Adobe® Content Viewer (HKLM\...\com.adobe.dmp.contentviewer) (Version: 3.4.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (Version: 3.4.0 - Adobe Systems Incorporated) Hidden
ADSRemoval (HKLM\...\ADSRemoval_is1) (Version: 1.0 - ADSRemoval)
Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.1.0 - IObit)
Advanced Video FX Utility (HKLM\...\Advanced Video FX Utility) (Version:  - )
Aeria Ignite (HKLM\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (HKLM\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment)
Aeria Ignite (Version: 1.13.3296 - Aeria Games & Entertainment) Hidden
AHV content for Acrobat and Flash (Version: 1 - Adobe Systems Incorporated) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{3825F8BD-F784-6FBB-A5CD-857559148007}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}) (Version: 2.6.0.32 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Profiles (HKLM\...\{AB79D38C-81D5-EB2F-9D77-E685016F79B4}) (Version: 2.0.4260.33703 - Advanced Micro Devices, Inc.)
ATI AVIVO Codecs (Version: 9.15.0.20713 - ATI Technologies Inc.) Hidden
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
avast! Free Antivirus (HKLM\...\avast) (Version: 8.0.1489.0 - AVAST Software)
Belkin Wireless Setup utility (HKLM\...\InstallShield_{A0BBC906-9A33-4C79-A26A-758ED3503769}) (Version: 2.4.5_US(H3010D56) - Belkin)
Belkin Wireless Setup utility (Version: 2.4.5_US(H3010D56) - Belkin) Hidden
Big Fish Games: Game Manager (HKLM\...\BFGC) (Version: 3.0.1.60 - )
BIG-IP Edge Client Components (All Users) (HKLM\...\F5 Networks Client Components) (Version: 70.2013.0413.1314 - F5 Networks, Inc.)
bl (Version: 1.0.0 - Your Company Name) Hidden
Blender (remove only) (HKLM\...\Blender) (Version:  - )
BlueStacks App Player (HKLM\...\BlueStacks App Player) (Version: 0.7.12.896 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM\...\{A7FC82AC-986D-48D5-8AAE-A75C1D829E0A}) (Version: 0.7.12.896 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MP Navigator EX 3.1 (HKLM\...\MP Navigator EX 3.1) (Version:  - )
Canon MX340 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX340_series) (Version:  - Canon Inc.)
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2008.0514.2139.36863 - ATI Technologies, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2011.1025.2231.38573 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.1219.1520.27485 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.1219.1521.27485 - Advanced Micro Devices, Inc.) Hidden
Citrix XenApp Web Plugin (HKLM\...\{EBFEEB3F-3E3B-4725-A4E0-376144CE4F76}) (Version: 11.0.0.5357 - Citrix Systems, Inc.)
Conduit Engine (HKLM\...\conduitEngine) (Version:  - Conduit Ltd.) <==== ATTENTION
Creative Live! Cam Voice Driver (1.03.02.0328) (HKLM\...\Creative PD1370) (Version:  - )
Creative Live! Cam Voice User's Guide (English) (HKLM\...\Creative Live! Cam Voice User's Guide English) (Version:  - )
Creative Photo Calendar (HKLM\...\Creative Photo Calendar) (Version:  - )
Creative Photo Manager (HKLM\...\Creative Photo Manager) (Version:  - )
Creative System Information (HKLM\...\SysInfo) (Version:  - )
Creative WebCam Center (HKLM\...\Creative WebCam Center) (Version:  - )
Crystal Reports Basic for Visual Studio 2008 (HKLM\...\{AA467959-A1D6-4F45-90CD-11DC57733F32}) (Version: 10.5.0.0 - Business Objects)
Crystal Reports for Visual Studio (Version: 12.51.0.240 - SAP) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAZ Studio (HKLM\...\DAZ Studio 2.2) (Version: 2.2 - DAZ 3D)
DAZ Studio 3 (HKLM\...\DAZ Studio 3 3.0.1.120) (Version: 3.0.1.120 - DAZ 3D)
Dell AIO Printer A940 (HKLM\...\Dell AIO Printer A940) (Version:  - Dell, Inc.)
Dell Driver Download Manager (HKCU\...\309a46b1dc89b774) (Version: 1.0.0.0 - Dell Inc.)
DivX Converter (HKLM\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.1.0 - DivX, Inc.)
DivX Converter (HKLM\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.1.0 - DivX, Inc.)
DivX Plus DirectShow Filters (HKLM\...\DivX Plus DirectShow Filters) (Version:  - DivX, Inc.)
DivX Setup (HKLM\...\DivX Setup.divx.com) (Version: 2.5.0.8 - DivX, LLC)
DivX Version Checker (HKLM\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.1.0.2 - DivX, Inc.)
Dotfuscator Software Services - Community Edition (HKLM\...\{1AA5BD63-6614-44B2-88A7-605191EDB835}) (Version: 5.0.2500.0 - PreEmptive Solutions)
Dragons Prophet (2) (HKCU\...\SOE-Dragons Prophet (2)) (Version: 1.0.3.183 - Sony Online Entertainment)
Dragons Prophet (HKCU\...\SOE-Dragons Prophet) (Version: 1.0.3.183 - Sony Online Entertainment)
DragonStone (remove only) (HKLM\...\DragonStone) (Version:  - )
Driver Booster (HKLM\...\Driver Booster_is1) (Version: 1.2 - IObit)
DualCoreCenter (HKLM\...\DualCoreCenter_is1) (Version:  - MSI, Inc.)
eFile Express 2008 (HKLM\...\eFile Express 2008) (Version:  - )
emu8086 microprocessor emulator (HKLM\...\emu8086 microprocessor emulator_is1) (Version:  - emu8086)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fishdom H2O: Hidden Odyssey (remove only) (HKLM\...\Fishdom H2O: Hidden Odyssey) (Version:  - )
Fishdom™ 2 (Version: 2.2.0.95 - WildTangent) Hidden
Flash Decompiler Trillix (HKLM\...\Flash Decompiler Trillix_is1) (Version: 4.1 - Eltima Software)
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
FW LiveUpdate (HKLM\...\{11F5D779-7BD9-465A-BBC4-10701386BCB9}) (Version: 2.0.2.2 - SAMSUNG)
Game Assistant (HKLM\...\GameAssistant_is1) (Version: Beta 1.1 - VTools)
Game Booster 3 (HKLM\...\Game Booster_is1) (Version: 3.4 - IObit)
Game Maker 7.0 (HKLM\...\Game Maker 7.0) (Version:  - )
Garden Defense™ (remove only) (HKLM\...\Garden Defense™) (Version:  - )
Gardenscapes (HKLM\...\BFG-Gardenscapes) (Version:  - )
Get Yahoo! Messenger (HKLM\...\Get Yahoo! Messenger) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Drive (HKLM\...\{E87022D3-C8C9-4C76-8E27-BC7F18F9B8FB}) (Version: 1.14.6059.644 - Google, Inc.)
Google Gmail Notifier (HKLM\...\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}) (Version:  - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Talk Plugin (HKLM\...\{CCE68200-4ED0-3E0A-A7F2-504897E356AB}) (Version: 5.1.5.17733 - Google)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
GraphCalc v4.0.1 (HKLM\...\GraphCalc v4.0.1_is1) (Version:  - )
Guild Wars (HKLM\...\Guild Wars) (Version:  - )
Guild Wars 2 (HKLM\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hauppauge WinTV (HKLM\...\Hauppauge WinTV) (Version:  - )
Hauppauge WinTV Radio (HKLM\...\Hauppauge WinTV Radio) (Version:  - )
Hauppauge WinTV Scheduler (HKLM\...\Hauppauge WinTV Scheduler) (Version:  - )
Hauppauge WinTV TV Services (HKLM\...\Hauppauge WinTV TV Services) (Version:  - )
Highlight Viewer (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
HP Game Console (Version:  - WildTangent) Hidden
HP Games (HKLM\...\WildTangent hp Master Uninstall) (Version: 1.0.1.5 - WildTangent)
IGG Web3D Player version 1.0.0.38 (HKCU\...\IGG Web3D Player_is1) (Version: 1.0.0.38 - IGG, Inc.)
IITSort (HKLM\...\ST5UNST #1) (Version:  - )
InterVideo FilterSDK for Hauppauge (HKLM\...\{2227E1FA-01F5-483C-AB0E-2A308E900B3D}) (Version:  - InterVideo Inc.)
IObit Apps Toolbar v8.8 (HKLM\...\{B2A36391-A3A9-4293-88B2-A8263EC7F865}) (Version: 8.8 - Spigot, Inc.) <==== ATTENTION
IObit Malware Fighter (HKLM\...\IObit Malware Fighter_is1) (Version: 2.1 - IObit)
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.0.5.1228 - IObit)
iTunes (HKLM\...\{DA34FE93-5DC5-48E0-ACC8-A5389E05BB51}) (Version: 9.0.1.8 - Apple Inc.)
iWin Games (remove only) (HKLM\...\iWinArcade) (Version:  - )
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 33 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216033FF}) (Version: 6.0.330 - Oracle)
Java™ 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kalydo Player 3.10.04 (HKCU\...\KalydoPlayer) (Version: 3.10.04 - Eximion B.V.)
K-Lite Mega Codec Pack 7.2.0 (HKLM\...\KLiteCodecPack_is1) (Version: 7.2.0 - )
LADSPA_plugins-win-0.4.15 (HKLM\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAME v3.98.2 for Audacity (HKLM\...\LAME for Audacity_is1) (Version:  - )
LastChaos (HKLM\...\{0AF3FEAE-B651-4421-97EF-4808A588B4E5}) (Version: 1.00.000 - Aeria Games & Entertainment)
League of Legends (HKLM\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (Version: 3.0.0 - Riot Games) Hidden
LightScribe System Software (HKLM\...\{2FA75B40-17C9-4D22-88CA-80A5D52FAB13}) (Version: 1.18.24.1 - LightScribe)
LimeWire 5.5.8 (HKLM\...\LimeWire) (Version: 5.5.8 - Lime Wire, LLC)
Logitech SetPoint 6.22 (HKLM\...\sp6) (Version: 6.22.24 - Logitech)
Logitech Updater (HKLM\...\{53735ECE-E461-4FD0-B742-23A352436D3A}) (Version: 1.70 - Logitech, Inc.)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
LWS Facebook (Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (Version: 13.31.1038.0 - Logitech) Hidden
Magical Forest (remove only) (HKLM\...\Magical Forest) (Version:  - )
Map Button (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Compact Framework 2.0 SP2 (HKLM\...\{EDDF99D9-9FE3-4871-A7DB-D1522C51EE9A}) (Version: 2.0.7045 - Microsoft Corporation)
Microsoft .NET Compact Framework 3.5 (HKLM\...\{291B3A3B-F808-45B8-8113-DF232FCB6C82}) (Version: 3.5.7283 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Device Emulator version 3.0 - ENU (HKLM\...\{B32E7732-B2FB-3FD0-81AC-6025B1104C66}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM\...\Microsoft Document Explorer 2008) (Version:  - Microsoft Corporation)
Microsoft Document Explorer 2008 (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (Version: 1.1.40219 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft MSDN 2005 Express Edition - ENU (HKLM\...\Microsoft MSDN 2005 Express Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft MSDN 2005 Express Edition - ENU (Version: 1.16.50727.42 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM\...\VISPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer 2007 (Version: 12.0.4518.1066 - Microsoft Corporation) Hidden
Microsoft Office Visual Web Developer MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM\...\{05855322-BE43-41FE-B583-D3AE0C326D58}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{94317163-C5D1-4FCE-A0D9-F48FE06A7D7D}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM\...\{BC537AE0-88AF-47ED-B762-33B0D62B5188}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM\...\{7A56D81D-6406-40E7-9184-8AC1769C4D69}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM\...\{77F1F8AD-51B8-4490-AEEC-BF480073E0FC}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM\...\{09C52940-A4D1-4409-A7CC-1AAE630CF578}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{5B161932-9D42-4D5E-858D-29BF4C670944}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 for Devices ENU (HKLM\...\{241F2BF7-69EB-42A4-9156-96B2426C7504}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.2 (HKLM\...\{9A33B83D-FFC4-44CF-BEEF-632DECEF2FCD}) (Version: 1.2.0.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM\...\{877B76B2-F83F-4F5A-B28D-3F398641ADB6}) (Version: 10.50.1750.9 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.2.4000.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x86) (HKLM\...\{C6DD625F-4B61-4561-8286-87CA0275CEA1}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM\...\{97CE8B73-AA5A-4987-A1BE-50DD1A187478}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x86) (HKLM\...\{F990B526-8F7C-46E0-B1F1-6C893A8B478F}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x86) (HKLM\...\{DC3D6AFB-78B4-489F-81D7-30B66E0C2417}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++  Compilers 2010 Standard - enu - x86 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU (HKLM\...\Microsoft Visual C++ 2005 Express Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Express Edition - ENU (Version: 8.0.50728 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Express Edition - ENU Service Pack 1 (KB926748) (HKLM\...\KB926748.T2_19ToU292_19) (Version: 1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974 (HKLM\...\{B7E38540-E355-3503-AFD7-635B2F2F76E1}) (Version: 9.0.30729.4974 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (Version: 8.0.60940.0 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Professional Edition - ENU (HKLM\...\Microsoft Visual Studio 2008 Professional Edition - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Professional Edition - ENU (Version: 9.0.21022 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Office Developer Tools (x86) (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Performance Collection Tools SP1 - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Service Pack 1 (HKLM\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 SharePoint Developer Tools (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.31007 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.31010 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (Version: 10.0.40219 - Microsoft Corporation) Hidden
Microsoft Visual Studio Macro Tools (HKLM\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio Web Authoring Component (HKLM\...\VisualWebDeveloper) (Version: 12.0.4518.1066 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 .NET Framework Tools (HKLM\...\{05EC21B8-4593-3037-A781-A6B5AFFCB19D}) (Version: 3.5.21022 - Microsoft)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{842FAF7C-50EF-4463-9B8F-6222E1384D7D}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SDK Reference Assemblies and IntelliSense (HKLM\...\{64c5b887-b5ee-42b8-8596-78905a6b5f1f}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Tools (HKLM\...\{CAA376AF-0DE8-4FCA-942E-C6AC579B94B3}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Win32 Tools (HKLM\...\{B268E9A1-04A9-40D0-9866-846BE2B74BA7}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (ARP entry) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (HKLM\...\XNA Game Studio 4.0) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (Redists) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Shared Components) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Visual Studio) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Documentation (Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio Platform Tools (HKLM\...\{0666E46E-A860-4353-BE6D-13AA72FABB57}) (Version: 1.3.0.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (HKLM\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Morrowind (HKLM\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version:  - )
Mozilla Firefox (3.6.18) (HKLM\...\Mozilla Firefox (3.6.18)) (Version: 3.6.18 (en-US) - Mozilla)
Mozilla Firefox 23.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 23.0.1 (x86 en-US)) (Version: 23.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSI Live Update 3 (HKLM\...\MSI Live Update 3) (Version:  - )
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
muvee autoProducer 4.1 (HKLM\...\{76B78008-3832-42FD-AE55-C8F946ED3C7E}) (Version: 4.10.050 - muvee Technologies)
MyScribe (HKLM\...\MyScribe) (Version: 20101118 - Fourteen40 Inc., a Follett Corporation Company.)
nanoPEG-Editor 2.6.0 for WinTV (HKLM\...\nanoPEG-Editor 2.6.0 for WinTV_is1) (Version: 2.6.0 - nanocosmos)
Nero 7 Essentials (HKLM\...\{1A6A6531-08FC-47AD-BAC4-C41497E71033}) (Version: 7.03.0279 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
Network Recording Player (HKLM\...\{E5E200BA-B573-4F3F-A1DE-DC034A907F04}) (Version: 2.3.700 - WebEx Communications Inc.)
NVIDIA PhysX (HKLM\...\{DA909E62-3B45-4BA1-8B58-FCAEBA4BCEC9}) (Version: 9.12.0213 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Overwolf (HKLM\...\{0A337036-B73E-4C85-8D32-3851F84B7CFE}) (Version: 0.46.271 - Overwolf)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (Version: 1.0.0 - Your Company Name) Hidden
Pixia (HKLM\...\{A0BCF90F-B4E4-435C-A48D-8FAAE10554F9}) (Version: 4.1j - Isao Maruoka)
PIXresizer 2.0.4 (HKLM\...\PIXresizer_is1) (Version:  - Bluefive software)
Plants vs Zombies (HKLM\...\Plants vs Zombies_is1) (Version:  - )
Plants vs. Zombies (HKLM\...\BFG-Plants vs. Zombies) (Version:  - )
PowerISO (HKLM\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Python 2.6.4 (HKLM\...\{e7394a0f-3f80-45b1-87fc-abcd51893246}) (Version: 2.6.4150 - Python Software Foundation)
QuickTime (HKLM\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Razer Naga (HKLM\...\{ED4108A9-60FD-4F18-AF42-122219977773}) (Version: 3.03.01 - Razer USA Ltd.)
Razer Naga Epic Dock Firmware Updater (HKLM\...\{F75090F5-8B98-4E66-B97B-E54F527C1221}) (Version: 1.01.08 - Razer USA Ltd.)
Razer Naga Epic Firmware Updater (HKLM\...\{0C3B3058-F1DB-4E51-8115-AD06825EE1C5}) (Version: 1.04.00 - Razer USA Ltd.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 6.252.1109.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Saints Row IV (HKLM\...\Steam App 206420) (Version:  - Deep Silver Volition)
Saints Row: The Third (HKLM\...\Steam App 55230) (Version:  - Volition)
Sandlot Connect Version 1.2.6 (HKLM\...\Sandlot Connect_is1) (Version:  - Sandlot Games)
Scarlet Blade (HKLM\...\Scarlet Blade) (Version:  - )
Seagate DiscWizard (HKLM\...\{81A60A13-224D-4637-8203-3EAC03B121A4}) (Version: 10.0.5018 - Seagate)
Secure Download Manager (HKLM\...\{E86B07AE-9F94-44D5-AD47-DC2716EA90D2}) (Version: 3.1.40 - Kivuto Solutions Inc.)
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Service Pack 2 for SQL Server 2008 (KB2285068) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
SightSpeed (remove only) (HKLM\...\SightSpeed) (Version: 6.0 (6557) - SightSpeed Inc.)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 6.5 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.5.158 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.03.0000 - Electronic Arts)
Sql Server Customer Experience Improvement Program (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
System Requirements Lab (HKLM\...\{AC369A7C-2E0D-4925-BFB1-AB50BF825CCC}) (Version: 6.0.8.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TES Construction Set (HKLM\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version:  - )
The Sims Medieval (HKLM\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
The Sims Medieval Pirates and Nobles (HKLM\...\{0CC21836-A5D6-4641-B4AE-6FA01D021E41}) (Version: 2.0.109 - Electronic Arts)
thriXXX 3DSexVilla2-114.001 (HKLM\...\3DSexVilla2-114.001) (Version:  - )
Torque (HKCU\...\Torque) (Version:  - University of Colorado, Department of Physics)
TorqueGameBuilder (HKLM\...\TorqueGameBuilder 1.7.4) (Version: 1.7.4 - GarageGames, Inc.)
Torsion 1.1.392 (HKLM\...\Torsion_is1) (Version:  - GarageGames, Inc.)
TurboTax 2012 (HKLM\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2309 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0474 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0186 - Intuit Inc.) Hidden
TurboTax 2012 wmniper (Version: 012.000.1521 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (Version: 012.000.0127 - Intuit Inc.) Hidden
Ulead PhotoImpact 4.2 (HKLM\...\Ulead PhotoImpact 4.2) (Version:  - )
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM\...\{0A0CADCF-78DA-33C4-A350-CD51849B9702}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{525A4A44-8940-40AD-ABA0-14501199D2F0}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 System (KB2539530) (HKLM\...\{90120000-0021-0000-0000-0000000FF1CE}_VisualWebDeveloper_{0B4CEEAE-AA88-490C-BCB2-AAC3421981A4}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{51242368-A3AC-4123-B2F2-7BD39EC4AEF9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VisualWebDeveloper_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Visio 2007 Help (KB963666) (HKLM\...\{90120000-0054-0409-0000-0000000FF1CE}_VISPROR_{D2C4ACC9-12F5-4E1C-81A8-5DC878AC6278}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft Visual C++ 2005 Express Edition - ENU (KB932232) (HKLM\...\KB932232.T369_19ToU447_19) (Version: 1 - Microsoft Corporation)
Update for Microsoft Visual Studio 2008 Professional Edition - ENU (KB972221) (HKLM\...\{D7DAD1E4-45F4-3B2B-899A-EA728167EC4F}.KB972221) (Version: 1 - Microsoft Corporation)
Update for Zip Opener (HKCU\...\DSite) (Version:  - ) <==== ATTENTION
VC Runtimes MSI (Version: 9.0.21022 - Microsoft) Hidden
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VideoLAN VLC media player 0.8.6f (HKLM\...\VLC media player) (Version: 0.8.6f - VideoLAN Team)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729 - Microsoft Corporation) Hidden
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (HKLM\...\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01) (Version: 9.0.30729.01 - Microsoft Corporation)
Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (Version: 9.0.21022 - Microsoft Corporation) Hidden
VitalSource Bookshelf (HKLM\...\{55559ABB-AB08-416F-A227-6319B545AF83}) (Version: 5.05.0032 - Ingram Digital)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 4.6 - Vuze Inc.)
Vuze Remote Toolbar (HKLM\...\Vuze_Remote Toolbar) (Version: 6.3.3.3 - Vuze Remote) <==== ATTENTION
WCF RIA Services V1.0 SP1 (HKLM\...\{D9E6001A-5DC3-4620-AF7A-80B6CD48645D}) (Version: 4.1.60114.0 - Microsoft Corporation)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebEx (HKLM\...\ActiveTouchMeetingClient) (Version:  - WebEx Communications, Inc)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Wii Max Media Manager Pro (HKLM\...\Wii Max Media Manager Pro_is1) (Version:  - )
Winamp (HKLM\...\Winamp) (Version: 5.621  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Remote (HKLM\...\Orb) (Version: 2.2008.0508.1530 - Orb Networks)
Winamp Toolbar (HKCU\...\Winamp Toolbar) (Version:  - ) <==== ATTENTION
Winamp Toolbar (HKLM\...\Winamp Toolbar) (Version: 5.1.28.2 - AOL LLC) <==== ATTENTION
Windows 7 Upgrade Advisor (HKLM\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\0D5930BD8653120870DA6E7F2150CA8AB1CF22A5) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\BF20603967CFDCB2BBF91950E8A56DFBC5C833FE) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Favorites for Windows Live Toolbar (HKLM\...\{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}) (Version: 03.01.0146 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile 5.0 SDK R2 for Pocket PC (HKLM\...\{6C9F6D23-E9AD-43C9-B43A-011562AAF876}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile 5.0 SDK R2 for Smartphone (HKLM\...\{9656F3AC-6BA9-43F0-ABED-F214B5DAB27B}) (Version: 5.00.1700.5.14343.06 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinPcap 4.0 (HKLM\...\WinPcapInst) (Version: 4.0.0.755 - CACE Technologies)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WM Recorder 12.0 (HKLM\...\WM Recorder 12.0) (Version:  - )
Xfire (remove only) (HKLM\...\Xfire) (Version:  - )
Xobni (HKLM\...\XobniMain) (Version: 2.0.2.13510 - Xobni Corp.)
Xobni Core (Version: 1.0.0 - Xobni, Inc.) Hidden
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.1) (Version: 1.3.2 - Xvid Team)
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Youda Survivor (HKLM\...\BFG-Youda Survivor) (Version:  - )
Youda Survivor 2 (HKLM\...\BFG-Youda Survivor 2) (Version:  - )
Zylom Games Player Plugin (HKLM\...\Zylom Games Player Plugin) (Version:  - Zylom Games)
 
==================== Restore Points  =========================
 
19-02-2014 05:33:41 Windows Update
20-02-2014 00:13:01 Scheduled Checkpoint
20-02-2014 03:50:05 Driver Booster : JMB36X Standard Dual Channel PCIE IDE Controller
20-02-2014 03:58:01 Device Driver Package Install: Realtek Semiconductor Corp. Sound, video and game controllers
20-02-2014 04:16:45 Device Driver Package Install: JMicron Technology Corp. Storage controllers
20-02-2014 05:21:35 Windows Modules Installer
21-02-2014 15:27:45 Scheduled Checkpoint
23-02-2014 03:59:49 Scheduled Checkpoint
26-02-2014 16:25:14 Installed DirectX
27-02-2014 06:00:14 Scheduled Checkpoint
27-02-2014 07:51:10 Windows Update
28-02-2014 02:13:52 Driver Booster : Realtek High Definition Audio
02-03-2014 04:50:46 Scheduled Checkpoint
02-03-2014 15:58:38 Installed TurboTax 2012 wrapper
02-03-2014 16:15:31 Installed TurboTax 2012 wmniper
 
==================== Hosts content: ==========================
 
2006-11-02 04:23 - 2013-09-18 11:49 - 00000019 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {03C40A7F-9061-4B26-9E48-5F92DE2FD64D} - System32\Tasks\{F2699D55-C3CF-407D-9D29-190D723C426D} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {04699375-5AFB-4BAF-9F2A-09D8C0497F4E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {0A70BCD2-E608-43C8-BF94-AF6DA91A495E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software) <==== ATTENTION
Task: {0C3AF200-FADC-49E5-880E-DEE192C8B79A} - System32\Tasks\Microsoft\Windows\RemoteAssistance\RemoteAssistanceTask => C:\Windows\system32\RAServer.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {0E255539-9C2A-41F4-A002-C76B374B549C} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3851041998-961747506-847393003-1002 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) <==== ATTENTION
Task: {0FC2E0F9-0596-488D-848C-2ED57EA2350F} - System32\Tasks\RunAsStdUser Task => C:\Program Files\iWin Games\iWinGames.exe [2010-07-07] (iWin Inc.) <==== ATTENTION
Task: {11893D5E-54A0-4C6B-AB0D-D9FA527334A9} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\QueueReporting => C:\Windows\system32\wermgr.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {16157DB7-90D8-44C5-BCA9-4C1A0EA821E5} - System32\Tasks\Driver Booster Update => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe [2014-01-07] (IObit) <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1CE98E2A-7F14-44C9-904B-8B2727A629FB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3851041998-961747506-847393003-1002 => C:\Program Files\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) <==== ATTENTION
Task: {233EF5E4-1457-4BE5-9F21-FEC6F5113074} - System32\Tasks\Driver Booster Scan => C:\Program Files\IObit\Driver Booster\Scheduler.exe [2014-01-16] (IObit) <==== ATTENTION
Task: {2C502295-4C97-42AD-A5A3-1DF1A308A9BA} - \SUPERAntiSpyware Scheduled Task 14cff823-45b2-40c6-9579-c368fca6944b No Task File
Task: {2D4F862C-716D-4465-B252-2B82B582179C} - System32\Tasks\{48207DC6-C00E-4C4B-953A-07C5C9DEBAFA} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3889F580-8275-491B-AA7A-E26F33121473} - System32\Tasks\AdobeAAMUpdater-1.0-Morpheus-Stephanie => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated) <==== ATTENTION
Task: {39D5A1BD-0F9E-42DE-BA63-3CEF84DB116D} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe [2013-12-03] (IObit) <==== ATTENTION
Task: {3B3A66EF-456B-4512-B9B6-C798DD20D9E3} - System32\Tasks\alarm clock => C:\Users\Public\Music\Sample Music\Symphony_No_3.wma [2009-06-20] () <==== ATTENTION
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {41488EE4-F58D-407C-863B-591324F708AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-06] (Adobe Systems Incorporated) <==== ATTENTION
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {4A79281D-F638-4001-9053-8B190BBCACDB} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files\IObit\Game Booster 3\AutoUpdate.exe [2013-07-20] () <==== ATTENTION
Task: {4D7BC85C-5A41-4963-8CDD-6D9D55F757DB} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => C:\Windows\system32\BthUdTask.exe [2009-04-11] (Microsoft Corporation) <==== ATTENTION
Task: {516A7300-655F-46BF-9ED0-4064CFBC8EE5} - System32\Tasks\OpenCandyHelperRunOnce => Rundll32.exe "C:\Users\Stephanie\AppData\Roaming\OpenCandy\OpenCandy_6BDACA86A8544271A28077798C65D94A\OCBrowserHelper_1.0.2.72.dll",_OCRestartDll@16 <==== ATTENTION
Task: {51951C83-4225-4962-BA24-5A4BC46F6615} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs [2008-01-20] () <==== ATTENTION
Task: {57030356-4699-4E1F-9939-F9D4460CD4DA} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {5936C79A-731F-4716-BE59-35B58194ECE5} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {5AD45253-31A5-4023-A7AF-1428F1E3C94C} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3851041998-961747506-847393003-1002 => C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.) <==== ATTENTION
Task: {5D438A92-2BB7-4F26-880D-6F1192692BE7} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3851041998-961747506-847393003-1002 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) <==== ATTENTION
Task: {5DE3039E-68B0-484B-9B57-5CEE1D6A3B46} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3851041998-961747506-847393003-1002 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) <==== ATTENTION
Task: {5F7CDF92-7E14-4B65-AB1B-81F64C0D7650} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002UA => C:\Users\Stephanie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-25] (Google Inc.) <==== ATTENTION
Task: {63A9477F-E3F2-41E1-8B9C-59826C8EA12E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation) <==== ATTENTION
Task: {6FFE6500-05C9-4EF5-A1D1-EAEB8195E711} - System32\Tasks\SmartDefrag3_Update => C:\Program Files\IObit\Smart Defrag 3\AutoUpdate.exe [2014-01-09] (IObit) <==== ATTENTION
Task: {7542CEF1-9458-406D-A263-A9F1FA058A96} - System32\Tasks\{FA33ABCB-196F-4644-8BFA-998EA681B4CA} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {78DABEC8-68B8-4590-81BD-4532D98F07C2} - System32\Tasks\Microsoft\Windows\DiskDiagnostic\Microsoft-Windows-DiskDiagnosticResolver => C:\Windows\system32\DFDWiz.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {858BD5FB-61C3-4D83-8392-B9855BE4DF1D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe [2009-04-11] (Microsoft Corporation) <==== ATTENTION
Task: {87025933-8615-4049-8C5B-665C08193DAB} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation) <==== ATTENTION
Task: {89194558-47E7-4A9E-B507-6C91CE4E6504} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\Consolidator => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {895C9D74-3E99-48D7-A271-49E9C24EA1D7} - System32\Tasks\{035DFA47-108E-4B85-BCCD-72D7EFCE9837} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {937EF592-E7ED-4993-A05D-2A09F12B492A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-03] (Google Inc.) <==== ATTENTION
Task: {98083D1D-9056-4FA2-B09F-D9A71CF4C6AD} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files\IObit\Smart Defrag 3\SmartDefrag.exe [2014-01-09] (IObit) <==== ATTENTION
Task: {9902571F-126D-4603-BC7B-58FE0C80DF68} - System32\Tasks\{5AF7F80F-998D-42AD-BB87-D362BBB5B402} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {99B9521C-F109-4B7B-BDDF-99CF656525E0} - System32\Tasks\Microsoft\Windows\Defrag\ScheduledDefrag => C:\Windows\system32\defrag.exe [2008-01-20] (Microsoft Corp.) <==== ATTENTION
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {ACE99DDF-6678-485D-A2D4-0E5C1B8D9B1E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002Core => C:\Users\Stephanie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-25] (Google Inc.) <==== ATTENTION
Task: {B0144F86-C2B4-4D66-934D-1CEB56AD75B7} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {B0C3FDC1-6390-43BE-927C-2CCE6A3E7B91} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {B67B06F1-F13E-464A-906B-F94E881E115D} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3851041998-961747506-847393003-1002 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) <==== ATTENTION
Task: {B8AC4183-2057-4265-A342-56BAECE82C32} - System32\Tasks\{B4F1731A-501F-4DF4-BF9D-903C781DDACA} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {B9F6D0A6-0D1E-424C-AF5B-0A499E1CE4BE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3851041998-961747506-847393003-1002 => C:\Program Files\Real\RealUpgrade\realupgrade.exe [2013-08-14] (RealNetworks, Inc.) <==== ATTENTION
Task: {D564FD11-00FF-41FF-8502-FEC43E187E14} - System32\Tasks\{23655689-7CE1-4555-9D49-6FDB0086A385} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {DBB6EED3-5A6A-41BB-BB3F-980921CFD962} - System32\Tasks\ASC7_SkipUac_Stephanie => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe [2013-12-16] (IObit) <==== ATTENTION
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-20] () <==== ATTENTION
Task: {EA6A90C1-848F-4B3F-A5BC-EFB3F8B13C3D} - \SUPERAntiSpyware Scheduled Task af551ed6-f5f3-46e2-a0dd-1cce7db03a02 No Task File
Task: {ED2F2328-E166-443B-88CC-983FA4244EC6} - System32\Tasks\Microsoft\Windows\MUI\LPRemove => C:\Windows\system32\lpremove.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {F0C8849A-C32F-4BD1-A23D-776CC89D5A45} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-03] (Google Inc.) <==== ATTENTION
Task: {F4AEDB1C-530D-47C4-A684-54B4FEA184E9} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation) <==== ATTENTION
Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => Sc.exe config upnphost start= auto <==== ATTENTION
Task: {F8D7046E-9E88-442C-AA66-E0F89A0682C0} - System32\Tasks\{4BA83D02-3BB1-42AF-ABCB-14341A2FF9E5} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: {FB39D43D-82EA-401C-8E95-C36F964589EB} - System32\Tasks\{85F03CF8-4CAF-492A-A7DD-19F9729DC71D} => C:\Windows\system32\pcalua.exe [2006-11-02] (Microsoft Corporation) <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files\IObit\Driver Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002Core.job => C:\Users\Stephanie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002UA.job => C:\Users\Stephanie\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3851041998-961747506-847393003-1002.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\Windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3851041998-961747506-847393003-1002.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-02 14:55 - 2014-03-02 13:04 - 02275840 _____ () C:\Program Files\AVAST Software\Avast\defs\14030201\algo.dll
2009-09-23 14:49 - 2007-02-20 11:27 - 00102400 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\dlbapp5c.dll
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2011-05-08 17:16 - 2010-08-26 16:48 - 00285152 _____ () C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
2011-05-08 17:16 - 2010-07-09 15:38 - 00331776 _____ () C:\Program Files\NETGEAR\WNA3100\WifiLib.dll
2008-09-24 12:12 - 2007-09-20 17:34 - 00129024 _____ () C:\Program Files\WinRAR\rarext.dll
2013-11-26 13:39 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madExcept_.bpl
2013-11-26 13:39 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madBasic_.bpl
2013-11-26 13:39 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2013-11-26 13:39 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 7\webres.dll
2012-03-29 21:26 - 2008-08-29 08:12 - 00932864 _____ () C:\Users\Stephanie\Desktop\Desktop Icons\Xpadder.exe
2014-02-20 18:46 - 2014-02-19 19:02 - 00051016 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2014-02-20 18:46 - 2014-02-19 19:03 - 04060488 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-20 18:46 - 2014-02-19 19:03 - 00394568 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-20 18:46 - 2014-02-19 19:02 - 01647432 _____ () C:\Program Files\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Stephanie:zylomtest
AlternateDataStreams: C:\Users\Stephanie:zylomtr{000HQ7FF-AD7A-3FG2-Q64S-2675H2E5QVV7}
AlternateDataStreams: C:\Users\Stephanie:zylomtr{000HQ7FF-AD7A-3FG7-FCUD-28A45N46SVUC}
AlternateDataStreams: C:\ProgramData\TEMP:0803A95E
AlternateDataStreams: C:\ProgramData\TEMP:0C5AF2AA
AlternateDataStreams: C:\ProgramData\TEMP:0CB3F5F4
AlternateDataStreams: C:\ProgramData\TEMP:0DCCEC7C
AlternateDataStreams: C:\ProgramData\TEMP:0E22C5DB
AlternateDataStreams: C:\ProgramData\TEMP:172B8774
AlternateDataStreams: C:\ProgramData\TEMP:22313216
AlternateDataStreams: C:\ProgramData\TEMP:291F3023
AlternateDataStreams: C:\ProgramData\TEMP:3B4DA230
AlternateDataStreams: C:\ProgramData\TEMP:3BAE765B
AlternateDataStreams: C:\ProgramData\TEMP:40464012
AlternateDataStreams: C:\ProgramData\TEMP:426796C0
AlternateDataStreams: C:\ProgramData\TEMP:4D43C74C
AlternateDataStreams: C:\ProgramData\TEMP:53747726
AlternateDataStreams: C:\ProgramData\TEMP:567D9562
AlternateDataStreams: C:\ProgramData\TEMP:5947273C
AlternateDataStreams: C:\ProgramData\TEMP:5F3EF991
AlternateDataStreams: C:\ProgramData\TEMP:661DC753
AlternateDataStreams: C:\ProgramData\TEMP:67F0F865
AlternateDataStreams: C:\ProgramData\TEMP:6DA18708
AlternateDataStreams: C:\ProgramData\TEMP:6ECD2470
AlternateDataStreams: C:\ProgramData\TEMP:6FBD5837
AlternateDataStreams: C:\ProgramData\TEMP:701B92FB
AlternateDataStreams: C:\ProgramData\TEMP:72739815
AlternateDataStreams: C:\ProgramData\TEMP:74CD40CD
AlternateDataStreams: C:\ProgramData\TEMP:74F3CA70
AlternateDataStreams: C:\ProgramData\TEMP:7624E8B8
AlternateDataStreams: C:\ProgramData\TEMP:771E6DA1
AlternateDataStreams: C:\ProgramData\TEMP:81AA7C39
AlternateDataStreams: C:\ProgramData\TEMP:81AF749E
AlternateDataStreams: C:\ProgramData\TEMP:86B23CB4
AlternateDataStreams: C:\ProgramData\TEMP:898109B4
AlternateDataStreams: C:\ProgramData\TEMP:8DD36B71
AlternateDataStreams: C:\ProgramData\TEMP:97AD6135
AlternateDataStreams: C:\ProgramData\TEMP:9A1A77DD
AlternateDataStreams: C:\ProgramData\TEMP:9F222B60
AlternateDataStreams: C:\ProgramData\TEMP:A8ADE5D8
AlternateDataStreams: C:\ProgramData\TEMP:A9662AE0
AlternateDataStreams: C:\ProgramData\TEMP:B0669B28
AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09
AlternateDataStreams: C:\ProgramData\TEMP:B7D0D9DB
AlternateDataStreams: C:\ProgramData\TEMP:B838CD98
AlternateDataStreams: C:\ProgramData\TEMP:B9641B31
AlternateDataStreams: C:\ProgramData\TEMP:CB0EB1DE
AlternateDataStreams: C:\ProgramData\TEMP:CBCF563D
AlternateDataStreams: C:\ProgramData\TEMP:D53344E0
AlternateDataStreams: C:\ProgramData\TEMP:D8134D8F
AlternateDataStreams: C:\ProgramData\TEMP:D94162E1
AlternateDataStreams: C:\ProgramData\TEMP:DDA2D0EB
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
AlternateDataStreams: C:\ProgramData\TEMP:E70CF2C0
AlternateDataStreams: C:\ProgramData\TEMP:E91ADC66
AlternateDataStreams: C:\ProgramData\TEMP:EA029835
AlternateDataStreams: C:\ProgramData\TEMP:EA7D76BE
AlternateDataStreams: C:\ProgramData\TEMP:F19A4790
AlternateDataStreams: C:\ProgramData\TEMP:FA7FE636
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\atashost => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\Services: Adobe Version Cue CS3 => 3
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: GameConsoleService => 3
MSCONFIG\Services: HauppaugeTVServer => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Album Fast Start.lnk => C:\Windows\pss\Album Fast Start.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk => C:\Windows\pss\Logitech Desktop Messenger.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Smart Wizard.lnk => C:\Windows\pss\NETGEAR WNA3100 Smart Wizard.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Joe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Stephanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.LNK => C:\Windows\pss\DesktopVideoPlayer.LNK.Startup
MSCONFIG\startupfolder: C:^Users^Stephanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk => C:\Windows\pss\LimeWire On Startup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Stephanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files\Common Files\Seagate\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTimounterMonitor => C:\Program Files\Seagate\DiscWizard\TimounterMonitor.exe
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Adobe_ID0EYTHM => C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
MSCONFIG\startupreg: Aeria Ignite => "C:\Program Files\Aeria Games\Ignite\aeriaignite.exe" silent
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Stephanie\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: bcmwltry => bcmwltry.exe
MSCONFIG\startupreg: BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} => "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Creative WebCam Tray => "C:\Program Files\Creative\Shared Files\CamTray.exe"
MSCONFIG\startupreg: CrossRiderPlugin => C:\Program Files\CrossriderWebApps\Crossrider.exe
MSCONFIG\startupreg: DiscWizardMonitor.exe => C:\Program Files\Seagate\DiscWizard\DiscWizardMonitor.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: dlbamon.exe => "C:\Program Files\Dell AIO Printer A940\dlbamon.exe"
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: Google Update => "C:\Users\Stephanie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: googletalk => C:\Users\Stephanie\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LDM => C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: LiveMonitor => C:\Program Files\MSI\Live Update 3\LMonitor.exe
MSCONFIG\startupreg: LWS => G:\logitek\webcam\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MsnMsgr => "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Name of App => C:\Program Files\SAMSUNG\FW LiveUpdate\FWManager.exe r
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: Orb => "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
MSCONFIG\startupreg: Overwolf => C:\Program Files\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SearchSettings => "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: USSShReg => C:\PROGRA~1\ULEADS~1\ULEADP~1.2\SSaver\Ussshreg.exe /r
MSCONFIG\startupreg: WinampAgent => "C:\Program Files\Winamp\winampa.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
MSCONFIG\startupreg: Xvid => C:\Program Files\Xvid\CheckUpdate.exe
MSCONFIG\startupreg: Yahoo! Pager => "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
MSCONFIG\startupreg: {0228e555-4f9c-4e35-a3ec-b109a192b4c2} => C:\Program Files\Google\Gmail Notifier\gnotify.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/01/2014 00:36:50 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
 
Error: (03/01/2014 00:29:30 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/01/2014 00:18:39 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/01/2014 00:18:22 PM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (03/01/2014 11:48:38 AM) (Source: Perflib) (User: )
Description: PNRPsvcC:\Windows\system32\pnrpperf.dll4
 
Error: (03/01/2014 11:48:37 AM) (Source: Perflib) (User: )
Description: EmdCacheC:\Windows\system32\emdmgmt.dll4
 
Error: (03/01/2014 10:50:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/01/2014 10:50:28 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Dependent Assembly rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (03/01/2014 10:43:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (03/01/2014 10:43:10 AM) (Source: BstHdAndroidSvc) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
 
System errors:
=============
Error: (03/01/2014 06:40:23 PM) (Source: Service Control Manager) (User: )
Description: Windows Search2300001Restart the service
 
Error: (03/01/2014 00:34:39 PM) (Source: Service Control Manager) (User: )
Description: Advanced SystemCare Service 71
 
Error: (03/01/2014 00:33:58 PM) (Source: Service Control Manager) (User: )
Description: Windows Search1300001Restart the service
 
Error: (03/01/2014 00:26:11 PM) (Source: Service Control Manager) (User: )
Description: KtmRm for Distributed Transaction Coordinator
 
Error: (03/01/2014 00:24:57 PM) (Source: DCOM) (User: )
Description: 1053ehRecvr-Service{F4396DC6-E851-4D3A-8D01-34E6949F3500}
 
Error: (03/01/2014 00:24:55 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Center Receiver Service
 
Error: (03/01/2014 00:24:03 PM) (Source: Service Control Manager) (User: )
Description: Google Update Service (gupdate)%%1053
 
Error: (03/01/2014 00:24:03 PM) (Source: Service Control Manager) (User: )
Description: 30000Google Update Service (gupdate)
 
Error: (03/01/2014 00:23:42 PM) (Source: Service Control Manager) (User: )
Description: 30000Windows Media Center Scheduler Service
 
Error: (03/01/2014 00:23:42 PM) (Source: Service Control Manager) (User: )
Description: Windows Font Cache Service%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (07/04/2012 09:05:57 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17075 seconds with 4260 seconds of active time.  This session ended with a crash.
 
Error: (06/27/2010 05:02:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 15 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (04/11/2010 02:51:57 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6524.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 141 seconds with 60 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-12-13 11:03:55.227
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:54.987
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:54.737
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:54.401
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:54.012
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:53.775
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:53.548
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:53.310
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18063_none_b2e033a8669434a1\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:52.895
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-12-13 11:03:52.662
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18311_none_b3144862666d6db3\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 57%
Total physical RAM: 3070.26 MB
Available physical RAM: 1304.45 MB
Total Pagefile: 6357.46 MB
Available Pagefile: 4273.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.79 MB
 
==================== Drives ================================
 
Drive c: (Neo) (Fixed) (Total:149.05 GB) (Free:3.39 GB) NTFS
Drive d: (Smith) (Fixed) (Total:74.5 GB) (Free:36.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Trinity) (Fixed) (Total:931.5 GB) (Free:323.91 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 7ED44D4A)
Partition 2: (Active) - (Size=932 GB) - (Type=05)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 75 GB) (Disk ID: 0375F900)
Partition 1: (Active) - (Size=75 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 149 GB) (Disk ID: 32434411)
Partition 1: (Not Active) - (Size=149 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
I am uncertain what is causing the issues with the frst.txt, If there is another way to get the full file to you, let me know, It states the file is too big to upload.


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:57 AM

Posted 02 March 2014 - 05:42 PM

Hello,

no I don't need the full log. I think I can imagine how it looks like with even more gibberish in it.. :)


Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.

  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"


#5 JoeMn

JoeMn
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:57 PM

Posted 03 March 2014 - 06:07 PM

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
 
Database version: v2014.03.03.07
 
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Stephanie :: MORPHEUS [administrator]
 
3/3/2014 4:35:19 PM
mbar-log-2014-03-03 (16-35-19).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 314086
Time elapsed: 23 minute(s), 2 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.0.6002 Windows Vista Service Pack 2 x86
 
Account is Administrative
 
Internet Explorer version: 9.0.8112.16421
 
Java version: 1.6.0_33
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, G:\ DRIVE_FIXED
CPU speed: 3.007000 GHz
Memory total: 3219398656, free: 1875189760
 
Downloaded database version: v2014.03.03.07
Downloaded database version: v2014.02.20.01
Initializing...
======================
------------ Kernel report ------------
     03/03/2014 16:35:15
------------ Loaded modules -----------
\SystemRoot\system32\ntkrnlpa.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\spmy.sys
\SystemRoot\System32\Drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\SCSIPORT.SYS
\SystemRoot\system32\drivers\acpi.sys
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\DRIVERS\intelide.sys
\SystemRoot\system32\DRIVERS\PCIIDEX.SYS
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\DRIVERS\jraid.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHelp20.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\msrpc.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\scmndisp.sys
\SystemRoot\system32\DRIVERS\timntr.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\Drivers\SmartDefragDriver.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\ecache.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\crcdisk.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\ohci1394.sys
\SystemRoot\system32\DRIVERS\1394BUS.SYS
\SystemRoot\system32\DRIVERS\Rtlh86.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\msiscsi.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\covpnwlh.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\circlass.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\AtihdLH3.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\RTKVHDA.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\Drivers\aswKbd.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\smb.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\AswRdr.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\SCDEmu.SYS
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\dc3d.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\NuidFltr.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\point32.sys
\SystemRoot\system32\DRIVERS\xusb21.sys
\SystemRoot\system32\DRIVERS\RzSynapse.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_JRAID.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\DRIVERS\tifsfilt.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\spsys.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\drivers\mrxdav.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\drivers\tdtcp.sys
\SystemRoot\System32\DRIVERS\tssecsrv.sys
\SystemRoot\System32\Drivers\RDPWD.SYS
\??\C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xffffffff88b530b8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Scsi\JRAID1Port0Path0Target3Lun0\
Lower Device Object: 0xffffffff87e0a030
Lower Device Driver Name: \Driver\JRAID\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xffffffff88a50548
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Scsi\JRAID1Port0Path0Target2Lun0\
Lower Device Object: 0xffffffff87e09030
Lower Device Driver Name: \Driver\JRAID\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8894dac8
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\Scsi\JRAID1Port0Path0Target0Lun0\
Lower Device Object: 0xffffffff87e06030
Lower Device Driver Name: \Driver\JRAID\
<<<2>>>
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xffffffff88b530b8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88c56868, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff88c56c50, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88b530b8, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff87e0a030, DeviceName: \Device\Scsi\JRAID1Port0Path0Target3Lun0\, DriverName: \Driver\JRAID\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
File user open failed: C:\WINDOWS\SYSTEM32\drivers\sptd.sys (0x00000020)
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8894dac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8894d458, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff8894d7b0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff8894dac8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff87e09e68, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff87e06030, DeviceName: \Device\Scsi\JRAID1Port0Path0Target0Lun0\, DriverName: \Driver\JRAID\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 7ED44D4A
 
Partition information:
 
    Partition 0 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 1 type is Extended with CSH (0x5)
    Partition is ACTIVE.
    Partition starts at LBA: 16065  Numsec = 1953504000
    Partition is not bootable
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-16064-1953505168-1953525168)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffffff88a50548, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88a50110, DeviceName: Unknown, DriverName: \Driver\snapman\
DevicePointer: 0xffffffff88a50230, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffffff88a50548, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffffff87e09030, DeviceName: \Device\Scsi\JRAID1Port0Path0Target2Lun0\, DriverName: \Driver\JRAID\
------------ End ----------
Alternate DeviceName: Unknown, DriverName: \Driver\partmgr\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 375F900
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 156243968
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 80000000000 bytes
Sector size: 512 bytes
 
Done!
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 32434411
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 312576000
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 160041885696 bytes
Sector size: 512 bytes
 
Done!
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-1-16065-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removal finished
 


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:57 AM

Posted 07 March 2014 - 01:09 PM

Please download Combofix (by sUBs) and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)

#7 JoeMn

JoeMn
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:57 PM

Posted 08 March 2014 - 01:50 PM

ComboFix 14-03-05.01 - Stephanie 03/08/2014  12:14:11.2.2 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3070.1325 [GMT -6:00]
Running from: g:\windows install\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: IObit Malware Fighter *Disabled/Updated* {A751AC20-3B48-5237-898A-78C4436BB78D}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Stephanie\AppData\Local\assembly\tmp
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpnbdefcbnoefmmcpelplabbkfmfhlho_0
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpnbdefcbnoefmmcpelplabbkfmfhlho_0\1
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jpnbdefcbnoefmmcpelplabbkfmfhlho_0\2
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\background.html
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\crossriderManifest.json
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\manifest.xml
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins.json
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\10_app_435_specific.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\17_jQuery.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\47_resources_background.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\49_similar_web.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\50_similar_web_bg.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\60_base_monetization.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\64_appApiMessage.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\72_appApiValidation.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\userCode\background.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\extensionData\userCode\extension.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\icons\actions\1.png
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\icons\icon128.png
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\icons\icon16.png
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\icons\icon48.png
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\api\chrome.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\api\cookie.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\api\message.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\api\pageAction.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\api\pageActionBG.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\background.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\app_api.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\bg_app_api.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\consts.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\cookie_store.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\crossriderAPI.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\delegate.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\events.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\extensionDataStore.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\installer.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\logFile.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\logging.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\onBGDocumentLoad.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\popupResource\newPopup.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\popupResource\popup.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\reports.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\storageWrapper.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\updateManager.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\util.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\lib\xhr.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\js\main.js
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\manifest.json
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho\1.25.75_0\popup.html
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jpnbdefcbnoefmmcpelplabbkfmfhlho_0.localstorage
c:\users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\windows\security\Database\tmp.edb
C:\WindowsSerifastd-black.otf
C:\WindowsSerifastd-bold.otf
C:\WindowsSerifastd-italic.otf
C:\WindowsSerifastd-light.otf
C:\WindowsSerifastd-lightitalic.otf
C:\WindowsSerifastd-roman.otf
.
.
(((((((((((((((((((((((((   Files Created from 2014-02-08 to 2014-03-08  )))))))))))))))))))))))))))))))
.
.
2014-03-08 18:28 . 2014-03-08 18:28 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-03-08 18:28 . 2014-03-08 18:28 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-03-08 18:28 . 2014-03-08 18:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-03-07 11:01 . 2014-02-06 07:08 7947048 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{7EF60A26-F68D-471E-96FC-4C024234D809}\mpengine.dll
2014-03-03 22:35 . 2014-03-03 23:02 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-03-03 22:35 . 2014-03-03 22:35 107224 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-03-03 22:34 . 2014-03-03 22:34 75480 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-03-02 21:12 . 2014-03-02 21:33 -------- d-----w- C:\FRST
2014-03-02 19:03 . 2014-03-02 19:03 -------- d-----w- c:\users\Stephanie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-02 16:07 . 2014-03-02 16:07 -------- d-----w- c:\users\Stephanie\AppData\Local\IsolatedStorage
2014-03-02 16:04 . 2014-03-02 16:04 -------- d-----w- c:\users\Stephanie\AppData\Roaming\Intuit
2014-03-02 15:58 . 2014-03-02 16:01 -------- d-----w- c:\program files\Common Files\Intuit
2014-03-02 15:57 . 2014-03-02 15:57 -------- d-----w- c:\program files\TurboTax
2014-03-02 15:57 . 2014-03-02 16:01 -------- d-----w- c:\programdata\Intuit
2014-02-26 16:26 . 2007-03-05 18:42 15128 ----a-w- c:\windows\system32\x3daudio1_1.dll
2014-02-25 21:54 . 2014-02-27 15:04 -------- d-----w- c:\program files\Common Files\Steam
2014-02-23 23:41 . 2014-02-23 23:41 -------- d-----w- c:\program files\Application Updater
2014-02-23 23:41 . 2014-02-23 23:41 -------- d-----w- c:\program files\IObit Apps Toolbar
2014-02-20 05:24 . 2014-02-20 05:24 2050560 ----a-w- c:\windows\system32\win32k.sys
2014-02-20 05:24 . 2014-02-20 05:24 36864 ----a-w- c:\windows\system32\wshcon.dll
2014-02-20 05:24 . 2014-02-20 05:24 172032 ----a-w- c:\windows\system32\scrrun.dll
2014-02-20 05:24 . 2014-02-20 05:24 155648 ----a-w- c:\windows\system32\wscript.exe
2014-02-20 05:24 . 2014-02-20 05:24 135168 ----a-w- c:\windows\system32\cscript.exe
2014-02-20 05:24 . 2014-02-20 05:24 131072 ----a-w- c:\windows\system32\wshom.ocx
2014-02-20 05:24 . 2014-02-20 05:24 335360 ----a-w- c:\windows\system32\SysFxUI.dll
2014-02-20 05:24 . 2014-02-20 05:24 167936 ----a-w- c:\windows\system32\drivers\portcls.sys
2014-02-20 05:24 . 2014-02-20 05:24 130048 ----a-w- c:\windows\system32\drivers\drmk.sys
2014-02-20 05:23 . 2014-02-20 05:23 158208 ----a-w- c:\windows\system32\imagehlp.dll
2014-02-20 04:45 . 2014-02-20 04:45 -------- d-----w- c:\users\Default\AppData\Local\Google
2014-02-20 04:16 . 2014-02-20 04:16 106296 ----a-w- c:\windows\system32\drivers\jraid.sys
2014-02-20 03:57 . 2014-02-20 03:57 1892056 ----a-w- c:\windows\system32\RTSndMgr.cpl
2014-02-20 03:57 . 2014-02-20 03:57 2937432 ----a-w- c:\windows\system32\drivers\RTKVHDA.sys
2014-02-20 03:57 . 2014-02-20 03:57 2547928 ----a-w- c:\windows\system32\RtkPgExt.dll
2014-02-20 03:57 . 2014-02-20 03:57 125144 ----a-w- c:\windows\system32\RtkCoInstII.dll
2014-02-20 03:57 . 2014-02-20 03:57 693385 ----a-w- c:\windows\system32\drivers\RTAIODAT.DAT
2014-02-20 03:55 . 2014-02-20 03:55 1935104 ----a-w- c:\windows\system32\MaxxAudioEQ.dll
2014-02-20 03:55 . 2014-02-20 03:55 860416 ----a-w- c:\windows\system32\MaxxAudioAPOShell.dll
2014-02-08 22:42 . 2014-02-09 01:06 -------- d-----w- c:\users\Stephanie\AppData\Roaming\AdobeMuse
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-20 05:24 . 2008-01-21 02:23 1304064 ----a-w- c:\windows\system32\WMALFXGFXDSP.dll
2014-02-20 03:57 . 2008-09-20 03:42 2329304 ----a-w- c:\windows\system32\RtkAPO.dll
2014-02-20 03:56 . 2013-10-09 19:27 332568 ----a-w- c:\windows\system32\MBWrp32.dll
2014-01-19 08:20 . 2014-01-19 08:20 53248 ----a-r- c:\users\Stephanie\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
2014-01-08 21:54 . 2014-01-19 11:45 103424 ----a-w- c:\windows\system32\IObitSmartDefragExtension.dll
2014-01-06 22:27 . 2012-07-02 12:53 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-01-06 22:27 . 2012-07-02 12:53 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-12-26 03:40 . 2013-12-26 03:40 395624 ----a-w- c:\windows\system32\ipcoin82.dll
2013-12-26 03:24 . 2013-12-26 03:24 396136 ----a-w- c:\windows\system32\itpcoin82.dll
2013-12-26 03:00 . 2013-12-26 03:00 782040 ----a-w- c:\windows\system32\RtkApoApi.dll
2013-12-26 02:59 . 2013-12-26 02:59 2395680 ----a-w- c:\windows\system32\FMAPO.dll
2013-12-26 02:59 . 2013-12-26 02:59 92584 ----a-w- c:\windows\system32\CONEQMSAPOGUILibrary.dll
2013-12-26 02:58 . 2013-12-26 02:58 182472 ----a-w- c:\windows\system32\AERTACap.dll
2013-12-24 16:40 . 2014-01-19 11:45 18624 ----a-w- c:\windows\system32\drivers\SmartDefragDriver.sys
2013-12-18 12:13 . 2009-10-02 18:50 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-16 12:56 . 2013-12-16 12:56 114408 ----a-w- c:\windows\system32\drivers\scdemu.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files\IObit Apps Toolbar\IE\8.8\iobitappsToolbarIE.dll" [2014-02-19 1398592]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
2014-02-19 18:17 1398592 ----a-w- c:\program files\IObit Apps Toolbar\IE\8.8\iobitappsToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}]
2014-01-13 22:20 752448 ----a-w- c:\program files\IObit\IObit Uninstaller\UninstallExplorer32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 21:54 175912 ----a-w- c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
2011-01-17 21:54 175912 ----a-w- c:\program files\Vuze_Remote\prxtbVuze.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ba14329e-9550-4989-b3f2-9732e92d17cc}"= "c:\program files\Vuze_Remote\prxtbVuze.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
"{03EB0E9C-7A91-4381-A220-9B52B641CDB1}"= "c:\program files\IObit Apps Toolbar\IE\8.8\iobitappsToolbarIE.dll" [2014-02-19 1398592]
.
[HKEY_CLASSES_ROOT\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CLASSES_ROOT\clsid\{03eb0e9c-7a91-4381-a220-9b52b641cdb1}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-01-30 21:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-01-30 21:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-01-30 21:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-01-30 21:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-01-30 21:05 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"Advanced SystemCare 7"="c:\program files\IObit\Advanced SystemCare 7\ASCTray.exe" [2013-12-18 2285344]
"SmartRAM"="c:\program files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe" [2014-02-27 542496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"Razer Naga Driver"="c:\program files\Razer\Naga\RazerNagaSysTray.exe" [2011-11-17 953232]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2013-12-26 12017368]
"IObit Malware Fighter"="c:\program files\IObit\IObit Malware Fighter\IMF.exe" [2013-12-13 1573184]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 1821576]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Album Fast Start.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Album Fast Start.lnk
backup=c:\windows\pss\Album Fast Start.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
backup=c:\windows\pss\Bluetooth.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Logitech Desktop Messenger.lnk
backup=c:\windows\pss\Logitech Desktop Messenger.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NETGEAR WNA3100 Smart Wizard.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk
backup=c:\windows\pss\NETGEAR WNA3100 Smart Wizard.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^Joe^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk]
path=c:\users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk
backup=c:\windows\pss\Xfire.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Stephanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopVideoPlayer.LNK]
path=c:\users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopVideoPlayer.LNK
backup=c:\windows\pss\DesktopVideoPlayer.LNK.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Stephanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnk.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^Stephanie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
path=c:\users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
2013-05-08 08:17 642664 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acronis Scheduler2 Service]
2007-04-20 02:29 149024 ----a-w- c:\program files\Common Files\Seagate\Schedule2\schedhlp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AcronisTimounterMonitor]
2007-04-20 02:38 1945688 ----a-w- c:\program files\Seagate\DiscWizard\TimounterMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Acrobat Speed Launcher]
2013-05-08 19:14 44128 ----a-w- c:\program files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06 958576 ----a-w- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2011-09-07 22:58 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2013-12-11 00:18 472984 ----a-w- c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2013-04-25 09:50 1075296 ----a-w- c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe_ID0EYTHM]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Aeria Ignite]
2013-06-06 21:59 1925656 ----a-w- c:\program files\Aeria Games\Ignite\aeriaignite.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-02-21 02:28 59240 ----a-w- c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\bcmwltry]
2003-07-25 23:28 462848 ----a-w- c:\windows\System32\bcmwltry.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2007-06-01 15:21 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlueStacks Agent]
2013-05-13 18:21 601928 ----a-w- c:\program files\BlueStacks\HD-Agent.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
2005-10-27 10:00 299008 ------w- c:\program files\Creative\Shared Files\CamTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CrossRiderPlugin]
2011-05-15 22:01 478720 ----a-w- c:\program files\CrossriderWebApps\Crossrider.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DiscWizardMonitor.exe]
2007-04-20 02:24 1169744 ----a-w- c:\program files\Seagate\DiscWizard\DiscWizardMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2011-07-28 23:08 1259376 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dlbamon.exe]
2007-03-05 21:57 435696 ----a-w- c:\program files\Dell AIO Printer A940\DLBAmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EvtMgr6]
2010-10-28 23:32 1352272 ----a-w- c:\program files\Logitech\SetPointP\SetPoint.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2010-09-26 03:22 136176 ----atw- c:\users\Stephanie\AppData\Local\Google\Update\GoogleUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\googletalk]
2007-01-01 21:22 3739648 ----a-w- c:\users\Stephanie\AppData\Roaming\Google\Google Talk\googletalk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GrooveMonitor]
2009-02-27 00:36 30040 ----a-w- c:\program files\Microsoft Office\Office12\GrooveMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IJNetworkScanUtility]
2010-08-23 15:11 206240 ----a-w- c:\program files\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2009-09-21 21:36 305440 ----a-w- c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
2011-06-20 20:07 2736128 ----a-w- c:\program files\Common Files\LightScribe\LightScribeControlPanel.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LiveMonitor]
2009-02-24 19:28 498688 ----a-w- c:\program files\MSI\Live Update 3\LMonitor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LWS]
2012-09-13 05:38 204136 ----a-w- g:\logitek\webcam\LWS\Webcam Software\LWS.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)]
2012-05-25 09:25 6595928 ----a-w- c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
2010-11-10 07:54 4240760 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Name of App]
2008-07-07 19:12 675935 ----a-w- c:\program files\SAMSUNG\FW LiveUpdate\FWManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2007-03-01 20:57 153136 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
2008-04-01 01:54 507904 ----a-w- c:\program files\Winamp Remote\bin\OrbTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Overwolf]
2013-11-11 20:55 35256 ----a-w- c:\program files\Overwolf\Overwolf.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-04-19 01:56 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings]
2014-02-19 18:17 1387328 ----a-w- c:\program files\Common Files\Spigot\Search Settings\SearchSettings.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-06-03 21:27 19603048 ----a-r- c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 14:16 254336 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard]
2010-02-19 19:37 517096 ----a-w- c:\program files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2013-10-03 20:52 295512 ----a-w- c:\program files\Real\RealPlayer\Update\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USSShReg]
1997-11-23 09:16 20992 ------w- c:\progra~1\ULEADS~1\ULEADP~1.2\SSaver\USSSHREG.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2011-07-11 21:47 74752 ----a-w- c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile Device Center]
2007-05-31 14:21 648072 ----a-w- c:\windows\WindowsMobile\wmdc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Xvid]
2011-01-17 19:41 8192 ----a-w- c:\program files\Xvid\CheckUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]
2005-07-15 21:48 479232 ----a-w- c:\program files\Google\Gmail Notifier\gnotify.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3851041998-961747506-847393003-1002]
"EnableNotificationsRef"=dword:00000001
.
S2 AdvancedSystemCareService7;Advanced SystemCare Service 7;c:\program files\IObit\Advanced SystemCare 7\ASCService.exe [2013-12-09 881440]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache
bthsvcs REG_MULTI_SZ   BthServ
WindowsMobile REG_MULTI_SZ   wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ   WcesComm RapiMgr
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2011-06-20 20:05 451872 ----a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-07 11:02 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.146\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-02 22:27]
.
2014-03-08 c:\windows\Tasks\Driver Booster Update.job
- c:\program files\IObit\Driver Booster\AutoUpdate.exe [2013-10-09 20:16]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 08:03]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-03 08:03]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002Core.job
- c:\users\Stephanie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 03:22]
.
2014-03-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002UA.job
- c:\users\Stephanie\AppData\Local\Google\Update\GoogleUpdate.exe [2010-09-26 03:22]
.
2012-01-19 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-3851041998-961747506-847393003-1002.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 22:13]
.
2011-12-28 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-3851041998-961747506-847393003-1002.job
- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-08-14 22:13]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://search.yahoo.com?type=800236&fr=spigot-yhp-ie
uInternet Settings,ProxyOverride = <local>
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: Append Link Target to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Trusted Zone: aeriagames.com
Trusted Zone: alpineaccess.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: intuit.com\accounts
Trusted Zone: intuit.com\ttlc
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 24.159.193.40 24.205.224.36 68.190.192.35
FF - ProfilePath - c:\users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=winamp-ff&s_qt=sb&tb_uuid=20111027021438513&tb_oid=16-06-2010&tb_mrud=13-11-2012&query=
FF - prefs.js: browser.startup.homepage - hxxp://search.yahoo.com?type=800236&fr=spigot-yhp-ff
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF - ExtSQL: 2014-02-27 01:05; ascsurfingprotection@iobit.com; c:\users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\extensions\ascsurfingprotection@iobit.com
FF - ExtSQL: 2014-02-27 01:05; iobitapps@mybrowserbar.com; c:\program files\IObit Apps Toolbar\FF
  FF - user.js: network.protocol-handler.warn-external.dnupdate - false
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-AdobeBridge - (no file)
HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\system32\Macromed\Flash\FlashUtil32_11_7_700_202_ActiveX.exe
ShellExecuteHooks-{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - (no file)
SafeBoot-WudfPf
SafeBoot-WudfRd
MSConfigStartUp-Akamai NetSession Interface - c:\users\Stephanie\AppData\Local\Akamai\netsession_win.exe
MSConfigStartUp-LDM - c:\program files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
.
.
.
**************************************************************************
scanning hidden processes ...  
.
scanning hidden autostart entries ... 
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\msiserver]
"ImagePath"="%systemroot%\system32\msiexec /V"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1e,c8,98,d3,cd,62,2f,46,a3,5c,1d,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,1e,c8,98,d3,cd,62,2f,46,a3,5c,1d,\
.
[HKEY_USERS\S-1-5-21-3851041998-961747506-847393003-1002\Software\SecuROM\License information*]
"datasecu"=hex:e6,1d,9b,06,76,3b,f5,6c,5d,e5,49,56,ac,9a,2e,35,4a,94,e1,17,82,
   0c,91,3d,e4,5b,65,67,ff,ea,01,11,44,af,2f,3f,e9,38,0b,af,52,9e,c5,f8,be,2b,\
"rkeysecu"=hex:3e,80,9e,c4,40,b4,90,83,87,8e,33,49,64,ac,f8,d9
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(948)
c:\windows\system32\relog_ap.dll
.
- - - - - - - > 'Explorer.exe'(6076)
c:\program files\WIDCOMM\Bluetooth Software\btncopy.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\atiesrxx.exe
c:\windows\system32\atieclxx.exe
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files\IObit\IObit Malware Fighter\IMFsrv.exe
c:\program files\IObit\Advanced SystemCare 7\Monitor.exe
c:\program files\Common Files\Seagate\Schedule2\schedul2.exe
c:\program files\IObit\Smart Defrag 3\SmartDefrag.exe
c:\program files\Application Updater\ApplicationUpdater.exe
c:\windows\system32\atashost.exe
c:\program files\BlueStacks\HD-LogRotatorService.exe
c:\program files\WIDCOMM\Bluetooth Software\btwdins.exe
c:\windows\system32\dlbacoms.exe
c:\program files\iWin Games\iWinTrusted.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe
c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
c:\program files\Microsoft SQL Server\90\Shared\sqlwriter.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\NETGEAR\WNA3100\WifiSvc.exe
c:\program files\IObit\Advanced SystemCare 7\RealTimeProtector.exe
c:\program files\IObit\Advanced SystemCare 7\AutoUpdate.exe
c:\windows\ehome\ehsched.exe
c:\windows\ehome\ehRecvr.exe
c:\windows\system32\wbem\unsecapp.exe
.
**************************************************************************
.
Completion time: 2014-03-08  12:49:21 - machine was rebooted
ComboFix-quarantined-files.txt  2014-03-08 18:49
ComboFix2.txt  2012-09-05 01:01
.
Pre-Run: 2,997,424,128 bytes free
Post-Run: 2,964,852,736 bytes free
.
- - End Of File - - 74C91DB298B845F979740EBCE84E3E28
8F558EB6672622401DA993E1E865C861


#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:57 AM

Posted 11 March 2014 - 05:44 AM

Sorry for the delay.


Step 1

Please download AdwCleaner (by Xplode) and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

 

 

 

Step 2

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#9 JoeMn

JoeMn
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:57 PM

Posted 12 March 2014 - 03:08 PM

Here is the log from the adwcleaner, I will have to get the frst scan a bit later tonight maybe.

 

# AdwCleaner v3.021 - Report created 12/03/2014 at 14:47:19
# Updated 10/03/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Stephanie - MORPHEUS
# Running from : C:\Users\Stephanie\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : Application Updater
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\ProgramData\Winamp Toolbar
Folder Deleted : C:\ProgramData\CodecCheck
Folder Deleted : C:\Program Files\Application Updater
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\ConduitEngine
Folder Deleted : C:\Program Files\IObit Apps Toolbar
Folder Deleted : C:\Program Files\Vuze_Remote
Folder Deleted : C:\Program Files\Winamp Toolbar
Folder Deleted : C:\Program Files\Vuze
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Windows\system32\AI_RecycleBin
Folder Deleted : C:\Users\Stephanie\AppData\Local\Conduit
Folder Deleted : C:\Users\Stephanie\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Stephanie\AppData\Local\PackageAware
Folder Deleted : C:\Users\Stephanie\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Stephanie\AppData\Local\vghd
Folder Deleted : C:\Users\Stephanie\AppData\Local\visi_coupon
Folder Deleted : C:\Users\Stephanie\AppData\Local\Winamp Toolbar
Folder Deleted : C:\Users\Stephanie\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Stephanie\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Stephanie\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Stephanie\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Stephanie\AppData\LocalLow\Vuze_Remote
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\DSite
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\iWin
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\WinampToolbarData
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{0B38152B-1B20-484D-A11F-5E04A9B0661F}
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\ascsurfingprotection@iobit.com
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\DeviceDetection@logitech.com
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\staged
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{1BC9BA34-1EED-42ca-A505-6D2F1A935BBB}
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{258735dc-6743-4805-95fc-f95941fffdad}
Folder Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
Folder Deleted : C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Folder Deleted : C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\END
File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
File Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\searchplugins\aol-web-search.xml
File Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\searchplugins\winamp-search.xml
File Deleted : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\user.js
File Deleted : C:\Windows\Tasks\Driver Booster Update.job
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{16157DB7-90D8-44C5-BCA9-4C1A0EA821E5}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{16157DB7-90D8-44C5-BCA9-4C1A0EA821E5}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{516A7300-655F-46BF-9ED0-4064CFBC8EE5}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FC2E0F9-0596-488D-848C-2ED57EA2350F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings
Value Deleted : HKLM\SOFTWARE\mozilla\Firefox\Extensions [crossriderapp435@crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9DA79E1B-25F3-4C39-B018-B4EB7A3599FA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9DA79E1B-25F3-4C39-B018-B4EB7A3599FA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A8C2644D-BF72-4A89-A88C-D85F565F2F46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{488833E8-CAAE-4218-B493-A013F26406D2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E33BA163-7844-428B-AE49-A1F8F469D9D0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{39FDCC2E-BA7C-4699-88F5-01341C8244D5}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\bflixtoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\bflixtoolbar
Key Deleted : HKLM\Software\caphyon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\conduitEngine
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Winamp Toolbar
Key Deleted : HKLM\Software\Vuze_Remote
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Conduit Engine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\daemon tools toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DSite
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vuze
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Vuze_Remote Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\30C16B15B255BD349A1157B8A83E2AF9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1CAE30F47D14B41B5FC8FA53658044
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16526
 
 
-\\ Mozilla Firefox v23.0.1 (en-US)
 
[ File : C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\prefs.js ]
 
Line Deleted : user_pref("aol_toolbar.surf.date", "2");
Line Deleted : user_pref("aol_toolbar.surf.lastDate", "11");
Line Deleted : user_pref("aol_toolbar.surf.lastMonth", "2");
Line Deleted : user_pref("aol_toolbar.surf.lastYear", "2014");
Line Deleted : user_pref("aol_toolbar.surf.month", "2");
Line Deleted : user_pref("aol_toolbar.surf.prevMonth", "3");
Line Deleted : user_pref("aol_toolbar.surf.total", "15257");
Line Deleted : user_pref("aol_toolbar.surf.week", "2");
Line Deleted : user_pref("aol_toolbar.surf.year", "4");
Line Deleted : user_pref("browser.search.defaulturl", "hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=winamp-ff&s_qt=sb&tb_uuid=20111027021438513&tb_oid=16-06-2010&tb_mrud=13-11-2012&query[...]
Line Deleted : user_pref("extensions.crossrider.bic", "1312c849f6929a24b814805c4a93d221");
Line Deleted : user_pref("extensions.crossriderapp435.435.active", true);
Line Deleted : user_pref("extensions.crossriderapp435.435.affid", "0");
Line Deleted : user_pref("extensions.crossriderapp435.435.backgroundjs", "\n//------------------  PLUGIN  START  ------30000------------\n(function(){appAPI.ready=function(a){appAPI.resources.isReady(a)}}());var Cro[...]
Line Deleted : user_pref("extensions.crossriderapp435.435.backgroundver", 8);
Line Deleted : user_pref("extensions.crossriderapp435.435.certdomaininstaller", "");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_aoi.value", "%221331567765%22");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_parent_zoneid.value", "%2214974%22");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie._GPL_zoneid.value", "%2223865%22");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_ID.value", "435");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_custom_zoneid.value", "14969");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0600 (Central Standard Time)");
Line Deleted : user_pref("extensions.crossriderapp435.435.cookie.__GPL_pubid.value", "%222993%22");
Line Deleted : user_pref("extensions.crossriderapp435.435.description", "Premiumplay Codec check");
Line Deleted : user_pref("extensions.crossriderapp435.435.domain", "");
Line Deleted : user_pref("extensions.crossriderapp435.435.emailsig", "");
Line Deleted : user_pref("extensions.crossriderapp435.435.exposesites", "");
Line Deleted : user_pref("extensions.crossriderapp435.435.fbremoteurl", "");
Line Deleted : user_pref("extensions.crossriderapp435.435.group", 0);
Line Deleted : user_pref("extensions.crossriderapp435.435.homepage", "");
Line Deleted : user_pref("extensions.crossriderapp435.435.iframe", false);
Line Deleted : user_pref("extensions.crossriderapp435.435.js", "\n//------------------  PLUGIN app_435_specific START  ------------------\nif(!appAPI.matchPages(\"search.babylon.com\",\"search.sweetim.com\",\"mystar[...]
Line Deleted : user_pref("extensions.crossriderapp435.435.name", "Codec-V");
Line Deleted : user_pref("extensions.crossriderapp435.435.premium", true);
Line Deleted : user_pref("extensions.crossriderapp435.435.publisher", "Premiumplay");
Line Deleted : user_pref("extensions.crossriderapp435.435.settingsurl", "");
Line Deleted : user_pref("extensions.crossriderapp435.435.thankyou", "");
Line Deleted : user_pref("extensions.crossriderapp435.435.ver", 61);
Line Deleted : user_pref("extensions.crossriderapp435.apps", "435");
Line Deleted : user_pref("extensions.crossriderapp435.bic", "1312c849f6929a24b814805c4a93d221");
Line Deleted : user_pref("extensions.crossriderapp435.cid", 435);
Line Deleted : user_pref("extensions.crossriderapp435.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp435.hadappinstalled", true);
Line Deleted : user_pref("extensions.crossriderapp435.installationdate", 1310711914);
Line Deleted : user_pref("extensions.crossriderapp435.jsver", 3);
Line Deleted : user_pref("extensions.crossriderapp435.lastcheck", 22535272);
Line Deleted : user_pref("extensions.crossriderapp435.lastcheckitem", 22535318);
Line Deleted : user_pref("extensions.crossriderapp435.misc.lastBgWorkerTimer", "1352119034168");
Line Deleted : user_pref("extensions.crossriderapp435.misc.lastDomWorkerTimer", "1352119034164");
Line Deleted : user_pref("extensions.enabledItems", "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.9,{98e34367-8df7-42b4-837b-20b892ff0849}:1.6,{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}:6.0.07,{CAFEEFAC-0016-0000-0012-ABC[...]
Line Deleted : user_pref("winamp_toolbar.buttons.layout", "shoutcast_30026;mobile/android_33522;post_to_twitter_33500;post_to_facebook_33511;post_to_AIM_33511;skins_btn_wa;plugins_btn_wa;shout_btn_wa;video_btn_wa;ai[...]
Line Deleted : user_pref("winamp_toolbar.cookie.homepage", "");
Line Deleted : user_pref("winamp_toolbar.cookie.search", "");
Line Deleted : user_pref("winamp_toolbar.curtain.congrats", "none");
Line Deleted : user_pref("winamp_toolbar.default.homepage.check", false);
Line Deleted : user_pref("winamp_toolbar.default.search.check", false);
Line Deleted : user_pref("winamp_toolbar.default.search.label", "AOL Search");
Line Deleted : user_pref("winamp_toolbar.default.search.url", "hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=winamp-ff&s_qt=sb&tb_uuid=20111027021438513&tb_oid=16-06-2010&tb_mrud=13-11-20[...]
Line Deleted : user_pref("winamp_toolbar.firsttime.showwindow", false);
Line Deleted : user_pref("winamp_toolbar.guid", "{AB07D263-1211-51A2-C829-4459C3D333A7}");
Line Deleted : user_pref("winamp_toolbar.homepageprotection.enabled", false);
Line Deleted : user_pref("winamp_toolbar.install.distroid", "");
Line Deleted : user_pref("winamp_toolbar.install.lastTbVersion", "5.6.20.9397");
Line Deleted : user_pref("winamp_toolbar.install.lid", "");
Line Deleted : user_pref("winamp_toolbar.install.mtmhp", "");
Line Deleted : user_pref("winamp_toolbar.install.ncid", "");
Line Deleted : user_pref("winamp_toolbar.metrics.activestampdate", "11");
Line Deleted : user_pref("winamp_toolbar.metrics.activestampmonth", "2");
Line Deleted : user_pref("winamp_toolbar.metrics.activestampyear", "2014");
Line Deleted : user_pref("winamp_toolbar.metrics.log", false);
Line Deleted : user_pref("winamp_toolbar.metrics.originalDate", "16");
Line Deleted : user_pref("winamp_toolbar.metrics.originalHours", "16");
Line Deleted : user_pref("winamp_toolbar.metrics.originalMinutes", "20");
Line Deleted : user_pref("winamp_toolbar.metrics.originalMonth", "6");
Line Deleted : user_pref("winamp_toolbar.metrics.originalSeconds", "47");
Line Deleted : user_pref("winamp_toolbar.metrics.originalYear", "2010");
Line Deleted : user_pref("winamp_toolbar.relatednews.enabled", false);
Line Deleted : user_pref("winamp_toolbar.remote..xml", "1394515836926");
Line Deleted : user_pref("winamp_toolbar.remote.publish.xml", "1394515771309");
Line Deleted : user_pref("winamp_toolbar.search.button", true);
Line Deleted : user_pref("winamp_toolbar.search.cid", "30-04-2013");
Line Deleted : user_pref("winamp_toolbar.search.instd", "20111027021438513");
Line Deleted : user_pref("winamp_toolbar.search.oid", "16-06-2010");
Line Deleted : user_pref("winamp_toolbar.search.placement", "left");
Line Deleted : user_pref("winamp_toolbar.search.populateoncomplete", false);
Line Deleted : user_pref("winamp_toolbar.search.savehistory", false);
Line Deleted : user_pref("winamp_toolbar.search.searchtype", "web");
Line Deleted : user_pref("winamp_toolbar.search.source", "winamp-ff");
Line Deleted : user_pref("winamp_toolbar.searchprotection.enabled", false);
Line Deleted : user_pref("winamp_toolbar.skin.custom", true);
Line Deleted : user_pref("winamp_toolbar.strbundle.msg", "Winamp Toolbar");
Line Deleted : user_pref("winamp_toolbar.upgrade.showwindow", false);
Line Deleted : user_pref("winamp_toolbar.weather.degc", "10");
Line Deleted : user_pref("winamp_toolbar.weather.degf", "50");
Line Deleted : user_pref("winamp_toolbar.weather.image", "chrome://winamptoolbar/skin/weather/26_n.png");
Line Deleted : user_pref("winamp_toolbar.weather.locationid", "USNY0996");
Line Deleted : user_pref("winamp_toolbar.weather.metric", true);
Line Deleted : user_pref("winamp_toolbar.weather.tooltip", "New York , NY : Cloudy");
Line Deleted : user_pref("winamp_toolbar.weather.update", "1394515836927");
Line Deleted : user_pref("winamp_toolbar.winamp.appversion", "20568");
Line Deleted : user_pref("winamp_toolbar.winamp.artist", "");
Line Deleted : user_pref("winamp_toolbar.winamp.button.focus", true);
Line Deleted : user_pref("winamp_toolbar.winamp.button.forward", true);
Line Deleted : user_pref("winamp_toolbar.winamp.button.open", true);
Line Deleted : user_pref("winamp_toolbar.winamp.button.pause", true);
Line Deleted : user_pref("winamp_toolbar.winamp.button.play", true);
Line Deleted : user_pref("winamp_toolbar.winamp.button.rewind", true);
Line Deleted : user_pref("winamp_toolbar.winamp.button.stop", false);
Line Deleted : user_pref("winamp_toolbar.winamp.button.volume", true);
Line Deleted : user_pref("winamp_toolbar.winamp.ticker.show", true);
Line Deleted : user_pref("winamp_toolbar.winamp.title", "-999999");
Line Deleted : user_pref("winamp_toolbar.winamp.tracklength", "236");
Line Deleted : user_pref("winamp_toolbar.winamp.tracktime", "13355");
Line Deleted : user_pref("winamp_toolbar.winamp.volume", "117");
 
-\\ Google Chrome v33.0.1750.146
 
[ File : C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [4830 octets] - [12/03/2014 14:39:31]
AdwCleaner[R1].txt - [28826 octets] - [12/03/2014 14:41:08]
AdwCleaner[S0].txt - [27226 octets] - [12/03/2014 14:47:19]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [27287 octets] ##########


#10 JoeMn

JoeMn
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:57 PM

Posted 12 March 2014 - 04:28 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-03-2014
Ran by Stephanie (administrator) on MORPHEUS on 12-03-2014 16:25:42
Running from G:\Windows install
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Acronis) C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe
(WebEx Communications, Inc.) C:\Windows\system32\atashost.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
( ) C:\Windows\system32\dlbacoms.exe
(iWin Inc.) C:\Program Files\iWin Games\iWinTrusted.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(Razer USA Ltd) C:\Program Files\Razer\Naga\RazerNagaSysTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
() C:\Users\Stephanie\Desktop\Desktop Icons\Xpadder.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [ISUSScheduler] - C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM\...\Run: [Razer Naga Driver] - C:\Program Files\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2013-12-25] (Realtek Semiconductor)
HKLM\...\Run: [IObit Malware Fighter] - C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [1573184 2013-12-13] (IObit)
HKLM\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM\...\Run: [itype] - C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
HKU\S-1-5-21-3851041998-961747506-847393003-1002\...\Run: [SmartRAM] - C:\Program Files\IObit\Advanced SystemCare 7\Suo10_SmartRAM.exe [542496 2014-02-27] (IObit)
Lsa: [Authentication Packages] msv1_0 relog_ap
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.yahoo.com?type=800236&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAE1825CAB67ECE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {AFCE25B8-253A-49F0-AF0B-6045C2360F45} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=800236&p={searchTerms}
SearchScopes: HKCU - {B730E2FB-931E-C117-652C-C429D0471E60} URL = http://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Microsoft Web Test Recorder 10.0 Helper - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Jojo's%20Fashion%20Show/Images/stg_drm.ocx
DPF: {2BCDB465-81F9-41CB-832C-8037A4064446} C:\Users\STEPHA~1\AppData\Local\Temp\f5tmp\urxvpn.cab
DPF: {41EF3CD2-D8CC-4438-84B1-280BB4E77C8E} C:\Users\STEPHA~1\AppData\Local\Temp\f5tmp\f5tunsrv.cab
DPF: {45B69029-F3AB-4204-92DE-D5140C3E8E74} C:\Users\STEPHA~1\AppData\Local\Temp\IXP000.TMP\InstallerControl.cab#-1,-1,-1,-1
DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB
DPF: {7417F730-7BAB-409E-8BB7-6936D361B869} http://csweb.netgame.com/main/MLauncher.cab
DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE} http://www.netgame.com/mplugin/mglaunch_USAv1005.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/The%20Scruffs/Images/armhelper.ocx
DPF: {CC85ACDF-B277-486F-8C70-2C9B2ED2A4E7} C:\Users\STEPHA~1\AppData\Local\Temp\f5tmp\urxshost.cab
DPF: {E0FF21FA-B857-45C5-8621-F120A0C17FF2} C:\Users\STEPHA~1\AppData\Local\Temp\f5tmp\urxhost.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: bw+0 - No CLSID Value - 
Handler: bw+0s - No CLSID Value - 
Handler: bw-0 - No CLSID Value - 
Handler: bw-0s - No CLSID Value - 
Handler: bw00 - No CLSID Value - 
Handler: bw00s - No CLSID Value - 
Handler: bw10 - No CLSID Value - 
Handler: bw10s - No CLSID Value - 
Handler: bw20 - No CLSID Value - 
Handler: bw20s - No CLSID Value - 
Handler: bw30 - No CLSID Value - 
Handler: bw30s - No CLSID Value - 
Handler: bw40 - No CLSID Value - 
Handler: bw40s - No CLSID Value - 
Handler: bw50 - No CLSID Value - 
Handler: bw50s - No CLSID Value - 
Handler: bw60 - No CLSID Value - 
Handler: bw60s - No CLSID Value - 
Handler: bw70 - No CLSID Value - 
Handler: bw70s - No CLSID Value - 
Handler: bw80 - No CLSID Value - 
Handler: bw80s - No CLSID Value - 
Handler: bw90 - No CLSID Value - 
Handler: bw90s - No CLSID Value - 
Handler: bwa0 - No CLSID Value - 
Handler: bwa0s - No CLSID Value - 
Handler: bwb0 - No CLSID Value - 
Handler: bwb0s - No CLSID Value - 
Handler: bwc0 - No CLSID Value - 
Handler: bwc0s - No CLSID Value - 
Handler: bwd0 - No CLSID Value - 
Handler: bwd0s - No CLSID Value - 
Handler: bwe0 - No CLSID Value - 
Handler: bwe0s - No CLSID Value - 
Handler: bwf0 - No CLSID Value - 
Handler: bwf0s - No CLSID Value - 
Handler: bwg0 - No CLSID Value - 
Handler: bwg0s - No CLSID Value - 
Handler: bwh0 - No CLSID Value - 
Handler: bwh0s - No CLSID Value - 
Handler: bwi0 - No CLSID Value - 
Handler: bwi0s - No CLSID Value - 
Handler: bwj0 - No CLSID Value - 
Handler: bwj0s - No CLSID Value - 
Handler: bwk0 - No CLSID Value - 
Handler: bwk0s - No CLSID Value - 
Handler: bwl0 - No CLSID Value - 
Handler: bwl0s - No CLSID Value - 
Handler: bwm0 - No CLSID Value - 
Handler: bwm0s - No CLSID Value - 
Handler: bwn0 - No CLSID Value - 
Handler: bwn0s - No CLSID Value - 
Handler: bwo0 - No CLSID Value - 
Handler: bwo0s - No CLSID Value - 
Handler: bwp0 - No CLSID Value - 
Handler: bwp0s - No CLSID Value - 
Handler: bwq0 - No CLSID Value - 
Handler: bwq0s - No CLSID Value - 
Handler: bwr0 - No CLSID Value - 
Handler: bwr0s - No CLSID Value - 
Handler: bws0 - No CLSID Value - 
Handler: bws0s - No CLSID Value - 
Handler: bwt0 - No CLSID Value - 
Handler: bwt0s - No CLSID Value - 
Handler: bwu0 - No CLSID Value - 
Handler: bwu0s - No CLSID Value - 
Handler: bwv0 - No CLSID Value - 
Handler: bwv0s - No CLSID Value - 
Handler: bww0 - No CLSID Value - 
Handler: bww0s - No CLSID Value - 
Handler: bwx0 - No CLSID Value - 
Handler: bwx0s - No CLSID Value - 
Handler: bwy0 - No CLSID Value - 
Handler: bwy0s - No CLSID Value - 
Handler: bwz0 - No CLSID Value - 
Handler: bwz0s - No CLSID Value - 
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: offline-8876480 - No CLSID Value - 
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 24.159.193.40 24.205.224.36 68.190.192.35
 
FireFox:
========
FF ProfilePath: C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default
FF Homepage: hxxp://search.yahoo.com?type=800236&fr=spigot-yhp-ff
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=800236&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @zylom.com/ZylomGamesPlayer - C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll (Zylom)
FF Plugin: Adobe Acrobat - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - G:\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @eximion.com/KalydoPlayer3.10.04 - C:\Users\Stephanie\AppData\Roaming\Kalydo\KalydoPlayer\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @g2.com/iggweb3dupdater - C:\Users\Stephanie\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll (IGG)
FF Plugin HKCU: @g2.com/joyconnectshell - C:\Users\Stephanie\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll (IGG)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Stephanie\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Stephanie\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Stephanie\AppData\Local\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Stephanie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 - C:\Users\Stephanie\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npzylomgamesplayer.dll (Zylom)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\confmgr.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\ctxlogging.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\msvcm80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\msvcp80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\msvcr80.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npatgpc.dll (WebEx Communications, Inc)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Stephanie\AppData\Roaming\mozilla\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF SearchPlugin: C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\searchplugins\aol-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Embedded Objects - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\firefox@red-cog.com.xpi [2011-08-19]
FF Extension: Personas Plus - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\personas@christopher.beard.xpi [2013-03-31]
FF Extension: Adblock Plus - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-09-27]
FF Extension: DownThemAll! - C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\hb6bav3t.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2011-10-17]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} [2008-09-21]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} [2009-03-09]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} [2009-09-07]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} [2009-11-22]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2010-05-28]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} [2010-09-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [2010-11-02]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [2011-05-15]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} [2011-06-30]
FF HKLM\...\Firefox\Extensions: [{98e34367-8df7-42b4-837b-20b892ff0849}] - C:\ProgramData\iWin Games\firefox
FF Extension: iWinGames Plugin - C:\ProgramData\iWin Games\firefox [2009-10-27]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-05-25]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-08-31]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-01]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-03]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF StartMenuInternet: FIREFOX.EXE - C:\Program Files\Mozilla Firefox\5.0\firefox.exe
 
Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-08]
CHR Extension: (Google Drive) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-08]
CHR Extension: (YouTube) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-08]
CHR Extension: (Google Search) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-08]
CHR Extension: (RealDownloader) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2012-12-17]
CHR Extension: (Skype Click to Call) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-06-19]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-02-27]
CHR Extension: (Google Wallet) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-09-01]
CHR Extension: (Gmail) - C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-08]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKLM\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2013-11-17]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
 
========================== Services (Whitelisted) =================
 
R2 AcrSch2Svc; C:\Program Files\Common Files\Seagate\Schedule2\schedul2.exe [411168 2007-04-19] (Acronis)
S4 Adobe Version Cue CS3; C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe [153792 2007-03-20] (Adobe Systems Incorporated)
S2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
S4 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144712 2009-06-05] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-05-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-05-13] (BlueStack Systems, Inc.)
R2 dlba_device; C:\Windows\system32\dlbacoms.exe [538096 2007-03-05] ( )
S4 GameConsoleService; C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe [246520 2010-07-28] (WildTangent, Inc.)
S4 HauppaugeTVServer; C:\Program Files\WinTV\HCWTVServer.exe [815104 2007-02-20] (Hauppauge Computer Works)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [341824 2013-11-11] (IObit)
R2 iWinTrusted; C:\Program Files\iWin Games\iWinTrusted.exe [176408 2010-07-07] (iWin Inc.)
S2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [3004416 2007-11-07] (Microsoft Corporation)
S3 OverwolfUpdaterService; C:\Program Files\Overwolf\OverwolfUpdater.exe [18360 2013-11-11] (Overwolf Ltd)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S3 usprserv; C:\Windows\System32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
R2 WSWNA3100; C:\Program Files\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
S2 PavPrSrv; "C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe" [X]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\system32\Drivers\aswFsBlk.sys [29816 2013-05-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\Drivers\aswKbd.sys [18544 2012-08-21] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [66336 2013-05-09] (AVAST Software)
R1 AswRdr; C:\Windows\system32\Drivers\AswRdr.sys [49760 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49376 2013-05-09] ()
R1 aswSnx; C:\Windows\system32\Drivers\aswSnx.sys [770344 2013-07-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\Drivers\aswSP.sys [369584 2013-07-07] (AVAST Software)
R1 aswTdi; C:\Windows\system32\Drivers\aswTdi.sys [56080 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [175176 2013-07-07] ()
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdLH3.sys [83984 2012-02-23] (Advanced Micro Devices)
S3 BCMH43XX; C:\Windows\System32\DRIVERS\bcmwlhigh6.sys [699896 2009-11-06] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-05-13] (BlueStack Systems)
S3 f5ipfw; C:\Windows\system32\drivers\urfltwlh.sys [24624 2013-04-13] (F5 Networks, Inc.)
S4 FileMonitor; C:\Program Files\IObit\IObit Malware Fighter\Drivers\wlh_x86\FileMonitor.sys [21480 2013-03-23] (IObit)
S3 hcwPP2; C:\Windows\System32\DRIVERS\hcwPP2.sys [185728 2007-02-06] (Hauppauge Computer Works, Inc.)
R0 JRAID; C:\Windows\System32\DRIVERS\jraid.sys [106296 2014-02-19] (JMicron Technology Corp.)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [17408 2008-10-09] (Windows ® Codename Longhorn DDK provider)
S3 LUsbFilt; C:\Windows\System32\Drivers\LUsbFilt.Sys [28624 2010-08-24] (Logitech, Inc.)
S3 MSIGreenPower; C:\Program Files\MSI\DualCoreCenter\Green Power Center\NTGLM7X.sys [28160 2008-03-12] (MICRO-STAR INT'L CO., LTD.)
S3 MSIGreenPowerRushTop; C:\Program Files\MSI\DualCoreCenter\Green Power Center\RushTop.sys [55296 2008-04-23] (Your Corporation)
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [655872 2008-10-29] (Ralink Technology Corp.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [50704 2010-02-03] (CACE Technologies, Inc.)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [21792 2011-04-13] (Microsoft Corporation)
S3 P1370Afx; C:\Windows\system32\Drivers\P1370Afx.sys [143136 2007-04-02] (Creative Technology Ltd.)
S3 P1370Aud; C:\Windows\system32\Drivers\P1370Aud.sys [93056 2005-12-05] (Creative Technology Ltd.)
S3 P1370Aul; C:\Windows\system32\Drivers\P1370Aul.sys [4992 2005-12-06] (Creative Technology Ltd.)
S3 P1370Vfx; C:\Windows\System32\DRIVERS\P1370Vfx.sys [7424 2007-03-05] (EyePower Games Pte. Ltd.)
S3 P1370VID; C:\Windows\System32\DRIVERS\P1370Vid.sys [297888 2007-03-28] (Creative Technology Ltd.)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [45968 2011-11-03] (Rovi Corporation)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\regfilter.sys [32288 2013-11-19] (IObit.com)
S3 rt70x86; C:\Windows\System32\DRIVERS\netr70.sys [299520 2009-02-26] (Ralink Technology Corp.)
S3 RushTopDevice_J; C:\Program Files\MSI\DualCoreCenter\Green Power Center\RushJ.sys [18944 2008-04-23] (Your Corporation)
R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [103424 2011-11-15] (Razer USA Ltd)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2013-12-16] (Power Software Ltd)
R0 SCMNdisP; C:\Windows\System32\DRIVERS\scmndisp.sys [21728 2007-01-19] (Windows ® Codename Longhorn DDK provider)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [18624 2013-12-24] (IObit)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [722416 2009-09-07] ()
R2 tifsfilter; C:\Windows\System32\DRIVERS\tifsfilt.sys [32768 2008-10-06] (Acronis)
S3 UrlFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\wlh_x86\UrlFilter.sys [20944 2013-11-19] (IObit.com)
R3 urvpndrv; C:\Windows\System32\DRIVERS\covpnwlh.sys [40528 2013-04-13] (F5 Networks, Inc.)
S3 USB_RNDIS; C:\Windows\System32\DRIVERS\usb8023.sys [15872 2013-02-11] (Microsoft Corporation)
S3 VSPerfDrv100; C:\Program Files\Microsoft Visual Studio 10.0\Team Tools\Performance Tools\VSPerfDrv100.sys [54144 2011-01-18] (Microsoft Corporation)
S3 WEBNTACCESS; C:\Program Files\MSI\Live Update 3\NTACCESS.SYS [17920 2008-06-10] (Your Corporation)
S3 WinRing0_1_2_0; C:\Program Files\IObit\Game Booster 3\Driver\WinRing0.sys [14416 2010-11-01] (OpenLibSys.org)
S3 xnacc; C:\Windows\System32\DRIVERS\xnacc.sys [521216 2008-01-20] (Microsoft Corporation)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-20] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S2 eamonm; system32\DRIVERS\eamonm.sys [X]
S3 GMSIPCI; \??\E:\INSTALL\GMSIPCI.SYS [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S2 PavProc; \??\C:\Windows\system32\DRIVERS\PavProc.sys [X]
S1 ShldDrv; System32\DRIVERS\ShlDrv51.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-12 14:54 - 2014-03-12 14:54 - 00001490 _____ () C:\Windows\PFRO.log
2014-03-12 14:39 - 2014-03-12 14:49 - 00000000 ____D () C:\AdwCleaner
2014-03-12 14:08 - 2014-03-12 14:09 - 01949184 _____ () C:\Users\Stephanie\Desktop\AdwCleaner.exe
2014-03-11 21:35 - 2014-03-11 21:35 - 00000104 _____ () C:\Users\Public\Computer - Shortcut.lnk
2014-03-08 13:49 - 2014-03-08 13:49 - 00040229 _____ () C:\ComboFix.txt
2014-03-08 13:11 - 2014-03-08 13:49 - 00000000 ____D () C:\ComboFix
2014-03-08 13:03 - 2014-03-08 13:03 - 00000538 _____ () C:\Users\Stephanie\Desktop\ComboFix.exe - Shortcut.lnk
2014-03-03 17:35 - 2014-03-03 18:02 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-03 17:35 - 2014-03-03 17:35 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-03 17:34 - 2014-03-03 18:02 - 00000000 ____D () C:\Users\Stephanie\Desktop\mbar
2014-03-03 17:34 - 2014-03-03 17:34 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 16:12 - 2014-03-12 16:25 - 00000000 ____D () C:\FRST
2014-03-02 14:03 - 2014-03-02 14:03 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-02 11:09 - 2014-03-02 11:41 - 00000000 ____D () C:\Users\Stephanie\Documents\TurboTax
2014-03-02 11:07 - 2014-03-02 11:07 - 00000000 ____D () C:\Users\Stephanie\AppData\Local\IsolatedStorage
2014-03-02 11:04 - 2014-03-02 11:04 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Intuit
2014-03-02 11:03 - 2014-03-02 11:15 - 00000451 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-03-02 11:01 - 2014-03-02 11:01 - 00001838 _____ () C:\Users\Public\Desktop\TurboTax 2012.lnk
2014-03-02 10:58 - 2014-03-02 11:01 - 00000000 ____D () C:\Program Files\Common Files\Intuit
2014-03-02 10:57 - 2014-03-02 11:01 - 00000000 ____D () C:\ProgramData\Intuit
2014-03-02 10:57 - 2014-03-02 10:57 - 00000000 ____D () C:\Program Files\TurboTax
2014-02-27 17:58 - 2014-02-27 17:58 - 00000202 _____ () C:\Users\Stephanie\Desktop\Saints Row IV.url
2014-02-26 11:27 - 2010-06-02 05:55 - 00527192 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_7.dll
2014-02-26 11:27 - 2010-06-02 05:55 - 00239960 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_7.dll
2014-02-26 11:27 - 2010-06-02 05:55 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_5.dll
2014-02-26 11:27 - 2010-05-26 12:41 - 02106216 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-02-26 11:27 - 2010-05-26 12:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-02-26 11:27 - 2010-05-26 12:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-02-26 11:27 - 2010-05-26 12:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-02-26 11:27 - 2010-05-26 12:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-02-26 11:27 - 2010-02-04 11:01 - 00528216 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_6.dll
2014-02-26 11:27 - 2010-02-04 11:01 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_6.dll
2014-02-26 11:27 - 2010-02-04 11:01 - 00074072 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_4.dll
2014-02-26 11:27 - 2010-02-04 11:01 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_7.dll
2014-02-26 11:27 - 2009-09-04 18:44 - 00238936 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_5.dll
2014-02-26 11:27 - 2009-09-04 18:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-02-26 11:27 - 2009-09-04 18:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-02-26 11:27 - 2009-09-04 18:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-02-26 11:27 - 2009-09-04 18:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-02-26 11:27 - 2009-03-16 15:18 - 00517448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_4.dll
2014-02-26 11:27 - 2009-03-16 15:18 - 00235352 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_4.dll
2014-02-26 11:27 - 2009-03-16 15:18 - 00022360 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_6.dll
2014-02-26 11:27 - 2009-03-09 16:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-02-26 11:27 - 2008-10-27 11:04 - 00514384 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_3.dll
2014-02-26 11:27 - 2008-10-27 11:04 - 00235856 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_3.dll
2014-02-26 11:27 - 2008-10-27 11:04 - 00070992 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_2.dll
2014-02-26 11:27 - 2008-10-27 11:04 - 00023376 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_5.dll
2014-02-26 11:27 - 2008-10-15 07:22 - 04379984 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_40.dll
2014-02-26 11:27 - 2008-10-15 07:22 - 02036576 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_40.dll
2014-02-26 11:27 - 2008-10-15 07:22 - 00452440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_40.dll
2014-02-26 11:27 - 2008-07-31 11:41 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_2.dll
2014-02-26 11:27 - 2008-07-31 11:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_1.dll
2014-02-26 11:27 - 2008-07-31 11:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_2.dll
2014-02-26 11:27 - 2008-05-30 15:19 - 00507400 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_1.dll
2014-02-26 11:27 - 2008-05-30 15:18 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_1.dll
2014-02-26 11:27 - 2008-05-30 15:17 - 00065032 _____ (Microsoft Corporation) C:\Windows\system32\XAPOFX1_0.dll
2014-02-26 11:27 - 2008-05-30 15:17 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_4.dll
2014-02-26 11:27 - 2008-05-30 15:11 - 03850760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_38.dll
2014-02-26 11:27 - 2008-05-30 15:11 - 01491992 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_38.dll
2014-02-26 11:27 - 2008-05-30 15:11 - 00467984 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_38.dll
2014-02-26 11:27 - 2008-03-05 17:03 - 00479752 _____ (Microsoft Corporation) C:\Windows\system32\XAudio2_0.dll
2014-02-26 11:27 - 2008-03-05 17:03 - 00238088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine3_0.dll
2014-02-26 11:27 - 2008-03-05 17:00 - 00025608 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_3.dll
2014-02-26 11:27 - 2008-03-05 16:56 - 03786760 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_37.dll
2014-02-26 11:27 - 2008-03-05 16:56 - 01420824 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_37.dll
2014-02-26 11:27 - 2008-02-06 00:07 - 00462864 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_37.dll
2014-02-26 11:27 - 2007-10-22 04:39 - 00267272 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_10.dll
2014-02-26 11:27 - 2007-10-22 04:37 - 00017928 _____ (Microsoft Corporation) C:\Windows\system32\X3DAudio1_2.dll
2014-02-26 11:27 - 2007-10-12 16:14 - 03734536 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_36.dll
2014-02-26 11:27 - 2007-10-12 16:14 - 01374232 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_36.dll
2014-02-26 11:27 - 2007-10-02 10:56 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_36.dll
2014-02-26 11:27 - 2007-07-20 01:57 - 00267112 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_9.dll
2014-02-26 11:27 - 2007-07-19 19:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-02-26 11:27 - 2007-07-19 19:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-02-26 11:27 - 2007-07-19 19:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-02-26 11:27 - 2007-06-20 21:46 - 00266088 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_8.dll
2014-02-26 11:27 - 2007-05-16 17:45 - 03497832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_34.dll
2014-02-26 11:27 - 2007-05-16 17:45 - 01124720 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_34.dll
2014-02-26 11:27 - 2007-05-16 17:45 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_34.dll
2014-02-26 11:27 - 2007-04-04 19:55 - 00261480 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_7.dll
2014-02-26 11:27 - 2007-03-15 17:57 - 00443752 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_33.dll
2014-02-26 11:27 - 2007-03-12 17:42 - 03495784 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_33.dll
2014-02-26 11:27 - 2007-03-12 17:42 - 01123696 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_33.dll
2014-02-26 11:27 - 2007-01-24 16:27 - 00255848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_6.dll
2014-02-26 11:27 - 2006-12-08 13:02 - 00251672 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_5.dll
2014-02-26 11:27 - 2006-11-29 14:06 - 00440080 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10.dll
2014-02-26 11:26 - 2007-03-05 13:42 - 00015128 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_1.dll
2014-02-26 11:26 - 2006-09-28 17:05 - 02414360 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_31.dll
2014-02-26 11:26 - 2006-09-28 17:05 - 00237848 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_4.dll
2014-02-26 11:26 - 2006-07-28 10:30 - 00236824 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_3.dll
2014-02-26 11:26 - 2006-07-28 10:30 - 00062744 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_2.dll
2014-02-26 11:26 - 2006-05-31 08:24 - 00230168 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_2.dll
2014-02-26 11:26 - 2006-03-31 13:40 - 02388176 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_30.dll
2014-02-26 11:26 - 2006-03-31 13:39 - 00229584 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_1.dll
2014-02-26 11:26 - 2006-03-31 13:39 - 00062672 _____ (Microsoft Corporation) C:\Windows\system32\xinput1_1.dll
2014-02-26 11:26 - 2006-02-03 09:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll
2014-02-26 11:26 - 2006-02-03 09:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\system32\xactengine2_0.dll
2014-02-26 11:26 - 2006-02-03 09:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\system32\x3daudio1_0.dll
2014-02-26 11:26 - 2005-12-05 19:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll
2014-02-26 11:26 - 2005-07-22 20:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll
2014-02-26 11:26 - 2005-05-26 16:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll
2014-02-26 11:26 - 2005-03-18 18:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll
2014-02-26 11:26 - 2005-02-05 20:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll
2014-02-25 17:03 - 2014-03-01 08:51 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-25 16:54 - 2014-02-27 10:04 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-02-25 16:53 - 2014-02-25 16:53 - 00000471 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-20 00:26 - 2014-02-20 00:26 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-20 00:26 - 2014-02-20 00:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-20 00:26 - 2014-02-20 00:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-20 00:26 - 2014-02-20 00:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-20 00:24 - 2014-02-20 00:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-20 00:24 - 2014-02-20 00:24 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-02-20 00:24 - 2014-02-20 00:24 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-20 00:24 - 2014-02-20 00:24 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-20 00:24 - 2014-02-20 00:24 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-20 00:24 - 2014-02-20 00:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-20 00:24 - 2014-02-20 00:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-20 00:24 - 2014-02-20 00:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-20 00:24 - 2014-02-20 00:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2014-02-20 00:23 - 2014-02-20 00:23 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-19 23:45 - 2014-02-19 23:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-02-19 23:45 - 2014-02-19 23:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-02-19 23:16 - 2014-02-19 23:16 - 00106296 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-02-19 22:57 - 2014-02-19 22:57 - 02937432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-02-19 22:57 - 2014-02-19 22:57 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-02-19 22:57 - 2014-02-19 22:57 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-02-19 22:57 - 2014-02-19 22:57 - 00693385 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-19 22:57 - 2014-02-19 22:57 - 00125144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-02-19 22:55 - 2014-02-19 22:55 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-02-19 22:55 - 2014-02-19 22:55 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
 
==================== One Month Modified Files and Folders =======
 
2014-03-12 16:25 - 2014-03-02 16:12 - 00000000 ____D () C:\FRST
2014-03-12 16:23 - 2013-04-18 23:47 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Skype
2014-03-12 15:11 - 2008-01-20 20:35 - 01498291 _____ () C:\Windows\WindowsUpdate.log
2014-03-12 15:07 - 2006-11-02 05:33 - 00871564 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-12 15:00 - 2009-03-27 14:38 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Winamp
2014-03-12 14:58 - 2010-07-03 03:03 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 14:55 - 2006-11-02 08:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-12 14:55 - 2006-11-02 07:47 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-12 14:55 - 2006-11-02 07:47 - 00003840 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-12 14:54 - 2014-03-12 14:54 - 00001490 _____ () C:\Windows\PFRO.log
2014-03-12 14:51 - 2013-07-13 23:15 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-03-12 14:51 - 2006-11-02 08:01 - 00032656 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-12 14:49 - 2014-03-12 14:39 - 00000000 ____D () C:\AdwCleaner
2014-03-12 14:48 - 2008-09-19 23:05 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-12 14:09 - 2014-03-12 14:08 - 01949184 _____ () C:\Users\Stephanie\Desktop\AdwCleaner.exe
2014-03-11 22:04 - 2009-03-27 14:51 - 00146432 _____ () C:\Users\Stephanie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-11 21:35 - 2014-03-11 21:35 - 00000104 _____ () C:\Users\Public\Computer - Shortcut.lnk
2014-03-11 21:35 - 2006-11-02 06:18 - 00000000 ___RD () C:\Users\Public
2014-03-11 00:36 - 2013-01-17 23:20 - 00000000 ___HD () C:\Users\Stephanie\Desktop\DTA
2014-03-10 10:40 - 2008-05-21 09:16 - 00000000 ____D () C:\Users\Stephanie\AppData\Local\Adobe
2014-03-09 18:42 - 2010-07-03 03:03 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-09 18:23 - 2012-07-02 07:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 18:01 - 2010-09-25 22:22 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002UA.job
2014-03-09 11:00 - 2010-09-25 22:22 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3851041998-961747506-847393003-1002Core.job
2014-03-08 14:33 - 2013-07-27 11:00 - 43429888 _____ () C:\Windows\system32\config\COMPONENTS.iobit
2014-03-08 14:33 - 2013-07-27 11:00 - 110440448 _____ () C:\Windows\system32\config\SOFTWARE.iobit
2014-03-08 14:33 - 2013-07-27 11:00 - 04685824 _____ () C:\Windows\system32\config\DEFAULT.iobit
2014-03-08 14:33 - 2013-07-27 11:00 - 00061440 _____ () C:\Windows\system32\config\SAM.iobit
2014-03-08 14:33 - 2013-07-27 11:00 - 00032768 _____ () C:\Windows\system32\config\SECURITY.iobit
2014-03-08 14:33 - 2008-05-21 09:14 - 00000000 ____D () C:\Users\Stephanie
2014-03-08 13:49 - 2014-03-08 13:49 - 00040229 _____ () C:\ComboFix.txt
2014-03-08 13:49 - 2014-03-08 13:11 - 00000000 ____D () C:\ComboFix
2014-03-08 13:49 - 2012-09-04 19:25 - 00000000 ____D () C:\Qoobox
2014-03-08 13:49 - 2009-09-23 15:46 - 00000000 ____D () C:\Users\Stephanie\AppData\Local\Apps\2.0
2014-03-08 13:42 - 2006-11-02 05:23 - 00000215 _____ () C:\Windows\system.ini
2014-03-08 13:36 - 2006-11-02 07:47 - 04018688 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-08 13:29 - 2012-09-04 19:24 - 00000000 ____D () C:\Windows\erdnt
2014-03-08 13:03 - 2014-03-08 13:03 - 00000538 _____ () C:\Users\Stephanie\Desktop\ComboFix.exe - Shortcut.lnk
2014-03-07 13:07 - 2014-01-26 15:10 - 00000000 ____D () C:\Users\Stephanie\Desktop\Design basics class
2014-03-03 18:02 - 2014-03-03 17:35 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-03 18:02 - 2014-03-03 17:34 - 00000000 ____D () C:\Users\Stephanie\Desktop\mbar
2014-03-03 17:35 - 2014-03-03 17:35 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-03 17:34 - 2014-03-03 17:34 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 14:50 - 2013-07-23 08:02 - 00000000 ____D () C:\Users\Stephanie\Desktop\Taxes
2014-03-02 14:03 - 2014-03-02 14:03 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-02 14:03 - 2008-09-23 23:47 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-02 14:03 - 2008-05-21 09:16 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Adobe
2014-03-02 13:56 - 2014-02-02 18:40 - 00000000 ____D () C:\Users\Stephanie\Desktop\Drawing Class
2014-03-02 11:41 - 2014-03-02 11:09 - 00000000 ____D () C:\Users\Stephanie\Documents\TurboTax
2014-03-02 11:15 - 2014-03-02 11:03 - 00000451 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-03-02 11:07 - 2014-03-02 11:07 - 00000000 ____D () C:\Users\Stephanie\AppData\Local\IsolatedStorage
2014-03-02 11:07 - 2009-06-20 07:16 - 00124392 _____ () C:\Users\Stephanie\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-02 11:06 - 2006-11-02 06:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-02 11:04 - 2014-03-02 11:04 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Intuit
2014-03-02 11:01 - 2014-03-02 11:01 - 00001838 _____ () C:\Users\Public\Desktop\TurboTax 2012.lnk
2014-03-02 11:01 - 2014-03-02 10:58 - 00000000 ____D () C:\Program Files\Common Files\Intuit
2014-03-02 11:01 - 2014-03-02 10:57 - 00000000 ____D () C:\ProgramData\Intuit
2014-03-02 10:57 - 2014-03-02 10:57 - 00000000 ____D () C:\Program Files\TurboTax
2014-03-01 13:13 - 2013-07-18 16:57 - 00000000 ____D () C:\Users\Stephanie\Desktop\Hijack this!
2014-03-01 12:15 - 2008-10-25 14:45 - 00000000 ____D () C:\Windows\pss
2014-03-01 08:51 - 2014-02-25 17:03 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-02-27 21:22 - 2013-07-20 20:32 - 00000000 ____D () C:\Users\Stephanie\AppData\Roaming\IObit
2014-02-27 21:22 - 2013-07-20 20:32 - 00000000 ____D () C:\Program Files\IObit
2014-02-27 17:58 - 2014-02-27 17:58 - 00000202 _____ () C:\Users\Stephanie\Desktop\Saints Row IV.url
2014-02-27 10:04 - 2014-02-25 16:54 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-02-27 08:04 - 2013-11-17 11:32 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-02-27 07:16 - 2009-09-12 23:45 - 00008512 _____ () C:\Users\Stephanie\AppData\Local\d3d9caps.dat
2014-02-27 07:15 - 2009-05-16 06:04 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-02-25 16:53 - 2014-02-25 16:53 - 00000471 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-20 00:26 - 2014-02-20 00:26 - 12344320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-20 00:26 - 2014-02-20 00:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-20 00:26 - 2014-02-20 00:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-20 00:26 - 2014-02-20 00:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-20 00:26 - 2014-02-20 00:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-20 00:24 - 2014-02-20 00:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-02-20 00:24 - 2014-02-20 00:24 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-02-20 00:24 - 2014-02-20 00:24 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-02-20 00:24 - 2014-02-20 00:24 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-02-20 00:24 - 2014-02-20 00:24 - 00155648 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-02-20 00:24 - 2014-02-20 00:24 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-02-20 00:24 - 2014-02-20 00:24 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-02-20 00:24 - 2014-02-20 00:24 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-02-20 00:24 - 2014-02-20 00:24 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2014-02-20 00:24 - 2008-01-20 21:23 - 01304064 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2014-02-20 00:23 - 2014-02-20 00:23 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-02-20 00:21 - 2009-03-11 06:10 - 00000000 ____D () C:\Windows\Minidump
2014-02-19 23:46 - 2014-01-13 18:12 - 00001910 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-02-19 23:46 - 2014-01-13 18:12 - 00001908 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-02-19 23:46 - 2014-01-13 18:12 - 00001898 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-02-19 23:45 - 2014-02-19 23:45 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-02-19 23:45 - 2014-02-19 23:45 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-02-19 23:16 - 2014-02-19 23:16 - 00106296 _____ (JMicron Technology Corp.) C:\Windows\system32\Drivers\jraid.sys
2014-02-19 23:14 - 2008-09-19 22:43 - 00000000 ____D () C:\Windows\system32\RTCOM
2014-02-19 22:57 - 2014-02-19 22:57 - 02937432 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHDA.sys
2014-02-19 22:57 - 2014-02-19 22:57 - 02547928 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkPgExt.dll
2014-02-19 22:57 - 2014-02-19 22:57 - 01892056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSndMgr.cpl
2014-02-19 22:57 - 2014-02-19 22:57 - 00693385 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-02-19 22:57 - 2014-02-19 22:57 - 00125144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoInstII.dll
2014-02-19 22:57 - 2008-09-19 22:42 - 02329304 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO.dll
2014-02-19 22:56 - 2013-10-09 14:27 - 00332568 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp32.dll
2014-02-19 22:55 - 2014-02-19 22:55 - 01935104 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ.dll
2014-02-19 22:55 - 2014-02-19 22:55 - 00860416 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell.dll
2014-02-19 22:40 - 2013-10-09 12:59 - 00000976 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-02-14 20:32 - 2013-07-23 08:02 - 00000000 ____D () C:\Users\Stephanie\Desktop\Resume
2014-02-10 20:33 - 2012-11-26 23:19 - 00000000 ____D () C:\Users\Stephanie\Desktop\Psy475
 
Files to move or delete:
====================
C:\Users\Stephanie\R153049.exe
C:\Users\Stephanie\R153717.exe
C:\Users\Stephanie\R74855.EXE
 
 
Some content of TEMP:
====================
C:\Users\Stephanie\AppData\Local\temp\Quarantine.exe
C:\Users\Stephanie\AppData\Local\temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-12 15:15
 
==================== End Of Log ============================


#11 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:57 AM

Posted 14 March 2014 - 04:53 PM

How is the situation now? Are there still the same problems?

#12 JoeMn

JoeMn
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:09:57 PM

Posted 15 March 2014 - 09:53 PM

Yes, the same problems exist, the only time it has run well, without my having to disable things in task manager so far, was immediately after running combofix, because it seemed like it did not allow most of the things to start after it restarted and printed the log file.



#13 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:57 AM

Posted 16 March 2014 - 07:09 AM

Ok.


Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!

#14 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:57 AM

Posted 25 March 2014 - 01:30 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




4 user(s) are reading this topic

0 members, 4 guests, 0 anonymous users