Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

slow computer, affecting my mmorpg social life


  • This topic is locked This topic is locked
6 replies to this topic

#1 jacobg50

jacobg50

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:07 AM

Posted 03 March 2014 - 03:54 PM

 
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 9.0.8112.16533
Run by Jason at 14:38:27 on 2014-03-03
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.2047.389 [GMT -6:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\atieclxx.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Windows\system32\ANIWConnService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Motive\McciCMService.exe
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Jason\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
C:\Windows\system32\SearchProtocolHost.exe
c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
c:\Program Files\Microsoft Security Client\MpCmdRun.exe
C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.167.981.0.exe
C:\Windows\system32\MpSigStub.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
uSearchAssistant = hxxp://www.google.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files\microsoft\bingbar\7.3.124.0\BingExt.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
BHO: AccelerateTab: {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - c:\program files\secure speed dial\ie\SpeedDial.dll
BHO: ArcPluginIEBHO Class: {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - c:\program files\perfect world entertainment\arc\plugins\ArcPluginIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Privacy Safeguard BHO: {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - c:\program files\privacysafeguard\PrivacySafeGuard.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: Adblock: {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - c:\program files\secure speed dial\ie\adblock\ie\Adblock.dll
BHO: Yontoo Layers: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - c:\program files\yontoo layers client for internet explorer\YontooIEClient.dll
TB: QuickShare Widget: {ae07101b-46d4-4a98-af68-0333ea26e113} - 
TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - c:\program files\microsoft\bingbar\7.3.124.0\BingExt.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [AppsHat] c:\users\jason\appdata\local\webplayer\appshat\WebPlayer.exe
uRun: [FLV Player] c:\users\jason\appdata\local\webplayer\flv player\WebPlayer.exe
mRun: [Windows Defender] c:\program files\windows defender\MSASCui.exe -hide
mRun: [KBD] c:\hp\kbd\KbdStub.EXE
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [CanonMyPrinter] c:\program files\canon\myprinter\BJMyPrt.exe /logon
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [RtHDVCpl] RtHDVCpl.exe
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [ANIWZCS2Service] c:\program files\ani\aniwzcs2 service\WZCSLDR2.exe
mRun: [D-Link D-Link RangeBooster N DWA-140] c:\program files\d-link\dwa-140 revb\AirNCFG.exe
mRun: [DivXMediaServer] c:\program files\divx\divx media server\DivXMediaServer.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE -startup
mRunOnce: [Launcher] c:\windows\sminst\launcher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:2
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Add to Media Manager... - c:\program files\mp3 player utilities 5.01\mediamanager\grab.html
IE: AMV convert tool grab multimedia file - c:\program files\mp3 player utilities 5.01\amvconverter\grab.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
LSP: c:\windows\system32\wpclsp.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {BAD4FE2C-503B-45CC-88CD-4B0574057D11} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI_v415.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://clients.futuremark.com/calico/systeminfodeploy/FMSI.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.5.1.0.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{1D0F4C26-45C9-4677-A54D-8D2D696434CF} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{264B00FB-D7D1-4F4C-91FA-CAE776D90C21} : DHCPNameServer = 68.105.28.12 68.105.29.12 68.105.28.11
Notify: igfxcui - igfxdev.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.116\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\jason\appdata\roaming\mozilla\firefox\profiles\ihhqcyde.default\
FF - prefs.js: browser.search.defaulturl - 
FF - prefs.js: browser.search.selectedEngine - Web Search
FF - prefs.js: browser.startup.homepage - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=ac94cdeb-34da-48f1-aa87-376392f97f10&searchtype=hp&installDate=24/08/2013
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=ac94cdeb-34da-48f1-aa87-376392f97f10&searchtype=ds&installDate=24/08/2013&q=
FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\17.1.3\npsitesafety.dll
FF - plugin: c:\program files\common files\motive\npMotive.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.22.3\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
FF - plugin: c:\program files\perfect world entertainment\arc\plugins\npArcPluginFF.dll
FF - plugin: c:\programdata\happycloud\application\npHappyCloudPlugin.dll
FF - plugin: c:\programdata\nexonus\ngm\npNxGameUS.dll
FF - plugin: c:\users\jason\appdata\roaming\mozilla\firefox\profiles\ihhqcyde.default\extensions\{97a78363-b868-4b48-ac91-a783a31215af}\plugins\npMinibarPlugin.dll
FF - ExtSQL: 2014-01-31 08:19; adsremoval@adsremoval.net; c:\users\jason\appdata\roaming\mozilla\firefox\profiles\ihhqcyde.default\extensions\adsremoval@adsremoval.net
FF - ExtSQL: 2014-03-03 08:23; searchads@instair.net; c:\users\jason\appdata\roaming\mozilla\firefox\profiles\ihhqcyde.default\extensions\searchads@instair.net
FF - ExtSQL: !HIDDEN! 2013-06-27 03:23; lesstabs@lesstabs.com; c:\program files\mozilla firefox\extensions\lesstabs@lesstabs.com
.
---- FIREFOX POLICIES ----
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\drivers\anodlwf.sys [2012-7-10 12800]
R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20110131.001\IDSvix86.sys [2011-2-4 287792]
R1 iSafeNetFilter;iSafeNetFilter;c:\program files\isafe\iSafeNetFilter.sys [2013-12-26 54784]
R1 MpKsl917e1558;MpKsl917e1558;c:\programdata\microsoft\microsoft antimalware\definition updates\{01468d55-dcb3-42fe-8e6e-f21f3d358b95}\MpKsl917e1558.sys [2014-3-3 39464]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-3-10 219136]
R2 ANIWConnService;ANIWConn Service;c:\windows\system32\ANIWConnService.exe [2012-7-10 151552]
R2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2013-4-22 822504]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-7-20 21504]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-7-21 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-7-21 701512]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-9-27 104768]
R2 RtkAudioService;Realtek Audio Service;c:\program files\realtek\audio\hda\RtkAudioService.exe [2013-10-18 203848]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2013-6-26 523944]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2014\TuneUpUtilitiesService32.exe [2013-8-29 1740600]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
R3 iSafeKrnl;iSafeKrnl;c:\program files\isafe\iSafeKrnl.sys [2013-12-26 192000]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-7-21 22856]
R3 netr28u;D-Link dnetr28u USB Extensible Wireless LAN Card Driver;c:\windows\system32\drivers\Dnetr28u.sys [2012-7-10 735232]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2013-6-26 583848]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2013-6-26 197800]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2013-6-26 24232]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2013-6-26 20136]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2013-6-26 207528]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2014\TuneUpUtilitiesDriver32.sys [2013-8-21 12320]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 iSafeService;iSafeService;c:\program files\isafe\iSafeSvc.exe [2013-12-26 491688]
S2 SecureUpdateSvc;SecureUpdate;c:\program files\secure speed dial\ie\SecureUpdate.exe [2013-9-22 2473296]
S3 ArcService;Arc Service;c:\program files\perfect world entertainment\arc\ArcService.exe [2014-1-24 88400]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files\futuremark\futuremark systeminfo\FMSISvc.exe [2013-6-9 137488]
S3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2008-7-20 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2008-7-20 251904]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-9-11 770168]
SUnknown MpKsld8bd88b7;MpKsld8bd88b7; [x]
.
=============== Created Last 30 ================
.
2014-03-03 20:36:01 7947048 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{c28c8e1f-7421-4ae1-b730-f999902b757c}\mpengine.dll
2014-03-03 20:24:07 39464 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{01468d55-dcb3-42fe-8e6e-f21f3d358b95}\MpKsl917e1558.sys
2014-03-03 20:23:00 62576 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{01468d55-dcb3-42fe-8e6e-f21f3d358b95}\offreg.dll
2014-03-02 09:10:30 7947048 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{01468d55-dcb3-42fe-8e6e-f21f3d358b95}\mpengine.dll
2014-03-01 19:36:38 7947048 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-02-27 19:38:12 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{1bdcbeb8-950f-4cce-83d3-3e743d33c495}\gapaengine.dll
2014-02-25 09:11:22 -------- d-----w- c:\windows\Migration
2014-02-17 04:15:59 -------- d-----w- c:\users\jason\appdata\local\SKIDROW
2014-02-17 03:58:53 -------- d-----w- c:\program files\2K Games
2014-02-16 17:46:57 15584 ----a-w- c:\users\jason\appdata\roaming\microsoft\identitycrl\production\ppcrlconfig.dll
2014-02-16 17:44:18 -------- d-----w- c:\windows\system32\xlive
2014-02-16 17:44:17 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE
2014-02-16 17:43:48 -------- d-----w- c:\program files\NVIDIA Corporation
2014-02-16 13:18:14 -------- d-----w- c:\users\jason\appdata\local\The Witcher
2014-02-12 09:01:02 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2014-02-12 09:01:01 768512 ----a-w- c:\program files\common files\microsoft shared\vgx\VGX.dll
2014-02-12 09:01:01 421376 ----a-w- c:\windows\system32\vbscript.dll
2014-02-12 09:01:01 149744 ----a-w- c:\program files\internet explorer\sqmapi.dll
2014-02-12 09:01:00 194560 ----a-w- c:\program files\internet explorer\IEShims.dll
2014-02-12 07:37:52 1248768 ----a-w- c:\windows\system32\msxml3.dll
2014-02-03 00:38:52 -------- d-----w- c:\users\jason\appdata\local\Skyrim
2014-02-03 00:02:07 -------- d-----w- c:\program files\The Elder Scrolls V Skyrim
2014-02-02 23:59:45 -------- d-----w- c:\users\jason\appdata\roaming\PowerISO
2014-02-02 21:54:51 -------- d-----w- c:\windows\system32\URTTEMP
2014-02-02 21:53:54 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys
2014-02-02 21:53:53 22328 ----a-w- c:\users\jason\appdata\roaming\PnkBstrK.sys
2014-02-02 21:53:41 103736 ----a-w- c:\windows\system32\PnkBstrB.exe
2014-02-02 21:53:38 66872 ----a-w- c:\windows\system32\PnkBstrA.exe
2014-02-02 21:53:33 669184 ----a-w- c:\windows\system32\pbsvc.exe
2014-02-02 20:58:35 -------- d-----w- c:\program files\Amnesia - The Dark Descent
2014-02-02 20:05:42 -------- d-----w- c:\program files\Steam
2014-02-02 15:47:29 36664 ----a-w- c:\windows\system32\TURegOpt.exe
2014-02-02 15:47:29 25400 ----a-w- c:\windows\system32\authuitu.dll
2014-02-02 15:47:05 -------- d-----w- c:\users\jason\appdata\roaming\TuneUp Software
2014-02-02 15:45:48 -------- d-----w- c:\program files\TuneUp Utilities 2014
2014-02-02 15:42:53 -------- d-----w- c:\programdata\TuneUp Software
2014-02-02 15:42:27 -------- d-sh--w- c:\programdata\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-02 01:40:59 -------- d-----w- c:\program files\Frictional Games
2014-02-01 22:30:07 -------- d-----w- c:\program files\PowerISO
.
==================== Find3M  ====================
.
2014-02-05 08:56:17 1806848 ----a-w- c:\windows\system32\jscript9.dll
2014-02-05 08:50:39 1129472 ----a-w- c:\windows\system32\wininet.dll
2014-02-05 08:49:56 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2014-02-05 08:48:40 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe
2013-12-27 02:45:18 0 ----a-w- C:\LIL125F.tmp
2013-12-27 02:45:17 0 ----a-w- C:\LIL11A4.tmp
2013-12-27 02:45:17 0 ----a-w- C:\LIL1195.tmp
2013-12-16 12:56:22 114408 ----a-w- c:\windows\system32\drivers\scdemu.sys
.
============= FINISH: 14:46:02.84 ===============
 


BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 04 March 2014 - 05:27 AM

Hi,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 jacobg50

jacobg50
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:07 AM

Posted 04 March 2014 - 05:39 PM

hey, thank you so much for responding here are the logs you requested

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-03-2014 02
Ran by Jason (administrator) on GODWINPC on 04-03-2014 16:13:21
Running from C:\Users\Jason\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
() C:\Windows\system32\ANIWConnService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
() C:\Windows\system32\PnkBstrA.exe
(Quiknowledge) C:\Program Files\Quiknowledge\Service\qksvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Symantec Corporation) c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
(Hewlett-Packard) c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Wireless Service) C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
(D-Link Corp.) C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
() C:\Users\Jason\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
(Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe
() C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [KBD] - C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [OsdMaestro] - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784 2007-02-15] (OsdMaestro)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1197648 2006-10-16] (CANON INC.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2008-06-02] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [ANIWZCS2Service] - C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service)
HKLM\...\Run: [D-Link D-Link RangeBooster N DWA-140] - C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [PWRISOVM.EXE] - C:\Program Files\PowerISO\PWRISOVM.EXE [337432 2013-12-16] (Power Software Ltd)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [3643224 2014-01-23] ()
HKLM\...\RunOnce: [Launcher] - %WINDIR%\SMINST\launcher.exe [44168 2007-10-09] (soft thinks)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\Run: [AppsHat] - C:\Users\Jason\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [202752 2012-10-26] ()
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\Run: [SpybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\Run: [Advanced SystemCare 7] - C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe [2288928 2014-02-11] (IObit)
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\MountPoints2: F - F:\Setup.exe
AppInit_DLLs: c:\progra~1\optimi~1\optpro~1.dll => C:\Program Files\Optimizer Pro\OptProCrash.dll [2961368 2014-03-04] ()
Startup: C:\Users\Kara\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (No File)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Quiknowledge - {323C6E6D-1621-470F-8A52-4FDEC4E75E40} - C:\Program Files\Quiknowledge\IE\QuiknowledgeClientIE.dll (Quiknowledge)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: AccelerateTab - {48A789BF-F6D6-4930-9C8B-77855A63EDE1} - C:\Program Files\Secure Speed Dial\IE\SpeedDial.dll (Secure Speed Dial)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Privacy Safeguard BHO - {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll (PrivacySafeguard)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files\Mysearchdial\1.8.29.0\bh\mysearchdial.dll (MySearchDial)
BHO: Adblock - {EF5F59BA-B2AB-48D8-9747-54DF806C73B8} - C:\Program Files\Secure Speed Dial\IE\ADBlock\IE\Adblock.dll (Adblock)
BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files\Yontoo Layers Client for Internet Explorer\YontooIEClient.dll (Yontoo Technology, Inc.)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll (MySearchDial)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://clients.futuremark.com/calico/systeminfodeploy/FMSI.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default
FF user.js: detected! => C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\user.js
FF NewTab: hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=ac94cdeb-34da-48f1-aa87-376392f97f10&searchtype=nt&installDate=24/08/2013
FF Homepage: hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=ac94cdeb-34da-48f1-aa87-376392f97f10&searchtype=hp&installDate=24/08/2013
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @bittorrent.com/BitTorrentDNA - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin: @mywebsearch.com/Plugin - C:\Program Files\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
FF Plugin: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files\Perfect World Entertainment\Arc\plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\searchplugins\Web Search.xml
FF Extension: Ads Removal - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\adsremoval@adsremoval.net [2014-01-28]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\ascsurfingprotection@iobit.com [2014-03-03]
FF Extension: mysearchdial.com - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\ffxtlbr@mysearchdial.com [2014-03-04]
FF Extension: saverroNe - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\oyy6fsv@zjsavtrb.co.uk [2013-12-24]
FF Extension: saVEErannet - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\s.yzecd@vzkwuqrhfb.net [2013-12-24]
FF Extension: AD Block - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\searchads@instair.net [2014-03-04]
FF Extension: AccelerateTab - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\speeddial@instair.net [2014-03-04]
FF Extension: No Name - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\staged [2014-01-01]
FF Extension: AppsHat - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF} [2013-08-24]
FF Extension: QuickShare Widget - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\{ac94cdeb-34da-48f1-aa87-376392f97f10} [2014-01-01]
FF Extension: MySearchDial NewTab - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-03-04]
FF Extension: SelectionLinks - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\{F0D5CCC1-E09B-4F89-BCAC-0EFAECB7B876} [2013-06-27]
FF Extension: SweetPacks Toolbar for Firefox - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi [2013-06-27]
FF Extension: Quiknowledge - C:\Program Files\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com [2014-03-04]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files\MyWebSearch\bar\1.bin
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-22]
FF HKLM\...\Firefox\Extensions: [lesstabs@lesstabs.com] - C:\Program Files\Mozilla Firefox\extensions\lesstabs@lesstabs.com
FF HKLM\...\Firefox\Extensions: [quiknowledge@quiknowledge.com] - C:\Program Files\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com
FF Extension: Quiknowledge - C:\Program Files\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com [2014-03-04]
FF HKCU\...\Firefox\Extensions: [Lyrics@LyricsContainer.co] - C:\Program Files\LyricsContainer\122.xpi
 
Chrome: 
=======
CHR HomePage: hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtBtC0Ezz0CyByC0A0DyByE0F0C0BtCtN0D0Tzu0SyBzytAtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StCyE0DtCtD0FyBtBtGzzyByEtDtGyEtBtD0AtGtAyC0B0EtGyCyDyDyEyC0A0DyBtAzytDtA2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0ByD0FtDyDtByBtGtAzyyB0EtGyC0FyD0EtG0E0DtCyCtGyD0DyEtCyDzy0B0CyB0C0FtD2Q&cr=713666436&ir=
CHR RestoreOnStartup: "hxxp://www.bing.com/"
CHR DefaultSearchKeyword: feed.snap.do
CHR DefaultSearchProvider: Web
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
CHR Plugin: (Motive Plugin) - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
CHR Plugin: (DNA Plug-in) - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-17]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-03-03]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-17]
CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-17]
CHR Extension: (Privacy SafeGuard) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\geggofhlfbcmanadhknllmlajiafopoh [2013-03-17]
CHR Extension: (Ads Removal) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod [2014-01-28]
CHR Extension: (Crackle) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2013-05-24]
CHR Extension: (AccelerateTab) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjafhkemfjfgdmjcmhofijphjmaanak [2014-03-04]
CHR Extension: (AD Block) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgjbmhakaffflkjecineeaadpidgikb [2014-01-31]
CHR Extension: (AppsHat) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo [2013-08-24]
CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-17]
CHR Extension: (saverroNe) - C:\ProgramData\blhdjphpjgjchbhoiecdhiklkgbfjafk [2013-12-21]
CHR HKLM\...\Chrome\Extension: [abfmigjiaapipflmopkaaooigcjjdojh] - C:\Program Files\LyricsContainer\122.crx [2013-12-21]
CHR HKLM\...\Chrome\Extension: [bdnjfpeiaepdmccjbiajihmpdonmiipi] - C:\Program Files\OApps\chrome-sl.crx [2013-06-27]
CHR HKLM\...\Chrome\Extension: [cekmkdkefndbeciggfanobcemjnppbbb] - C:\Program Files\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnppbbb.crx [2013-06-27]
CHR HKLM\...\Chrome\Extension: [geggofhlfbcmanadhknllmlajiafopoh] - C:\Program Files\PrivacySafeGuard\pschrome_bunndle-cb_1_1.crx [2012-11-11]
CHR HKLM\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx [2012-11-22]
CHR HKLM\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx [2013-09-19]
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Jason\AppData\Local\Wajam\Chrome\wajam.crx [2013-09-19]
CHR HKLM\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx [2013-04-26]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\System32\jmdp\SweetNT.crx [2011-12-12]
CHR HKLM\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 ANIWConnService; C:\Windows\system32\ANIWConnService.exe [151552 2009-07-07] ()
S3 ArcService; C:\Program Files\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 Automatic LiveUpdate Scheduler; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [243064 2007-08-31] (Symantec Corporation)
R2 ca82e1a5; C:\Program Files\Optimizer Pro\OptProCrashSvc.dll [186496 2014-03-04] ()
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [137488 2012-12-17] (Futuremark Corporation)
R2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard)
S2 iSafeService; C:\Program Files\iSafe\iSafeSvc.exe [491688 2013-12-27] (Elex do Brasil Participações Ltda)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [651232 2014-01-23] ()
S3 LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3192184 2007-08-23] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2014-02-02] ()
R2 qksvc; C:\Program Files\Quiknowledge\Service\qksvc.exe [273000 2014-02-05] (Quiknowledge)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [203848 2013-10-18] (Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 SecureUpdateSvc; C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe [2503504 2014-03-04] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1740600 2013-08-29] (TuneUp Software)
 
==================== Drivers (Whitelisted) ====================
 
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwf.sys [12800 2009-03-06] ()
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-10-05] (BVRP Software)
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20110131.001\IDSvix86.sys [287792 2010-09-15] (Symantec Corporation)
R3 iSafeKrnl; C:\Program Files\iSafe\iSafeKrnl.sys [192000 2013-12-27] (Elex do Brasil Participações Ltda)
R1 iSafeNetFilter; C:\Program Files\iSafe\iSafeNetFilter.sys [54784 2013-12-27] (Elex do Brasil Participações Ltda)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
R1 MpKsl9ae2d969; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{124948EF-89D3-400F-8673-8276D33AF886}\MpKsl9ae2d969.sys [39464 2014-03-04] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-11-08] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-11-08] (Printing Communications Assoc., Inc. (PCAUSA))
R3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [735232 2009-08-03] (Ralink Technology Corp.)
S3 PcdrNdisuio; C:\Windows\System32\DRIVERS\pcdrndisuio.sys [20480 2007-12-17] (Windows ® 2000 DDK provider)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2006-05-23] (Padus, Inc.)
R1 qknfd; C:\Windows\System32\drivers\qknfd.sys [52752 2014-02-05] (Quiknowledge)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2013-12-16] (Power Software Ltd)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [340624 2013-07-17] (BitDefender S.R.L.)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-08-21] (TuneUp Software)
S3 ATMFBUS; system32\DRIVERS\ATMFBUS.sys [X]
S3 ATMFCVsp; system32\DRIVERS\ATMFCVsp.sys [X]
S3 ATMFFLT; system32\DRIVERS\ATMFFLT.sys [X]
S3 ATMFMdm; system32\DRIVERS\ATMFMdm.sys [X]
S3 ATMFNET; system32\DRIVERS\ATMFNET.sys [X]
S3 ATMFNVsp; system32\DRIVERS\ATMFNVsp.sys [X]
S3 ATMFVsp; system32\DRIVERS\ATMFVsp.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 jbeuclo; System32\drivers\akgmo.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-04 16:13 - 2014-03-04 16:14 - 00034777 _____ () C:\Users\Jason\Downloads\FRST.txt
2014-03-04 16:13 - 2014-03-04 16:13 - 00000000 ____D () C:\FRST
2014-03-04 15:11 - 2014-03-04 15:11 - 01145344 _____ (Farbar) C:\Users\Jason\Downloads\FRST.exe
2014-03-04 14:43 - 2014-03-04 15:53 - 00001934 _____ () C:\Windows\PFRO.log
2014-03-04 14:29 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\Documents\Thief
2014-03-04 14:29 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Launcher
2014-03-04 14:24 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Updater
2014-03-04 14:20 - 2014-03-04 14:20 - 00001481 _____ () C:\Users\Public\Desktop\Thief.lnk
2014-03-04 13:33 - 2014-03-04 13:33 - 00000000 ____D () C:\Games
2014-03-04 13:22 - 2014-03-04 13:22 - 00000000 ____D () C:\Users\Jason\AppData\Local\Setup Integrity Check
2014-03-04 12:49 - 2014-03-04 12:49 - 00000000 ____D () C:\Users\Jason\AppData\Local\Mysearchdial
2014-03-04 12:48 - 2014-03-04 12:48 - 00606136 _____ ( ) C:\Users\Jason\Downloads\CR_Downloader_for_naruto-shippuden---ultimate-ninja-4.exe
2014-03-04 12:48 - 2014-03-04 12:48 - 00001116 _____ () C:\Users\Jason\Desktop\Continue Naruto Shippuden - Ultimate Ninja 4 Installation.lnk
2014-03-04 00:11 - 2014-03-04 00:12 - 10031422 _____ () C:\Users\Jason\Downloads\Playstation-2-Bios-Pack.7z
2014-03-04 00:08 - 2014-03-04 00:08 - 00000000 ____D () C:\Users\Jason\Documents\Optimizer Pro
2014-03-04 00:08 - 2014-03-04 00:08 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Optimizer Pro
2014-03-04 00:05 - 2014-03-04 00:05 - 00000000 ____D () C:\Users\Jason\Documents\PCSX2
2014-03-04 00:03 - 2014-03-04 15:51 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-03-04 00:03 - 2014-03-04 12:49 - 00000090 _____ () C:\Users\Jason\AppData\Roaming\WB.CFG
2014-03-04 00:02 - 2014-03-04 00:03 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\mysearchdial
2014-03-04 00:02 - 2014-03-04 00:02 - 00000861 _____ () C:\Users\Jason\Desktop\Optimizer Pro.lnk
2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\Program Files\Quiknowledge
2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\Program Files\Mysearchdial
2014-03-04 00:00 - 2014-03-04 09:08 - 00000000 ____D () C:\Users\Jason\Desktop\ps2 games
2014-03-04 00:00 - 2014-03-04 00:00 - 00606136 _____ ( ) C:\Users\Jason\Downloads\CR_Downloader_for_kingdom-hearts---re-chain-of-memories.exe
2014-03-03 23:56 - 2014-03-03 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-03 23:55 - 2014-03-03 23:58 - 00000000 ____D () C:\Program Files\PCSX2 1.2.1
2014-03-03 23:55 - 2014-03-03 23:55 - 00001772 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2014-03-03 23:52 - 2014-03-03 23:54 - 15127264 _____ () C:\Users\Jason\Downloads\pcsx2-1.2.1-r5875-setup.exe
2014-03-03 23:21 - 2014-03-04 13:16 - 00000000 ____D () C:\Users\Jason\Desktop\Thief.2014.Multi8-RU.Repack.by.z10yded
2014-03-03 17:07 - 2014-03-03 17:07 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-03-03 16:07 - 2014-03-03 20:43 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-03 16:07 - 2014-03-03 16:07 - 00001023 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-03-03 16:07 - 2014-03-03 16:07 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-03-03 16:06 - 2014-03-03 17:50 - 00001988 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-03 15:41 - 2014-03-03 15:41 - 00109890 _____ () C:\Users\Jason\Documents\cc_20140303_154115.reg
2014-03-03 15:39 - 2014-03-03 15:39 - 00001057 _____ () C:\Users\Jason\Desktop\Spybot - Search & Destroy.lnk
2014-03-03 15:39 - 2014-03-03 15:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-03-03 15:37 - 2014-03-03 15:38 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jason\Downloads\spybotsd162.exe
2014-03-03 15:36 - 2014-03-03 15:36 - 00000806 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 15:36 - 2014-03-03 15:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 15:33 - 2014-03-03 15:33 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Lavasoft
2014-03-03 15:32 - 2014-03-03 15:32 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\LavasoftStatistics
2014-03-03 15:00 - 2014-03-03 15:00 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-03 14:48 - 2014-03-03 14:48 - 00008726 _____ () C:\Users\Jason\Documents\Attachzip.txt
2014-03-03 14:47 - 2014-03-03 14:46 - 00021735 _____ () C:\Users\Jason\Desktop\dds.txt
2014-03-03 14:40 - 2014-03-03 15:34 - 00000000 ____D () C:\Users\Jason\Desktop\antivirus
2014-03-03 14:39 - 2014-03-03 14:42 - 00000000 ____D () C:\Users\Jason\Desktop\Unused
2014-03-03 14:37 - 2014-03-03 14:37 - 00000000 _____ () C:\Users\Jason\defogger_reenable
2014-03-02 16:34 - 2014-02-16 21:56 - 3370956800 ____R () C:\Users\Public\sr-borderlands2.iso
2014-02-17 13:11 - 2014-02-17 13:11 - 00002010 _____ () C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2014-02-17 02:53 - 2014-02-17 02:57 - 2281804096 _____ () C:\Users\Jason\Downloads\Fable - The Lost Chapters.daa
2014-02-17 01:34 - 2014-02-17 02:35 - 2281225788 ____R () C:\Users\Jason\Downloads\Fable - The Lost Chapters.rar
2014-02-16 22:15 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\SKIDROW
2014-02-16 22:11 - 2014-02-16 22:11 - 00002121 _____ () C:\Users\Public\Desktop\Borderlands 2.lnk
2014-02-16 21:58 - 2014-02-16 21:58 - 00000000 ____D () C:\Program Files\2K Games
2014-02-16 20:37 - 2014-02-16 20:37 - 00001860 _____ () C:\Users\Public\Desktop\Arc.lnk
2014-02-16 18:17 - 2014-02-16 18:17 - 00000000 ____D () C:\Users\Jason\Documents\Games for Windows - LIVE Demos
2014-02-16 11:44 - 2014-02-16 11:44 - 00000000 ____D () C:\Windows\system32\xlive
2014-02-16 11:44 - 2014-02-16 11:44 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE
2014-02-16 11:43 - 2014-02-16 11:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-16 07:18 - 2014-02-16 07:18 - 00000000 ____D () C:\Users\Jason\Documents\The Witcher
2014-02-16 07:18 - 2014-02-16 07:18 - 00000000 ____D () C:\Users\Jason\AppData\Local\The Witcher
2014-02-16 07:16 - 2014-02-16 07:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-02-15 23:58 - 2014-02-17 02:52 - 00000000 ____D () C:\Users\Jason\Downloads\aop tweak  maximum edition
2014-02-15 19:41 - 2014-02-15 19:41 - 01018740 _____ () C:\Users\Jason\Downloads\aop tweak  maximum edition.zip
2014-02-12 03:01 - 2014-02-05 02:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 03:01 - 2014-02-05 02:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 03:01 - 2014-02-05 02:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-12 03:00 - 2014-02-05 02:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 03:00 - 2014-02-05 02:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 03:00 - 2014-02-05 02:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 03:00 - 2014-02-05 02:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 03:00 - 2014-02-05 02:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 03:00 - 2014-02-05 02:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 03:00 - 2014-02-05 02:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-12 03:00 - 2014-02-05 02:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 03:00 - 2014-02-05 02:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-12 03:00 - 2014-02-05 02:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 03:00 - 2014-02-05 02:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 03:00 - 2014-02-05 02:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 03:00 - 2014-02-05 02:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 01:37 - 2013-12-04 20:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-05 17:13 - 2014-02-05 17:13 - 00052752 _____ (Quiknowledge) C:\Windows\system32\Drivers\qknfd.sys
2014-02-02 18:38 - 2014-02-02 18:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Skyrim
2014-02-02 17:59 - 2014-02-02 17:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\PowerISO
2014-02-02 17:12 - 2014-02-02 17:21 - 00000000 ____D () C:\Users\Jason\Downloads\rzr-skrm
2014-02-02 15:57 - 2014-02-17 13:14 - 00000000 ____D () C:\Users\Jason\Documents\My Games
2014-02-02 15:57 - 2014-02-02 15:57 - 00000000 __RHD () C:\Users\Jason\AppData\Roaming\SecuROM
2014-02-02 15:56 - 2014-02-02 15:56 - 00000000 ____D () C:\Program Files\GameSpy
2014-02-02 15:53 - 2014-02-02 15:53 - 00669184 _____ () C:\Windows\system32\pbsvc.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00103736 _____ () C:\Windows\system32\PnkBstrB.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00022328 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-02-02 15:53 - 2014-02-02 15:53 - 00022328 _____ () C:\Users\Jason\AppData\Roaming\PnkBstrK.sys
2014-02-02 15:07 - 2014-02-02 15:07 - 00001959 _____ () C:\Users\Jason\Desktop\Amnesia.lnk
2014-02-02 14:58 - 2014-02-02 15:07 - 00000000 ____D () C:\Program Files\Amnesia - The Dark Descent
2014-02-02 14:05 - 2014-03-04 13:30 - 00000000 ____D () C:\Program Files\Steam
2014-02-02 14:05 - 2014-02-02 14:05 - 00000762 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-02 10:49 - 2014-02-02 10:49 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\rkill.exe
2014-02-02 10:32 - 2014-02-02 10:33 - 00000000 ____D () C:\Users\Public\New folder
2014-02-02 09:47 - 2014-02-02 09:47 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\TuneUp Software
2014-02-02 09:47 - 2013-08-29 12:07 - 00036664 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-02-02 09:47 - 2013-08-29 12:07 - 00025400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-02-02 09:45 - 2014-02-02 09:47 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-02-02 09:42 - 2014-02-02 10:12 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-02 09:42 - 2014-02-02 10:01 - 00000000 ____D () C:\ProgramData\TuneUp Software
 
==================== One Month Modified Files and Folders =======
 
2014-03-04 16:14 - 2014-03-04 16:13 - 00034777 _____ () C:\Users\Jason\Downloads\FRST.txt
2014-03-04 16:13 - 2014-03-04 16:13 - 00000000 ____D () C:\FRST
2014-03-04 16:12 - 2009-06-22 12:51 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7037237A-4069-43B3-99B6-4EB160E0E68E}.job
2014-03-04 16:10 - 2008-01-13 14:15 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{59C5B9C3-1FB5-4202-A306-CBCA54A62EBA}.job
2014-03-04 16:02 - 2013-09-22 20:52 - 00000000 ____D () C:\Program Files\Secure Speed Dial
2014-03-04 16:02 - 2007-11-19 14:42 - 01828174 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 16:01 - 2013-02-18 14:12 - 00003284 _____ () C:\Users\Jason\AppData\Roaming\ANIWZCS{264B00FB-D7D1-4F4C-91FA-CAE776D90C21}
2014-03-04 16:01 - 2012-07-10 14:51 - 00003284 _____ () C:\Windows\system32\ANIWZCS{264B00FB-D7D1-4F4C-91FA-CAE776D90C21}
2014-03-04 16:01 - 2010-07-25 21:20 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 16:01 - 2007-11-15 07:55 - 00000000 ____D () C:\Windows\SMINST
2014-03-04 15:55 - 2006-11-02 06:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-04 15:55 - 2006-11-02 06:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 15:53 - 2014-03-04 14:43 - 00001934 _____ () C:\Windows\PFRO.log
2014-03-04 15:53 - 2013-12-26 20:48 - 00000000 ____D () C:\Program Files\iSafe
2014-03-04 15:53 - 2006-11-02 07:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-04 15:52 - 2006-11-02 07:01 - 00032578 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-04 15:51 - 2014-03-04 00:03 - 00000292 _____ () C:\Windows\Tasks\MySearchDial.job
2014-03-04 15:32 - 2010-07-25 21:20 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-04 15:11 - 2014-03-04 15:11 - 01145344 _____ (Farbar) C:\Users\Jason\Downloads\FRST.exe
2014-03-04 14:40 - 2014-01-19 18:23 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\uTorrent
2014-03-04 14:29 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\Documents\Thief
2014-03-04 14:29 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Launcher
2014-03-04 14:29 - 2014-03-04 14:24 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Updater
2014-03-04 14:29 - 2014-02-16 22:15 - 00000000 ____D () C:\Users\Jason\AppData\Local\SKIDROW
2014-03-04 14:20 - 2014-03-04 14:20 - 00001481 _____ () C:\Users\Public\Desktop\Thief.lnk
2014-03-04 13:35 - 2013-11-30 22:51 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-03-04 13:33 - 2014-03-04 13:33 - 00000000 ____D () C:\Games
2014-03-04 13:30 - 2014-02-02 14:05 - 00000000 ____D () C:\Program Files\Steam
2014-03-04 13:22 - 2014-03-04 13:22 - 00000000 ____D () C:\Users\Jason\AppData\Local\Setup Integrity Check
2014-03-04 13:16 - 2014-03-03 23:21 - 00000000 ____D () C:\Users\Jason\Desktop\Thief.2014.Multi8-RU.Repack.by.z10yded
2014-03-04 12:49 - 2014-03-04 12:49 - 00000000 ____D () C:\Users\Jason\AppData\Local\Mysearchdial
2014-03-04 12:49 - 2014-03-04 00:03 - 00000090 _____ () C:\Users\Jason\AppData\Roaming\WB.CFG
2014-03-04 12:48 - 2014-03-04 12:48 - 00606136 _____ ( ) C:\Users\Jason\Downloads\CR_Downloader_for_naruto-shippuden---ultimate-ninja-4.exe
2014-03-04 12:48 - 2014-03-04 12:48 - 00001116 _____ () C:\Users\Jason\Desktop\Continue Naruto Shippuden - Ultimate Ninja 4 Installation.lnk
2014-03-04 11:42 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\tracing
2014-03-04 09:08 - 2014-03-04 00:00 - 00000000 ____D () C:\Users\Jason\Desktop\ps2 games
2014-03-04 00:12 - 2014-03-04 00:11 - 10031422 _____ () C:\Users\Jason\Downloads\Playstation-2-Bios-Pack.7z
2014-03-04 00:08 - 2014-03-04 00:08 - 00000000 ____D () C:\Users\Jason\Documents\Optimizer Pro
2014-03-04 00:08 - 2014-03-04 00:08 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Optimizer Pro
2014-03-04 00:05 - 2014-03-04 00:05 - 00000000 ____D () C:\Users\Jason\Documents\PCSX2
2014-03-04 00:03 - 2014-03-04 00:02 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\mysearchdial
2014-03-04 00:02 - 2014-03-04 00:02 - 00000861 _____ () C:\Users\Jason\Desktop\Optimizer Pro.lnk
2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\Program Files\Quiknowledge
2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-03-04 00:02 - 2014-03-04 00:02 - 00000000 ____D () C:\Program Files\Mysearchdial
2014-03-04 00:00 - 2014-03-04 00:00 - 00606136 _____ ( ) C:\Users\Jason\Downloads\CR_Downloader_for_kingdom-hearts---re-chain-of-memories.exe
2014-03-03 23:58 - 2014-03-03 23:55 - 00000000 ____D () C:\Program Files\PCSX2 1.2.1
2014-03-03 23:58 - 2011-10-30 19:58 - 00000000 ____D () C:\Windows\system32\directx
2014-03-03 23:57 - 2011-10-30 19:58 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-03-03 23:56 - 2014-03-03 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-03 23:55 - 2014-03-03 23:55 - 00001772 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2014-03-03 23:54 - 2014-03-03 23:52 - 15127264 _____ () C:\Users\Jason\Downloads\pcsx2-1.2.1-r5875-setup.exe
2014-03-03 23:46 - 2011-08-20 22:38 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-03-03 20:43 - 2014-03-03 16:07 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-03 20:43 - 2013-08-24 12:51 - 00000000 ____D () C:\Users\Jason\AppData\Local\WebPlayer
2014-03-03 18:00 - 2010-07-05 20:23 - 00000444 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2014-03-03 17:56 - 2008-01-27 15:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-03 17:50 - 2014-03-03 16:06 - 00001988 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-03 17:07 - 2014-03-03 17:07 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-03-03 16:47 - 2013-06-27 02:24 - 00000000 ____D () C:\Windows\system32\jmdp
2014-03-03 16:47 - 2007-11-15 06:31 - 00000000 ____D () C:\Windows\Panther
2014-03-03 16:22 - 2013-09-02 00:46 - 58490880 _____ () C:\Windows\system32\config\software.iobit
2014-03-03 16:22 - 2013-09-02 00:46 - 45813760 _____ () C:\Windows\system32\config\components.iobit
2014-03-03 16:22 - 2013-09-02 00:46 - 00393216 _____ () C:\Windows\system32\config\default.iobit
2014-03-03 16:22 - 2013-09-02 00:46 - 00131072 _____ () C:\Windows\system32\config\sam.iobit
2014-03-03 16:22 - 2013-02-18 14:11 - 00000000 ____D () C:\Users\Jason
2014-03-03 16:21 - 2013-09-02 00:46 - 00028672 _____ () C:\Windows\system32\config\security.iobit
2014-03-03 16:07 - 2014-03-03 16:07 - 00001023 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-03-03 16:07 - 2014-03-03 16:07 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-03-03 16:07 - 2011-06-30 16:20 - 00000000 ____D () C:\ProgramData\IObit
2014-03-03 16:07 - 2011-06-30 16:18 - 00000000 ____D () C:\Program Files\IObit
2014-03-03 16:04 - 2013-02-18 14:11 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\IObit
2014-03-03 15:44 - 2008-01-27 20:33 - 00000000 ____D () C:\Program Files\Canon
2014-03-03 15:44 - 2007-11-15 07:12 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-03 15:42 - 2010-12-18 07:20 - 00000000 ___HD () C:\Program Files\Tnakfrhefzmwr
2014-03-03 15:41 - 2014-03-03 15:41 - 00109890 _____ () C:\Users\Jason\Documents\cc_20140303_154115.reg
2014-03-03 15:39 - 2014-03-03 15:39 - 00001057 _____ () C:\Users\Jason\Desktop\Spybot - Search & Destroy.lnk
2014-03-03 15:39 - 2014-03-03 15:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-03-03 15:38 - 2014-03-03 15:37 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jason\Downloads\spybotsd162.exe
2014-03-03 15:36 - 2014-03-03 15:36 - 00000806 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 15:36 - 2014-03-03 15:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 15:34 - 2014-03-03 14:40 - 00000000 ____D () C:\Users\Jason\Desktop\antivirus
2014-03-03 15:33 - 2014-03-03 15:33 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Lavasoft
2014-03-03 15:32 - 2014-03-03 15:32 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\LavasoftStatistics
2014-03-03 15:01 - 2008-01-27 15:17 - 00000000 ____D () C:\Program Files\Lavasoft
2014-03-03 15:00 - 2014-03-03 15:00 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-03 14:59 - 2008-01-27 15:17 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-03 14:48 - 2014-03-03 14:48 - 00008726 _____ () C:\Users\Jason\Documents\Attachzip.txt
2014-03-03 14:46 - 2014-03-03 14:47 - 00021735 _____ () C:\Users\Jason\Desktop\dds.txt
2014-03-03 14:42 - 2014-03-03 14:39 - 00000000 ____D () C:\Users\Jason\Desktop\Unused
2014-03-03 14:37 - 2014-03-03 14:37 - 00000000 _____ () C:\Users\Jason\defogger_reenable
2014-03-02 18:30 - 2013-09-02 21:19 - 00000000 ____D () C:\Program Files\World of Warcraft
2014-03-02 16:34 - 2006-11-02 05:18 - 00000000 ___RD () C:\Users\Public
2014-03-02 16:07 - 2006-11-02 04:33 - 00774056 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-28 05:44 - 2014-01-26 08:53 - 00000000 ____D () C:\Users\Jason\Desktop\New Folder
2014-02-28 02:18 - 2010-07-05 20:22 - 00000418 _____ () C:\Windows\Tasks\ParetoLogic Update Version3.job
2014-02-26 03:16 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-20 12:47 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\nap
2014-02-17 13:14 - 2014-02-02 15:57 - 00000000 ____D () C:\Users\Jason\Documents\My Games
2014-02-17 13:11 - 2014-02-17 13:11 - 00002010 _____ () C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2014-02-17 13:03 - 2006-11-02 06:37 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-02-17 02:57 - 2014-02-17 02:53 - 2281804096 _____ () C:\Users\Jason\Downloads\Fable - The Lost Chapters.daa
2014-02-17 02:52 - 2014-02-15 23:58 - 00000000 ____D () C:\Users\Jason\Downloads\aop tweak  maximum edition
2014-02-17 02:35 - 2014-02-17 01:34 - 2281225788 ____R () C:\Users\Jason\Downloads\Fable - The Lost Chapters.rar
2014-02-16 22:11 - 2014-02-16 22:11 - 00002121 _____ () C:\Users\Public\Desktop\Borderlands 2.lnk
2014-02-16 21:58 - 2014-02-16 21:58 - 00000000 ____D () C:\Program Files\2K Games
2014-02-16 21:56 - 2014-03-02 16:34 - 3370956800 ____R () C:\Users\Public\sr-borderlands2.iso
2014-02-16 20:48 - 2013-06-27 03:26 - 00000000 ____D () C:\Program Files\Perfect World Entertainment
2014-02-16 20:37 - 2014-02-16 20:37 - 00001860 _____ () C:\Users\Public\Desktop\Arc.lnk
2014-02-16 18:17 - 2014-02-16 18:17 - 00000000 ____D () C:\Users\Jason\Documents\Games for Windows - LIVE Demos
2014-02-16 18:14 - 2006-11-02 05:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-16 11:44 - 2014-02-16 11:44 - 00000000 ____D () C:\Windows\system32\xlive
2014-02-16 11:44 - 2014-02-16 11:44 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE
2014-02-16 11:43 - 2014-02-16 11:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-16 11:43 - 2008-01-19 21:07 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-02-16 07:18 - 2014-02-16 07:18 - 00000000 ____D () C:\Users\Jason\Documents\The Witcher
2014-02-16 07:18 - 2014-02-16 07:18 - 00000000 ____D () C:\Users\Jason\AppData\Local\The Witcher
2014-02-16 07:16 - 2014-02-16 07:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-02-15 19:41 - 2014-02-15 19:41 - 01018740 _____ () C:\Users\Jason\Downloads\aop tweak  maximum edition.zip
2014-02-14 10:31 - 2006-11-02 06:37 - 00000000 ____D () C:\Windows\twain_32
2014-02-14 01:27 - 2013-06-27 02:24 - 00000000 ____D () C:\Windows\system32\WNLT
2014-02-14 01:06 - 2013-12-21 14:04 - 00000000 ____D () C:\ProgramData\saverroNe
2014-02-14 01:06 - 2013-12-21 14:03 - 00000000 ____D () C:\ProgramData\saVEErannet
2014-02-12 03:10 - 2013-07-28 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 03:05 - 2006-11-02 04:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-05 17:13 - 2014-02-05 17:13 - 00052752 _____ (Quiknowledge) C:\Windows\system32\Drivers\qknfd.sys
2014-02-05 02:58 - 2014-02-12 03:00 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 02:56 - 2014-02-12 03:00 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 02:53 - 2014-02-12 03:00 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 02:51 - 2014-02-12 03:00 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 02:50 - 2014-02-12 03:00 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 02:49 - 2014-02-12 03:00 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 02:49 - 2014-02-12 03:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 02:48 - 2014-02-12 03:01 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 02:48 - 2014-02-12 03:00 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 02:48 - 2014-02-12 03:00 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 02:48 - 2014-02-12 03:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 02:48 - 2014-02-12 03:00 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 02:47 - 2014-02-12 03:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 02:47 - 2014-02-12 03:01 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 02:47 - 2014-02-12 03:00 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 02:46 - 2014-02-12 03:00 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-03 11:13 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\registration
2014-02-03 11:12 - 2006-11-02 04:23 - 00000240 _____ () C:\Windows\win.ini
2014-02-03 11:09 - 2013-02-18 14:12 - 00109792 _____ () C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-03 11:06 - 2006-11-02 06:47 - 00387256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-02 18:38 - 2014-02-02 18:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Skyrim
2014-02-02 18:11 - 2013-03-28 16:05 - 09952256 _____ () C:\Users\Jason\Desktop\A Slower Speed of Light.exe
2014-02-02 17:59 - 2014-02-02 17:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\PowerISO
2014-02-02 17:21 - 2014-02-02 17:12 - 00000000 ____D () C:\Users\Jason\Downloads\rzr-skrm
2014-02-02 15:57 - 2014-02-02 15:57 - 00000000 __RHD () C:\Users\Jason\AppData\Roaming\SecuROM
2014-02-02 15:56 - 2014-02-02 15:56 - 00000000 ____D () C:\Program Files\GameSpy
2014-02-02 15:53 - 2014-02-02 15:53 - 00669184 _____ () C:\Windows\system32\pbsvc.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00103736 _____ () C:\Windows\system32\PnkBstrB.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00022328 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-02-02 15:53 - 2014-02-02 15:53 - 00022328 _____ () C:\Users\Jason\AppData\Roaming\PnkBstrK.sys
2014-02-02 15:53 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-02-02 15:09 - 2014-02-01 20:12 - 00000000 ____D () C:\Users\Jason\Documents\Amnesia
2014-02-02 15:09 - 2013-02-18 14:11 - 00000000 ____D () C:\Users\Jason\AppData\Local\VirtualStore
2014-02-02 15:07 - 2014-02-02 15:07 - 00001959 _____ () C:\Users\Jason\Desktop\Amnesia.lnk
2014-02-02 15:07 - 2014-02-02 14:58 - 00000000 ____D () C:\Program Files\Amnesia - The Dark Descent
2014-02-02 14:05 - 2014-02-02 14:05 - 00000762 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-02 11:37 - 2014-01-26 11:19 - 00000000 ____D () C:\Users\Jason\Documents\Bandicam
2014-02-02 10:49 - 2014-02-02 10:49 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\rkill.exe
2014-02-02 10:33 - 2014-02-02 10:32 - 00000000 ____D () C:\Users\Public\New folder
2014-02-02 10:12 - 2014-02-02 09:42 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-02 10:12 - 2010-07-19 16:15 - 00000000 ____D () C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2014-02-02 10:12 - 2009-09-13 15:57 - 00000000 ____D () C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2014-02-02 10:12 - 2008-04-30 07:18 - 00000000 ____D () C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
2014-02-02 10:01 - 2014-02-02 09:42 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-02 09:47 - 2014-02-02 09:47 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\TuneUp Software
2014-02-02 09:47 - 2014-02-02 09:45 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-02-02 09:47 - 2006-11-02 06:37 - 00000000 ____D () C:\Program Files\Windows Sidebar
 
Some content of TEMP:
====================
C:\Users\Jason\AppData\Local\Temp\hcuninstaller_20140304_133530_4752.exe
C:\Users\Jason\AppData\Local\Temp\ICReinstall_CR_Downloader_for_naruto-shippuden---ultimate-ninja-4.exe
C:\Users\Jason\AppData\Local\Temp\Resource_AcceptRate.exe
C:\Users\Jason\AppData\Local\Temp\Resource_Toolbar.exe
C:\Users\Jason\AppData\Local\Temp\vcredist_2013_x86.exe
C:\Users\Kara\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\Kara\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kara\AppData\Local\Temp\oi_{51A8CC16-B2CF-4E58-BED2-4B1B2710C515}.exe
C:\Users\Kara\AppData\Local\Temp\vcredist_x86.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-04 16:07
 
 
 
 
addition text
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-03-2014 02
Ran by Jason at 2014-03-04 16:15:15
Running from C:\Users\Jason\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
 
==================== Installed Programs ======================
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
 Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
"Thief" (HKLM\...\{7CEA3557-5E36-49EE-9CBF-504EEA99E0DE}_is1) (Version: 1.0.4107.3 (Update 1) - )
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30488 - BitTorrent Inc.)
AC3Filter 1.63b (HKLM\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
AccelerateTab (HKLM\...\AccelerateTab_is1) (Version: 2.0 - AccelerateTab)
Acrobat.com (HKLM\...\{6D8D64BE-F500-55B6-705D-DFD08AFE0624}) (Version: 1.7.186 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0.1 - Microsoft Corporation) Hidden
Ad-Aware Antivirus (HKLM\...\{17E73768-9F21-4334-ABE6-CD131031564C}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.1.8210 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.1.8210 - Adobe Systems Inc.) Hidden
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.3.181.34 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Advanced SystemCare 7 (HKLM\...\Advanced SystemCare 7_is1) (Version: 7.2.0 - IObit)
Alarm Clock version 1.0 (HKLM\...\{003C285C-AC50-4B8C-8718-3481CBA49E2F}_is1) (Version: 1.0 - )
Amnesia - The Dark Descent  (HKLM\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.0.0 - Frictional Games)
ANIWZCS2 Service (HKLM\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version:  - )
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Bandicam (HKLM\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - Bandisoft.com)
BitTorrent (HKLM\...\BitTorrent) (Version: 7.8.0.29626 - BitTorrent Inc.)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM\...\Borderlands 2_is1) (Version:  - )
Canon iP1800 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP1800_series) (Version:  - )
Canon iP1800 series User Registration (HKLM\...\Canon iP1800 series User Registration) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-LayoutPrint (HKLM\...\Easy-LayoutPrint) (Version:  - )
Cards_Calendar_OrderGift_DoMorePlugout (Version: 1.00.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CoreAAC Audio Decoder (remove only) (HKLM\...\CoreAAC Audio Decoder) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.5.1019 - CyberLink Corp.)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
D-Link RangeBooster N DWA-140 (HKLM\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version:  - D-Link)
Enhanced Multimedia Keyboard Solution (HKLM\...\KBD) (Version:  - Hewlett-Packard)
Fable - The Lost Chapters (HKLM\...\InstallShield_{C3C9EB3D-24FA-4462-B784-0EC6AAFCD2DD}) (Version: 1.00.0000 - Microsoft Game Studios)
Fable - The Lost Chapters (Version: 1.00.0000 - Microsoft Game Studios) Hidden
FLV Player (HKCU\...\FLV Player) (Version: 1.0 - Somoto Ltd.) <==== ATTENTION
Futuremark SystemInfo (HKLM\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation)
Game Booster (HKLM\...\Game Booster_is1) (Version: 2.4.1.0 - IObit)
GameSpy Comrade (HKLM\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Google Chrome (HKLM\...\Google Chrome) (Version: 27.0.1453.116 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Happy Cloud Client (HKCU\...\HappyCloud) (Version: 3.72 - Happy Cloud, Inc.)
Hardware Diagnostic Tools (HKLM\...\PC-Doctor 5 for Windows) (Version: 5.00.4589.14 - PC-Doctor, Inc.)
Hewlett-Packard Active Check (Version: 1.1.11.0 - Hewlett-Packard) Hidden
Hewlett-Packard Asset Agent for Health Check (Version: 2.0.62.5 - HP) Hidden
HP Active Support Library (HKLM\...\{11BB336F-0E58-4977-B866-F24FA334616B}) (Version: 2.3.0.2 - Hewlett-Packard)
HP Customer Feedback (Version: 1.0.0 - Hewlett-Packard) Hidden
HP Easy Setup - Frontend (HKLM\...\{9885A11E-60E4-417C-B58B-8B31B21C0B8A}) (Version: 5.4.0.2430 - Hewlett-Packard)
HP On-Screen Cap/Num/Scroll Lock Indicator (HKLM\...\OsdMaestro) (Version:  - Hewlett-Packard)
HP Photosmart Essential 2.5 (HKLM\...\HP Photosmart Essential) (Version: 2.5 - HP)
HP Photosmart Essential 2.5 (Version: 1.02.0000 - Hewlett-Packard) Hidden
HP Picasso Media Center Add-In (Version: 1.0.0 - HP) Hidden
HP Update (HKLM\...\{FE57DE70-95DE-4B64-9266-84DA811053DB}) (Version: 4.000.012.001 - Hewlett-Packard)
HPPhotoSmartPhotobookWebPack1 (Version: 1.00.0000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - )
Internet Explorer Toolbar 4.8 by SweetPacks (HKLM\...\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}) (Version: 4.8.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
IObit Uninstaller (HKLM\...\IObitUninstall) (Version: 3.1.8.2434 - IObit)
iTunes (HKLM\...\{268278CF-FB69-4D98-B70E-BFEC1CDCA225}) (Version: 11.0.2.26 - Apple Inc.)
Java Auto Updater (Version: 2.0.3.1 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216015FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
Java™ SE Runtime Environment 6 Update 1 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160010}) (Version: 1.6.0.10 - Sun Microsystems, Inc.)
LightScribe System Software (HKLM\...\{7F10292C-A190-4176-A665-A1ED3478DF86}) (Version: 1.18.3.2 - LightScribe)
LightScribe Template Labeler (HKLM\...\{3EBA6E7C-3DF6-48AE-B87B-4CAFB2C1C3F7}) (Version: 1.10.13.1 - LightScribe)
LiveUpdate (Symantec Corporation) (HKLM\...\PsuedoLiveUpdate) (Version: 3.4.0.162 - Symantec)
LiveUpdate (Symantec Corporation) (Version: 3.4.0.164 - Symantec) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 Trial (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 - English (HKLM\...\{90140011-0061-0409-0000-0000000FF1CE}) (Version: 14.0.6109.5003 - Microsoft Corporation)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
Mozilla Firefox 15.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 15.0.1 (x86 en-US)) (Version: 15.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 15.0.1 - Mozilla)
MP3 Player Utilities 5.01 (HKLM\...\{8E79F5DD-4A0A-452B-B3F8-0651E4D24854}) (Version: 5.01 -  )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mysearchdial (HKCU\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Mysearchdial (HKLM\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Nexon Game Manager (HKLM\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
NVIDIA PhysX (HKLM\...\{8A809006-C25A-4A3A-9DAB-94659BCDB107}) (Version: 9.10.0224 - NVIDIA Corporation)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
oggcodecs 0.71.0946 (HKLM\...\oggcodecs) (Version: 0.71.0946 - illiminable)
Optimizer Pro v3.2 (HKLM\...\Optimizer Pro_is1) (Version:  - ) <==== ATTENTION
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version:  - )
Power2Go (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.3417 - CyberLink Corp.)
PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 6.5.2209 - CyberLink Corp.)
PowerDirector (Version: 6.5.2209 - CyberLink Corp.) Hidden
PowerISO (HKLM\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Privacy SafeGuard version 1.1 (HKLM\...\{B820C985-D9F1-45B5-A7F5-0C5863CBEA04}_is1) (Version: 1.1 - Privacy SafeGuard)
PSSWCORE (Version: 2.02.0000 - Hewlett-Packard) Hidden
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Python 2.5 (HKLM\...\{0A2C5854-557E-48C8-835A-3B9F074BDCAA}) (Version: 2.5.150 - Martin v. Löwis)
Python 3.2.2 (HKLM\...\{4CDE3168-D060-4b7c-BC74-4D8F9BB01AFD}) (Version: 3.2.2150 - Python Software Foundation)
QuickShare (HKLM\...\{2B0ECB7D-EA9A-422A-9651-FC195136B031}) (Version: 10.204.60.14277 - Linkury Inc.) <==== ATTENTION
QuickTime (HKLM\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
Quiknowledge (HKLM\...\Quiknowledge) (Version: 1.9.0.1 - Quiknowledge) <==== ATTENTION
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6849 - Realtek Semiconductor Corp.)
SelectionLinks (HKLM\...\sl-apl) (Version: 1.0 - SelectionLinks) <==== ATTENTION
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200C14F1) (Version: 7.74.00 - Conexant Systems)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
System Requirements Lab CYRI (HKLM\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.88 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities 2014) (Version: 14.0.1000.88 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.88 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Visio 2007 Help (KB963666) (HKLM\...\{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{D2C4ACC9-12F5-4E1C-81A8-5DC878AC6278}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
Ventrilo Server (HKLM\...\{1D46A3A0-B37D-423A-91C2-101A49E2FF80}) (Version: 3.0.2 - Flagship Industries, Inc.)
VideoToolkit01 (Version: 100.0.128.000 - Hewlett-Packard) Hidden
VLC media player 1.1.7 (HKLM\...\VLC media player) (Version: 1.1.7 - VideoLAN)
WeatherBug Gadget (Version: 1.0.0.6 - AWS Convergence Technologies) Hidden
Window Washer 5 (HKLM\...\Window Washer 5) (Version:  - )
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xvid 1.2.2 final uninstall (HKLM\...\Xvid_is1) (Version: 1.2 - Xvid team (Koepi))
YAC (HKLM\...\iSafe) (Version:  - ELEX DO BRASIL PARTICIPAÇÕES LTDA)
Yontoo Layers Client 1.10.01 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.01 - Yontoo Technology, Inc.) <==== ATTENTION
 
==================== Restore Points  =========================
 
04-03-2014 05:55:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
04-03-2014 20:20:11 Installed DirectX
04-03-2014 20:57:15 Windows Update
 
==================== Hosts content: ==========================
 
2006-11-02 04:23 - 2010-10-24 13:05 - 00000776 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {02A5B9B7-8F14-41A4-B9F1-499242DE3FA7} - System32\Tasks\JavaUpdateBrooke => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {15474D50-95D1-43E2-AF88-097F11CE7376} - System32\Tasks\JavaUpdateKara => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {1A2A6A9D-2BED-443C-BA40-3DDD349CD61C} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe [2014-02-11] (IObit)
Task: {1C065C8A-A699-486A-9AE4-7B38525272F1} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {1CB4E0EB-B02D-4DFC-B817-09510E0ECB1D} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1DF05B84-5009-4A75-86CE-5B98C11EF46D} - System32\Tasks\JavaUpdateJacob => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {21ED4658-32E3-4781-B8EE-13FE1188651D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {3222CA66-3E96-4E62-A851-75E3FD5040E1} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {35A831F8-37F6-487C-901B-A63B72B283EA} - System32\Tasks\JavaUpdateDara => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {3A08ACED-8661-4CD5-BBFB-B9312B39CB15} - System32\Tasks\Java Updater => C:\Windows\system32\jureg.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3F094633-9FDB-4ACD-95D2-1DDD45EAF205} - System32\Tasks\4688 => Wscript.exe C:\Users\Sonja\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {4D91A1DC-4D1B-4D3D-B9FF-373AE2125196} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2013-08-29] (TuneUp Software)
Task: {4FA34274-9679-45D1-A362-846E5E46D05F} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-02-13] (IObit)
Task: {55175E7F-DF5E-422E-AF2A-433A65FC3A4C} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-10-29] (Sun Microsystems, Inc.)
Task: {614B6A62-6595-46DC-84B5-0B49E281A654} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2009-10-11] (ParetoLogic Inc.)
Task: {6938F2DB-AA84-4550-ACA4-010AACB4ADF3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-25] (Google Inc.)
Task: {77788516-8BB4-4079-8A69-B423D2373C85} - System32\Tasks\MySearchDial => C:\Users\Jason\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {7D10BFB0-585B-481F-85AA-A36849971C2A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7FB5B562-26C7-4BC4-855F-32BFA58BAAED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2010-07-25] (Google Inc.)
Task: {81AE1D69-87CA-491D-B84A-74E054F214C3} - System32\Tasks\JavaUpdateJason => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {85619193-A4E1-447E-A445-238FF569D8C6} - System32\Tasks\JavaUpdateAdministrator => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {8955AD38-DD02-491E-9221-15C7F122B0A2} - System32\Tasks\ASC7_SkipUac_Jason => C:\Program Files\IObit\Advanced SystemCare 7\ASC.exe [2014-02-14] (IObit)
Task: {8C6BBB1F-F2B0-441E-9C2B-B66D9BD4D5B5} - System32\Tasks\Adobe online update program => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
Task: {8E558CAA-D6EA-46CA-90B8-18F7B322F7B9} - System32\Tasks\JavaUpdateMilt => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {91A7F0E7-CF0C-4261-8113-DAED0D068236} - System32\Tasks\JavaUpdateSonja => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {91C0F640-BE49-44B4-ACB5-9DF2094297BA} - System32\Tasks\PC-Doctor\Scheduled Maintanence => C:\Program Files\PC-Doctor 5 for Windows\RunProfiler.exe [2007-06-25] (PC-Doctor, Inc.)
Task: {9FCCC182-E205-4DDC-A24F-4F2AB1779944} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A4146D68-DDEF-4C19-AFA9-181EF63836BA} - System32\Tasks\HP online update program => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08] (Hewlett-Packard)
Task: {B84C6684-9730-4B9C-8C6B-0B21A3A83DA9} - System32\Tasks\JavaUpdateEden => C:\Windows\system32\jusched.exe [2007-04-07] (Sun Microsystems, Inc.)
Task: {CC7AEEFA-965B-45D9-BEA2-4E3D678E784C} - System32\Tasks\DivX online update program => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2012-11-29] ()
Task: {E36CF2D7-B3FE-459D-878D-77CFB1C22B0D} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Jason\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{59C5B9C3-1FB5-4202-A306-CBCA54A62EBA}.job => C:\Windows\system32\msfeedssync.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{7037237A-4069-43B3-99B6-4EB160E0E68E}.job => C:\Windows\system32\msfeedssync.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-03 16:06 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files\IObit\Advanced SystemCare 7\sqlite3.dll
2012-07-10 14:50 - 2009-07-07 19:10 - 00151552 _____ () C:\Windows\system32\ANIWConnService.exe
2011-06-24 21:56 - 2011-06-24 21:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 21:56 - 2011-06-24 21:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-04 00:02 - 2014-03-04 00:02 - 02961368 _____ () C:\Program Files\Optimizer Pro\OptProCrash.dll
2014-03-04 00:02 - 2014-03-04 00:02 - 00186496 _____ () C:\Program Files\Optimizer Pro\OptProCrashSvc.dll
2014-01-23 16:26 - 2014-01-23 16:26 - 00651232 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:33 - 2014-01-23 16:33 - 00087928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00022392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00030072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00048512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00107904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 03053416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00541008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00131920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 01928008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00638328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00477544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00244088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00119656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00087384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00105304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00228728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00170376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00342376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00210280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00244592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00174960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00367472 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00502112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00030584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00268656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00274808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00190824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00181600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00105320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00472944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 01858408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00223088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00513392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00422752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00148808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00122704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00298840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00241504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00565640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2014-02-02 15:53 - 2014-02-02 15:53 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2013-08-29 12:08 - 2013-08-29 12:08 - 00501560 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2014-03-03 16:06 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-03-03 16:06 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-03-03 16:06 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-03-03 16:06 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files\IObit\Advanced SystemCare 7\webres.dll
2010-03-10 21:32 - 2013-10-18 11:15 - 00037376 _____ () C:\Windows\system32\atitmpxx.dll
2012-07-10 14:50 - 2009-06-01 13:23 - 00315392 _____ () C:\Program Files\ANI\ANIWZCS2 Service\ANIOApi.dll
2012-07-10 14:50 - 2009-07-07 17:50 - 00258048 _____ () C:\Windows\system32\WlanApp.dll
2012-07-10 14:49 - 2009-06-01 13:23 - 00315392 _____ () C:\Program Files\D-Link\DWA-140 revB\ANIOApi.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 03643224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:33 - 2014-01-23 16:33 - 00405880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00308064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00056664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00789360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00118104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2012-10-26 00:49 - 2012-10-26 00:49 - 00202752 _____ () C:\Users\Jason\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe
2013-09-22 20:52 - 2014-03-04 11:16 - 02503504 _____ () C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe
2013-09-22 20:52 - 2014-01-23 17:40 - 00268968 _____ () C:\Program Files\Secure Speed Dial\IE\sqlite3.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:8927A071
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
 
==================== Faulty Device Manager Devices =============
 
Name: Belkin USB Easy Transfer Cable
Description: Belkin USB Easy Transfer Cable
Class Guid: {bc103702-dd72-406f-9b28-95c868337b59}
Manufacturer: Microsoft
Service: winusb
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/04/2014 04:03:11 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SPEEDDIAL@INSTAIR.NET\LOCALE\PL> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:03:11 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SPEEDDIAL@INSTAIR.NET\LOCALE\PL> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:03:11 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SPEEDDIAL@INSTAIR.NET\LOCALE\NO> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:03:11 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SPEEDDIAL@INSTAIR.NET\LOCALE\NO> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:01:39 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SEARCHADS@INSTAIR.NET\LIB> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:01:39 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SEARCHADS@INSTAIR.NET\LIB> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:01:39 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SEARCHADS@INSTAIR.NET\DEFAULTS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:01:39 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SEARCHADS@INSTAIR.NET\DEFAULTS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:01:38 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SEARCHADS@INSTAIR.NET\CHROME\CONTENT\SUBSCRIPTIONS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (03/04/2014 04:01:38 PM) (Source: Windows Search Service) (User: )
Description: The entry <C:\USERS\JASON\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\IHHQCYDE.DEFAULT\EXTENSIONS\SEARCHADS@INSTAIR.NET\CHROME\CONTENT\SUBSCRIPTIONS> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
 
System errors:
=============
Error: (03/04/2014 04:02:08 PM) (Source: Service Control Manager) (User: )
Description: SecureUpdate1
 
Error: (03/04/2014 03:55:11 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
jbeuclo
 
Error: (03/04/2014 02:52:16 PM) (Source: Service Control Manager) (User: )
Description: Windows Font Cache Service
 
Error: (03/04/2014 02:48:05 PM) (Source: Service Control Manager) (User: )
Description: i8042prt
jbeuclo
 
Error: (03/04/2014 02:48:05 PM) (Source: Service Control Manager) (User: )
Description: Client Virtualization HandlerApplication Virtualization Client%%1070
 
Error: (03/04/2014 02:48:05 PM) (Source: Service Control Manager) (User: )
Description: Application Virtualization Client
 
Error: (03/04/2014 02:44:12 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 2:41:15 PM on 3/4/2014 was unexpected.
 
Error: (03/03/2014 11:47:02 PM) (Source: Service Control Manager) (User: )
Description: Steam Client Service%%1053
 
Error: (03/03/2014 11:47:02 PM) (Source: Service Control Manager) (User: )
Description: 30000Steam Client Service
 
Error: (03/03/2014 04:07:25 PM) (Source: Service Control Manager) (User: )
Description: Advanced SystemCare Service 7
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-02-20 12:11:27.171
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-20 12:11:26.500
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-20 12:11:25.829
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-20 12:11:25.143
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-20 12:11:24.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-20 12:11:23.801
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-15 19:32:01.914
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-15 19:32:01.145
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-15 19:32:00.382
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-02-15 19:31:59.604
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\iSafe\iSafeKrnl.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 55%
Total physical RAM: 2046.58 MB
Available physical RAM: 905.94 MB
Total Pagefile: 4336.42 MB
Available Pagefile: 2992.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1889.82 MB
 
==================== Drives ================================
 
Drive c: (HP) (Fixed) (Total:325.94 GB) (Free:44.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (FACTORY_IMAGE) (Fixed) (Total:9.41 GB) (Free:1.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 335 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=326 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Edited by jacobg50, 04 March 2014 - 06:00 PM.


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 04 March 2014 - 06:05 PM

Hi,

you have a lot of adware on your computer. Let's clean up a bit:


Step 1

Please uninstall some programs:

  • Click on the Start Menu button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

    AccelerateTab
    FLV Player
    Internet Explorer Toolbar 4.8 by SweetPacks
    Mysearchdial
    Optimizer Pro v3.2
    QuickShare
    Quiknowledge
    SelectionLinks
    YAC
    Yontoo Layers Client 1.10.01

  • Reboot your computer.

 

 

 

Step 2

Please download AdwCleaner (by Xplode) and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

 

 

 

Step 3

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste this log in your next reply.


#5 jacobg50

jacobg50
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:07 AM

Posted 04 March 2014 - 11:12 PM

# AdwCleaner v3.020 - Report created 04/03/2014 at 22:01:28
# Updated 27/02/2014 by Xplode
# Operating System : Windows Vista ™ Home Premium Service Pack 2 (32 bits)
# Username : Jason - GODWINPC
# Running from : C:\Users\Jason\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfmigjiaapipflmopkaaooigcjjdojh
Folder Deleted : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
Folder Deleted : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpcknfcdcgpffjddjeceioobdelceffo
Folder Deleted : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Folder Deleted : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Windows\System32\Tasks\NCH Software
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16533
 
 
-\\ Mozilla Firefox v15.0.1 (en-US)
 
[ File : C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\prefs.js ]
 
Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=ac94cdeb-34da-48f1-aa87-376392f97f10&searchtype=hp&installDate=24/08/2013");
 
-\\ Google Chrome v27.0.1453.116
 
[ File : C:\Users\Kara\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [28009 octets] - [04/03/2014 21:50:17]
AdwCleaner[R1].txt - [2563 octets] - [04/03/2014 22:00:07]
AdwCleaner[S0].txt - [27790 octets] - [04/03/2014 21:51:36]
AdwCleaner[S1].txt - [2508 octets] - [04/03/2014 22:01:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [2568 octets] ##########
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-03-2014 02
Ran by Jason (administrator) on GODWINPC on 04-03-2014 22:06:58
Running from C:\Users\Jason\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
() C:\Windows\system32\ANIWConnService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\Monitor.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Alcatel-Lucent) C:\Program Files\Common Files\Motive\McciCMService.exe
() C:\Windows\system32\PnkBstrA.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\hp\KBD\KbdStub.exe
(OsdMaestro) C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Wireless Service) C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
(D-Link Corp.) C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe
(IObit) C:\Program Files\IObit\Advanced SystemCare 7\DelayLoad.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [KBD] - C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [OsdMaestro] - C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [118784 2007-02-15] (OsdMaestro)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [178712 2008-06-02] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4874240 2008-01-15] (Realtek Semiconductor)
HKLM\...\Run: [ANIWZCS2Service] - C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [98304 2009-08-21] (Wireless Service)
HKLM\...\Run: [D-Link D-Link RangeBooster N DWA-140] - C:\Program Files\D-Link\DWA-140 revB\AirNCFG.exe [1708032 2009-09-18] (D-Link Corp.)
HKLM\...\Run: [DivXMediaServer] - C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe [450560 2012-11-13] ()
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [] - [X]
HKLM\...\RunOnce: [Launcher] - %WINDIR%\SMINST\launcher.exe [44168 2007-10-09] (soft thinks)
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-19\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-4274643493-4219393570-3087615686-1012\...\MountPoints2: F - F:\Setup.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=MSSE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Privacy Safeguard BHO - {A42D2EB4-DD31-4BB5-8AA5-8D4E04806DBE} - C:\Program Files\PrivacySafeGuard\PrivacySafeGuard.dll (PrivacySafeguard)
BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} http://clients.futuremark.com/calico/systeminfodeploy/FMSI.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 19 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default
FF DefaultSearchEngine: Google
FF Homepage: hxxp://feed.snapdo.com/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=ac94cdeb-34da-48f1-aa87-376392f97f10&searchtype=hp&installDate=24/08/2013
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @bittorrent.com/BitTorrentDNA - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll No File
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @Motive.com/NpMotive,version=1.0 - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
FF Plugin: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files\Perfect World Entertainment\Arc\plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 - C:\Program Files\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeploytk.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\ascsurfingprotection@iobit.com [2014-03-03]
FF Extension: saverroNe - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\oyy6fsv@zjsavtrb.co.uk [2013-12-24]
FF Extension: saVEErannet - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\s.yzecd@vzkwuqrhfb.net [2013-12-24]
FF Extension: No Name - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\staged [2014-01-01]
FF Extension: QuickShare Widget - C:\Users\Jason\AppData\Roaming\Mozilla\Firefox\Profiles\ihhqcyde.default\Extensions\{ac94cdeb-34da-48f1-aa87-376392f97f10} [2014-01-01]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-12-22]
FF HKLM\...\Firefox\Extensions: [quiknowledge@quiknowledge.com] - C:\Program Files\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.bing.com/"
CHR DefaultSearchProvider: Web
CHR DefaultSearchURL: http://www.google.com
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.240.7) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java™ Platform SE 6 U24) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (Microsoft Office 2003) - C:\Program Files\Mozilla Firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
CHR Plugin: (Motive Plugin) - C:\Program Files\Common Files\Motive\npMotive.dll (Alcatel-Lucent)
CHR Plugin: (DNA Plug-in) - C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CHR Plugin: (DivX VOD Helper Plug-in) - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
CHR Plugin: (DivX Plus Web Player) - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-17]
CHR Extension: (Google Drive) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-17]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-03-03]
CHR Extension: (YouTube) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-17]
CHR Extension: (Google Search) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-17]
CHR Extension: (Privacy SafeGuard) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\geggofhlfbcmanadhknllmlajiafopoh [2013-03-17]
CHR Extension: (Crackle) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibfamoapbmmmlknoopmmfofgladlinic [2013-05-24]
CHR Extension: (AccelerateTab) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgjafhkemfjfgdmjcmhofijphjmaanak [2014-03-04]
CHR Extension: (AD Block) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfgjbmhakaffflkjecineeaadpidgikb [2014-01-31]
CHR Extension: (Gmail) - C:\Users\Jason\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-17]
CHR Extension: (saverroNe) - C:\ProgramData\blhdjphpjgjchbhoiecdhiklkgbfjafk [2013-12-21]
CHR HKLM\...\Chrome\Extension: [cekmkdkefndbeciggfanobcemjnppbbb] - C:\Program Files\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnppbbb.crx [2013-12-21]
CHR HKLM\...\Chrome\Extension: [geggofhlfbcmanadhknllmlajiafopoh] - C:\Program Files\PrivacySafeGuard\pschrome_bunndle-cb_1_1.crx [2012-11-11]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
R2 AdvancedSystemCareService7; C:\Program Files\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 ANIWConnService; C:\Windows\system32\ANIWConnService.exe [151552 2009-07-07] ()
S3 ArcService; C:\Program Files\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 Automatic LiveUpdate Scheduler; c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [243064 2007-08-31] (Symantec Corporation)
S3 Futuremark SystemInfo Service; C:\Program Files\Futuremark\Futuremark SystemInfo\FMSISvc.exe [137488 2012-12-17] (Futuremark Corporation)
U2 HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [65536 2007-09-19] (Hewlett-Packard)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [651232 2014-01-23] ()
S3 LiveUpdate; c:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [3192184 2007-08-23] (Symantec Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2014-02-02] ()
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [203848 2013-10-18] (Realtek Semiconductor)
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 SecureUpdateSvc; C:\Program Files\Secure Speed Dial\IE\SecureUpdate.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwf.sys [12800 2009-03-06] ()
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-10-05] (BVRP Software)
R1 IDSvix86; C:\ProgramData\Symantec\Definitions\SymcData\ipsdefs\20110131.001\IDSvix86.sys [287792 2010-09-15] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation)
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-11-08] (Printing Communications Assoc., Inc. (PCAUSA))
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-11-08] (Printing Communications Assoc., Inc. (PCAUSA))
R3 netr28u; C:\Windows\System32\DRIVERS\Dnetr28u.sys [735232 2009-08-03] (Ralink Technology Corp.)
S3 PcdrNdisuio; C:\Windows\System32\DRIVERS\pcdrndisuio.sys [20480 2007-12-17] (Windows ® 2000 DDK provider)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [10368 2006-05-23] (Padus, Inc.)
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2013-12-16] (Power Software Ltd)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [340624 2013-07-17] (BitDefender S.R.L.)
S3 ATMFBUS; system32\DRIVERS\ATMFBUS.sys [X]
S3 ATMFCVsp; system32\DRIVERS\ATMFCVsp.sys [X]
S3 ATMFFLT; system32\DRIVERS\ATMFFLT.sys [X]
S3 ATMFMdm; system32\DRIVERS\ATMFMdm.sys [X]
S3 ATMFNET; system32\DRIVERS\ATMFNET.sys [X]
S3 ATMFNVsp; system32\DRIVERS\ATMFNVsp.sys [X]
S3 ATMFVsp; system32\DRIVERS\ATMFVsp.sys [X]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x32.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x32.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S0 jbeuclo; System32\drivers\akgmo.sys [X]
S3 MREMPR5; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS [X]
S3 MRENDIS5; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 qknfd; system32\drivers\qknfd.sys [X]
S3 SymIMMP; system32\DRIVERS\SymIM.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-04 22:06 - 2014-03-04 22:06 - 00025080 _____ () C:\Users\Jason\Downloads\FRST.txt
2014-03-04 21:49 - 2014-03-04 22:01 - 00000000 ____D () C:\AdwCleaner
2014-03-04 21:48 - 2014-03-04 21:48 - 01244192 _____ () C:\Users\Jason\Downloads\AdwCleaner.exe
2014-03-04 16:13 - 2014-03-04 22:06 - 00000000 ____D () C:\FRST
2014-03-04 15:11 - 2014-03-04 15:11 - 01145344 _____ (Farbar) C:\Users\Jason\Downloads\FRST.exe
2014-03-04 14:43 - 2014-03-04 21:26 - 00002920 _____ () C:\Windows\PFRO.log
2014-03-04 14:29 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\Documents\Thief
2014-03-04 14:29 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Launcher
2014-03-04 14:24 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Updater
2014-03-04 14:20 - 2014-03-04 14:20 - 00001481 _____ () C:\Users\Public\Desktop\Thief.lnk
2014-03-04 13:33 - 2014-03-04 13:33 - 00000000 ____D () C:\Games
2014-03-04 13:22 - 2014-03-04 13:22 - 00000000 ____D () C:\Users\Jason\AppData\Local\Setup Integrity Check
2014-03-04 12:48 - 2014-03-04 12:48 - 00606136 _____ ( ) C:\Users\Jason\Downloads\CR_Downloader_for_naruto-shippuden---ultimate-ninja-4.exe
2014-03-04 12:48 - 2014-03-04 12:48 - 00001116 _____ () C:\Users\Jason\Desktop\Continue Naruto Shippuden - Ultimate Ninja 4 Installation.lnk
2014-03-04 00:11 - 2014-03-04 00:12 - 10031422 _____ () C:\Users\Jason\Downloads\Playstation-2-Bios-Pack.7z
2014-03-04 00:05 - 2014-03-04 00:05 - 00000000 ____D () C:\Users\Jason\Documents\PCSX2
2014-03-04 00:03 - 2014-03-04 12:49 - 00000090 _____ () C:\Users\Jason\AppData\Roaming\WB.CFG
2014-03-04 00:00 - 2014-03-04 09:08 - 00000000 ____D () C:\Users\Jason\Desktop\ps2 games
2014-03-04 00:00 - 2014-03-04 00:00 - 00606136 _____ ( ) C:\Users\Jason\Downloads\CR_Downloader_for_kingdom-hearts---re-chain-of-memories.exe
2014-03-03 23:56 - 2014-03-03 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-03 23:55 - 2014-03-03 23:58 - 00000000 ____D () C:\Program Files\PCSX2 1.2.1
2014-03-03 23:55 - 2014-03-03 23:55 - 00001772 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2014-03-03 23:52 - 2014-03-03 23:54 - 15127264 _____ () C:\Users\Jason\Downloads\pcsx2-1.2.1-r5875-setup.exe
2014-03-03 23:21 - 2014-03-04 13:16 - 00000000 ____D () C:\Users\Jason\Desktop\Thief.2014.Multi8-RU.Repack.by.z10yded
2014-03-03 17:07 - 2014-03-03 17:07 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-03-03 16:07 - 2014-03-03 20:43 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-03 16:07 - 2014-03-03 16:07 - 00001023 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-03-03 16:07 - 2014-03-03 16:07 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-03-03 16:06 - 2014-03-03 17:50 - 00001988 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-03 15:41 - 2014-03-03 15:41 - 00109890 _____ () C:\Users\Jason\Documents\cc_20140303_154115.reg
2014-03-03 15:39 - 2014-03-03 15:39 - 00001057 _____ () C:\Users\Jason\Desktop\Spybot - Search & Destroy.lnk
2014-03-03 15:39 - 2014-03-03 15:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-03-03 15:37 - 2014-03-03 15:38 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jason\Downloads\spybotsd162.exe
2014-03-03 15:36 - 2014-03-03 15:36 - 00000806 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 15:36 - 2014-03-03 15:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 15:33 - 2014-03-03 15:33 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Lavasoft
2014-03-03 15:32 - 2014-03-03 15:32 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\LavasoftStatistics
2014-03-03 15:00 - 2014-03-03 15:00 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-03 14:48 - 2014-03-03 14:48 - 00008726 _____ () C:\Users\Jason\Documents\Attachzip.txt
2014-03-03 14:47 - 2014-03-03 14:46 - 00021735 _____ () C:\Users\Jason\Desktop\dds.txt
2014-03-03 14:40 - 2014-03-03 15:34 - 00000000 ____D () C:\Users\Jason\Desktop\antivirus
2014-03-03 14:39 - 2014-03-03 14:42 - 00000000 ____D () C:\Users\Jason\Desktop\Unused
2014-03-03 14:37 - 2014-03-03 14:37 - 00000000 _____ () C:\Users\Jason\defogger_reenable
2014-03-02 16:34 - 2014-02-16 21:56 - 3370956800 ____R () C:\Users\Public\sr-borderlands2.iso
2014-02-17 13:11 - 2014-02-17 13:11 - 00002010 _____ () C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2014-02-17 02:53 - 2014-02-17 02:57 - 2281804096 _____ () C:\Users\Jason\Downloads\Fable - The Lost Chapters.daa
2014-02-17 01:34 - 2014-02-17 02:35 - 2281225788 ____R () C:\Users\Jason\Downloads\Fable - The Lost Chapters.rar
2014-02-16 22:15 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\SKIDROW
2014-02-16 22:11 - 2014-02-16 22:11 - 00002121 _____ () C:\Users\Public\Desktop\Borderlands 2.lnk
2014-02-16 21:58 - 2014-02-16 21:58 - 00000000 ____D () C:\Program Files\2K Games
2014-02-16 20:37 - 2014-02-16 20:37 - 00001860 _____ () C:\Users\Public\Desktop\Arc.lnk
2014-02-16 18:17 - 2014-02-16 18:17 - 00000000 ____D () C:\Users\Jason\Documents\Games for Windows - LIVE Demos
2014-02-16 11:44 - 2014-02-16 11:44 - 00000000 ____D () C:\Windows\system32\xlive
2014-02-16 11:44 - 2014-02-16 11:44 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE
2014-02-16 11:43 - 2014-02-16 11:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-16 07:18 - 2014-02-16 07:18 - 00000000 ____D () C:\Users\Jason\Documents\The Witcher
2014-02-16 07:18 - 2014-02-16 07:18 - 00000000 ____D () C:\Users\Jason\AppData\Local\The Witcher
2014-02-16 07:16 - 2014-02-16 07:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-02-15 23:58 - 2014-02-17 02:52 - 00000000 ____D () C:\Users\Jason\Downloads\aop tweak  maximum edition
2014-02-15 19:41 - 2014-02-15 19:41 - 01018740 _____ () C:\Users\Jason\Downloads\aop tweak  maximum edition.zip
2014-02-12 03:01 - 2014-02-05 02:48 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-12 03:01 - 2014-02-05 02:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-12 03:01 - 2014-02-05 02:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-12 03:00 - 2014-02-05 02:58 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-12 03:00 - 2014-02-05 02:56 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-12 03:00 - 2014-02-05 02:53 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-12 03:00 - 2014-02-05 02:51 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-12 03:00 - 2014-02-05 02:50 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-12 03:00 - 2014-02-05 02:49 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-12 03:00 - 2014-02-05 02:49 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-12 03:00 - 2014-02-05 02:48 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-12 03:00 - 2014-02-05 02:48 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-12 03:00 - 2014-02-05 02:48 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-12 03:00 - 2014-02-05 02:48 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-12 03:00 - 2014-02-05 02:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-12 03:00 - 2014-02-05 02:46 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-12 01:37 - 2013-12-04 20:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-02 18:38 - 2014-02-02 18:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Skyrim
2014-02-02 17:59 - 2014-02-02 17:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\PowerISO
2014-02-02 17:12 - 2014-02-02 17:21 - 00000000 ____D () C:\Users\Jason\Downloads\rzr-skrm
2014-02-02 15:57 - 2014-02-17 13:14 - 00000000 ____D () C:\Users\Jason\Documents\My Games
2014-02-02 15:57 - 2014-02-02 15:57 - 00000000 __RHD () C:\Users\Jason\AppData\Roaming\SecuROM
2014-02-02 15:56 - 2014-02-02 15:56 - 00000000 ____D () C:\Program Files\GameSpy
2014-02-02 15:53 - 2014-02-02 15:53 - 00669184 _____ () C:\Windows\system32\pbsvc.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00103736 _____ () C:\Windows\system32\PnkBstrB.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00022328 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-02-02 15:53 - 2014-02-02 15:53 - 00022328 _____ () C:\Users\Jason\AppData\Roaming\PnkBstrK.sys
2014-02-02 15:07 - 2014-02-02 15:07 - 00001959 _____ () C:\Users\Jason\Desktop\Amnesia.lnk
2014-02-02 14:58 - 2014-02-02 15:07 - 00000000 ____D () C:\Program Files\Amnesia - The Dark Descent
2014-02-02 14:05 - 2014-03-04 13:30 - 00000000 ____D () C:\Program Files\Steam
2014-02-02 14:05 - 2014-02-02 14:05 - 00000762 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-02 10:49 - 2014-02-02 10:49 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\rkill.exe
2014-02-02 10:32 - 2014-02-02 10:33 - 00000000 ____D () C:\Users\Public\New folder
2014-02-02 09:47 - 2014-02-02 09:47 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\TuneUp Software
2014-02-02 09:42 - 2014-02-02 10:12 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-02 09:42 - 2014-02-02 10:01 - 00000000 ____D () C:\ProgramData\TuneUp Software
 
==================== One Month Modified Files and Folders =======
 
2014-03-04 22:07 - 2014-03-04 22:06 - 00025080 _____ () C:\Users\Jason\Downloads\FRST.txt
2014-03-04 22:07 - 2009-06-22 12:51 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7037237A-4069-43B3-99B6-4EB160E0E68E}.job
2014-03-04 22:06 - 2014-03-04 16:13 - 00000000 ____D () C:\FRST
2014-03-04 22:06 - 2013-02-18 14:12 - 00003284 _____ () C:\Users\Jason\AppData\Roaming\ANIWZCS{264B00FB-D7D1-4F4C-91FA-CAE776D90C21}
2014-03-04 22:06 - 2012-07-10 14:51 - 00003284 _____ () C:\Windows\system32\ANIWZCS{264B00FB-D7D1-4F4C-91FA-CAE776D90C21}
2014-03-04 22:06 - 2007-11-19 14:42 - 01901486 _____ () C:\Windows\WindowsUpdate.log
2014-03-04 22:05 - 2008-01-13 14:15 - 00000418 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{59C5B9C3-1FB5-4202-A306-CBCA54A62EBA}.job
2014-03-04 22:05 - 2007-11-15 07:55 - 00000000 ____D () C:\Windows\SMINST
2014-03-04 22:04 - 2010-07-25 21:20 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-04 22:04 - 2006-11-02 07:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-04 22:04 - 2006-11-02 06:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-04 22:04 - 2006-11-02 06:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-04 22:01 - 2014-03-04 21:49 - 00000000 ____D () C:\AdwCleaner
2014-03-04 22:01 - 2006-11-02 07:01 - 00032658 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-04 21:52 - 2013-08-24 12:51 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AppsHat
2014-03-04 21:48 - 2014-03-04 21:48 - 01244192 _____ () C:\Users\Jason\Downloads\AdwCleaner.exe
2014-03-04 21:44 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\tracing
2014-03-04 21:32 - 2010-07-25 21:20 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-04 21:26 - 2014-03-04 14:43 - 00002920 _____ () C:\Windows\PFRO.log
2014-03-04 21:16 - 2008-08-23 13:17 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-04 15:11 - 2014-03-04 15:11 - 01145344 _____ (Farbar) C:\Users\Jason\Downloads\FRST.exe
2014-03-04 14:40 - 2014-01-19 18:23 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\uTorrent
2014-03-04 14:29 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\Documents\Thief
2014-03-04 14:29 - 2014-03-04 14:29 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Launcher
2014-03-04 14:29 - 2014-03-04 14:24 - 00000000 ____D () C:\Users\Jason\AppData\Local\Game Updater
2014-03-04 14:29 - 2014-02-16 22:15 - 00000000 ____D () C:\Users\Jason\AppData\Local\SKIDROW
2014-03-04 14:20 - 2014-03-04 14:20 - 00001481 _____ () C:\Users\Public\Desktop\Thief.lnk
2014-03-04 13:35 - 2013-11-30 22:51 - 00000000 ____D () C:\ProgramData\HappyCloud
2014-03-04 13:33 - 2014-03-04 13:33 - 00000000 ____D () C:\Games
2014-03-04 13:30 - 2014-02-02 14:05 - 00000000 ____D () C:\Program Files\Steam
2014-03-04 13:22 - 2014-03-04 13:22 - 00000000 ____D () C:\Users\Jason\AppData\Local\Setup Integrity Check
2014-03-04 13:16 - 2014-03-03 23:21 - 00000000 ____D () C:\Users\Jason\Desktop\Thief.2014.Multi8-RU.Repack.by.z10yded
2014-03-04 12:49 - 2014-03-04 00:03 - 00000090 _____ () C:\Users\Jason\AppData\Roaming\WB.CFG
2014-03-04 12:48 - 2014-03-04 12:48 - 00606136 _____ ( ) C:\Users\Jason\Downloads\CR_Downloader_for_naruto-shippuden---ultimate-ninja-4.exe
2014-03-04 12:48 - 2014-03-04 12:48 - 00001116 _____ () C:\Users\Jason\Desktop\Continue Naruto Shippuden - Ultimate Ninja 4 Installation.lnk
2014-03-04 09:08 - 2014-03-04 00:00 - 00000000 ____D () C:\Users\Jason\Desktop\ps2 games
2014-03-04 00:12 - 2014-03-04 00:11 - 10031422 _____ () C:\Users\Jason\Downloads\Playstation-2-Bios-Pack.7z
2014-03-04 00:05 - 2014-03-04 00:05 - 00000000 ____D () C:\Users\Jason\Documents\PCSX2
2014-03-04 00:00 - 2014-03-04 00:00 - 00606136 _____ ( ) C:\Users\Jason\Downloads\CR_Downloader_for_kingdom-hearts---re-chain-of-memories.exe
2014-03-03 23:58 - 2014-03-03 23:55 - 00000000 ____D () C:\Program Files\PCSX2 1.2.1
2014-03-03 23:58 - 2011-10-30 19:58 - 00000000 ____D () C:\Windows\system32\directx
2014-03-03 23:57 - 2011-10-30 19:58 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-03-03 23:56 - 2014-03-03 23:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-03-03 23:55 - 2014-03-03 23:55 - 00001772 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2014-03-03 23:54 - 2014-03-03 23:52 - 15127264 _____ () C:\Users\Jason\Downloads\pcsx2-1.2.1-r5875-setup.exe
2014-03-03 23:46 - 2011-08-20 22:38 - 00000000 ____D () C:\Program Files\Common Files\Steam
2014-03-03 20:43 - 2014-03-03 16:07 - 00000000 ____D () C:\ProgramData\ProductData
2014-03-03 17:56 - 2008-01-27 15:07 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-03-03 17:50 - 2014-03-03 16:06 - 00001988 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-03-03 17:07 - 2014-03-03 17:07 - 00000000 ____D () C:\ProgramData\WindowsSearch
2014-03-03 16:47 - 2007-11-15 06:31 - 00000000 ____D () C:\Windows\Panther
2014-03-03 16:22 - 2013-09-02 00:46 - 58490880 _____ () C:\Windows\system32\config\software.iobit
2014-03-03 16:22 - 2013-09-02 00:46 - 45813760 _____ () C:\Windows\system32\config\components.iobit
2014-03-03 16:22 - 2013-09-02 00:46 - 00393216 _____ () C:\Windows\system32\config\default.iobit
2014-03-03 16:22 - 2013-09-02 00:46 - 00131072 _____ () C:\Windows\system32\config\sam.iobit
2014-03-03 16:22 - 2013-02-18 14:11 - 00000000 ____D () C:\Users\Jason
2014-03-03 16:21 - 2013-09-02 00:46 - 00028672 _____ () C:\Windows\system32\config\security.iobit
2014-03-03 16:07 - 2014-03-03 16:07 - 00001023 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-03-03 16:07 - 2014-03-03 16:07 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-03-03 16:07 - 2011-06-30 16:20 - 00000000 ____D () C:\ProgramData\IObit
2014-03-03 16:07 - 2011-06-30 16:18 - 00000000 ____D () C:\Program Files\IObit
2014-03-03 16:04 - 2013-02-18 14:11 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\IObit
2014-03-03 15:44 - 2008-01-27 20:33 - 00000000 ____D () C:\Program Files\Canon
2014-03-03 15:44 - 2007-11-15 07:12 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-03-03 15:42 - 2010-12-18 07:20 - 00000000 ___HD () C:\Program Files\Tnakfrhefzmwr
2014-03-03 15:41 - 2014-03-03 15:41 - 00109890 _____ () C:\Users\Jason\Documents\cc_20140303_154115.reg
2014-03-03 15:39 - 2014-03-03 15:39 - 00001057 _____ () C:\Users\Jason\Desktop\Spybot - Search & Destroy.lnk
2014-03-03 15:39 - 2014-03-03 15:39 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy
2014-03-03 15:38 - 2014-03-03 15:37 - 16409960 _____ (Safer Networking Limited ) C:\Users\Jason\Downloads\spybotsd162.exe
2014-03-03 15:36 - 2014-03-03 15:36 - 00000806 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-03 15:36 - 2014-03-03 15:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-03 15:34 - 2014-03-03 14:40 - 00000000 ____D () C:\Users\Jason\Desktop\antivirus
2014-03-03 15:33 - 2014-03-03 15:33 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\Lavasoft
2014-03-03 15:32 - 2014-03-03 15:32 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\LavasoftStatistics
2014-03-03 15:01 - 2008-01-27 15:17 - 00000000 ____D () C:\Program Files\Lavasoft
2014-03-03 15:00 - 2014-03-03 15:00 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-03-03 14:59 - 2008-01-27 15:17 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-03 14:48 - 2014-03-03 14:48 - 00008726 _____ () C:\Users\Jason\Documents\Attachzip.txt
2014-03-03 14:46 - 2014-03-03 14:47 - 00021735 _____ () C:\Users\Jason\Desktop\dds.txt
2014-03-03 14:42 - 2014-03-03 14:39 - 00000000 ____D () C:\Users\Jason\Desktop\Unused
2014-03-03 14:37 - 2014-03-03 14:37 - 00000000 _____ () C:\Users\Jason\defogger_reenable
2014-03-02 18:30 - 2013-09-02 21:19 - 00000000 ____D () C:\Program Files\World of Warcraft
2014-03-02 16:34 - 2006-11-02 05:18 - 00000000 ___RD () C:\Users\Public
2014-03-02 16:07 - 2006-11-02 04:33 - 00774056 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-28 05:44 - 2014-01-26 08:53 - 00000000 ____D () C:\Users\Jason\Desktop\New Folder
2014-02-26 03:16 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-02-20 12:47 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\nap
2014-02-17 13:14 - 2014-02-02 15:57 - 00000000 ____D () C:\Users\Jason\Documents\My Games
2014-02-17 13:11 - 2014-02-17 13:11 - 00002010 _____ () C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2014-02-17 13:03 - 2006-11-02 06:37 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-02-17 02:57 - 2014-02-17 02:53 - 2281804096 _____ () C:\Users\Jason\Downloads\Fable - The Lost Chapters.daa
2014-02-17 02:52 - 2014-02-15 23:58 - 00000000 ____D () C:\Users\Jason\Downloads\aop tweak  maximum edition
2014-02-17 02:35 - 2014-02-17 01:34 - 2281225788 ____R () C:\Users\Jason\Downloads\Fable - The Lost Chapters.rar
2014-02-16 22:11 - 2014-02-16 22:11 - 00002121 _____ () C:\Users\Public\Desktop\Borderlands 2.lnk
2014-02-16 21:58 - 2014-02-16 21:58 - 00000000 ____D () C:\Program Files\2K Games
2014-02-16 21:56 - 2014-03-02 16:34 - 3370956800 ____R () C:\Users\Public\sr-borderlands2.iso
2014-02-16 20:48 - 2013-06-27 03:26 - 00000000 ____D () C:\Program Files\Perfect World Entertainment
2014-02-16 20:37 - 2014-02-16 20:37 - 00001860 _____ () C:\Users\Public\Desktop\Arc.lnk
2014-02-16 18:17 - 2014-02-16 18:17 - 00000000 ____D () C:\Users\Jason\Documents\Games for Windows - LIVE Demos
2014-02-16 18:14 - 2006-11-02 05:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-02-16 11:44 - 2014-02-16 11:44 - 00000000 ____D () C:\Windows\system32\xlive
2014-02-16 11:44 - 2014-02-16 11:44 - 00000000 ____D () C:\Program Files\Microsoft Games for Windows - LIVE
2014-02-16 11:43 - 2014-02-16 11:43 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-02-16 11:43 - 2008-01-19 21:07 - 00000000 ____D () C:\Program Files\Common Files\Wise Installation Wizard
2014-02-16 07:18 - 2014-02-16 07:18 - 00000000 ____D () C:\Users\Jason\Documents\The Witcher
2014-02-16 07:18 - 2014-02-16 07:18 - 00000000 ____D () C:\Users\Jason\AppData\Local\The Witcher
2014-02-16 07:16 - 2014-02-16 07:16 - 00000000 ____D () C:\Users\Public\Documents\The Witcher
2014-02-15 19:41 - 2014-02-15 19:41 - 01018740 _____ () C:\Users\Jason\Downloads\aop tweak  maximum edition.zip
2014-02-14 10:31 - 2006-11-02 06:37 - 00000000 ____D () C:\Windows\twain_32
2014-02-14 01:06 - 2013-12-21 14:04 - 00000000 ____D () C:\ProgramData\saverroNe
2014-02-14 01:06 - 2013-12-21 14:03 - 00000000 ____D () C:\ProgramData\saVEErannet
2014-02-12 03:10 - 2013-07-28 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-12 03:05 - 2006-11-02 04:24 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-02-05 02:58 - 2014-02-12 03:00 - 12345344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-05 02:56 - 2014-02-12 03:00 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-05 02:53 - 2014-02-12 03:00 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-05 02:51 - 2014-02-12 03:00 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-05 02:50 - 2014-02-12 03:00 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-05 02:49 - 2014-02-12 03:00 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-05 02:49 - 2014-02-12 03:00 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-05 02:48 - 2014-02-12 03:01 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-05 02:48 - 2014-02-12 03:00 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-05 02:48 - 2014-02-12 03:00 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-05 02:48 - 2014-02-12 03:00 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-05 02:48 - 2014-02-12 03:00 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-05 02:47 - 2014-02-12 03:01 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-05 02:47 - 2014-02-12 03:01 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-05 02:47 - 2014-02-12 03:00 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-05 02:46 - 2014-02-12 03:00 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-03 11:13 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\registration
2014-02-03 11:12 - 2006-11-02 04:23 - 00000240 _____ () C:\Windows\win.ini
2014-02-03 11:09 - 2013-02-18 14:12 - 00109792 _____ () C:\Users\Jason\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-03 11:06 - 2006-11-02 06:47 - 00387256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-02 18:38 - 2014-02-02 18:38 - 00000000 ____D () C:\Users\Jason\AppData\Local\Skyrim
2014-02-02 18:11 - 2013-03-28 16:05 - 09952256 _____ () C:\Users\Jason\Desktop\A Slower Speed of Light.exe
2014-02-02 17:59 - 2014-02-02 17:59 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\PowerISO
2014-02-02 17:21 - 2014-02-02 17:12 - 00000000 ____D () C:\Users\Jason\Downloads\rzr-skrm
2014-02-02 15:57 - 2014-02-02 15:57 - 00000000 __RHD () C:\Users\Jason\AppData\Roaming\SecuROM
2014-02-02 15:56 - 2014-02-02 15:56 - 00000000 ____D () C:\Program Files\GameSpy
2014-02-02 15:53 - 2014-02-02 15:53 - 00669184 _____ () C:\Windows\system32\pbsvc.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00103736 _____ () C:\Windows\system32\PnkBstrB.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2014-02-02 15:53 - 2014-02-02 15:53 - 00022328 _____ () C:\Windows\system32\Drivers\PnkBstrK.sys
2014-02-02 15:53 - 2014-02-02 15:53 - 00022328 _____ () C:\Users\Jason\AppData\Roaming\PnkBstrK.sys
2014-02-02 15:53 - 2006-11-02 05:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-02-02 15:09 - 2014-02-01 20:12 - 00000000 ____D () C:\Users\Jason\Documents\Amnesia
2014-02-02 15:09 - 2013-02-18 14:11 - 00000000 ____D () C:\Users\Jason\AppData\Local\VirtualStore
2014-02-02 15:07 - 2014-02-02 15:07 - 00001959 _____ () C:\Users\Jason\Desktop\Amnesia.lnk
2014-02-02 15:07 - 2014-02-02 14:58 - 00000000 ____D () C:\Program Files\Amnesia - The Dark Descent
2014-02-02 14:05 - 2014-02-02 14:05 - 00000762 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-02-02 11:37 - 2014-01-26 11:19 - 00000000 ____D () C:\Users\Jason\Documents\Bandicam
2014-02-02 10:49 - 2014-02-02 10:49 - 01933048 _____ (Bleeping Computer, LLC) C:\Users\Jason\Downloads\rkill.exe
2014-02-02 10:33 - 2014-02-02 10:32 - 00000000 ____D () C:\Users\Public\New folder
2014-02-02 10:12 - 2014-02-02 09:42 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-02-02 10:12 - 2010-07-19 16:15 - 00000000 ____D () C:\ProgramData\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2014-02-02 10:12 - 2009-09-13 15:57 - 00000000 ____D () C:\ProgramData\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2014-02-02 10:12 - 2008-04-30 07:18 - 00000000 ____D () C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
2014-02-02 10:01 - 2014-02-02 09:42 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-02-02 09:47 - 2014-02-02 09:47 - 00000000 ____D () C:\Users\Jason\AppData\Roaming\TuneUp Software
2014-02-02 09:47 - 2006-11-02 06:37 - 00000000 ____D () C:\Program Files\Windows Sidebar
 
Some content of TEMP:
====================
C:\Users\Jason\AppData\Local\Temp\hcuninstaller_20140304_133530_4752.exe
C:\Users\Jason\AppData\Local\Temp\ICReinstall_CR_Downloader_for_naruto-shippuden---ultimate-ninja-4.exe
C:\Users\Jason\AppData\Local\Temp\Quarantine.exe
C:\Users\Jason\AppData\Local\Temp\Resource_AcceptRate.exe
C:\Users\Jason\AppData\Local\Temp\Resource_Toolbar.exe
C:\Users\Jason\AppData\Local\Temp\vcredist_2013_x86.exe
C:\Users\Jason\AppData\Local\Temp\wget.exe
C:\Users\Kara\AppData\Local\Temp\1371786419_Cloud_Backup_Setup.exe
C:\Users\Kara\AppData\Local\Temp\BackupSetup.exe
C:\Users\Kara\AppData\Local\Temp\oi_{51A8CC16-B2CF-4E58-BED2-4B1B2710C515}.exe
C:\Users\Kara\AppData\Local\Temp\vcredist_x86.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-04 21:51
 
==================== End Of Log ============================


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 05 March 2014 - 02:48 AM

Hi,

how is your computer running after the following steps? What problems are still present?


Step 1

Please download this attached Attached File  fixlist.txt   3.11KB   1 downloads and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

 

 

 

Step 2

Please download the ESET Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.

Note: Do not forget to re-enable your antivirus application after running the above scan!



#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:07 PM

Posted 19 March 2014 - 12:09 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users