Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hijack This decode


  • This topic is locked This topic is locked
24 replies to this topic

#16 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 37,062 posts
  • ONLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:01:11 AM

Posted 27 May 2014 - 02:37 PM

Hello Don 221,

 

The log file is not there in the post.  There is a second log also requested.  The instructions for producing that precede the instructions for Adware Cleaner.

 

Orange Blossom :cherry:


Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Internet Security, NoScript Firefox ext.


animinionsmalltext.gif

BC AdBot (Login to Remove)

 


#17 Don 221

Don 221
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 28 May 2014 - 09:46 AM

Jo,

 

Hope this is the information you wanted.   

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.05.21.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17107
Dons :: DONS-PC [administrator]

5/21/2014 12:55:25 PM
mbar-log-2014-05-21 (12-55-25).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 275350
Time elapsed: 22 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

 

# AdwCleaner v3.211 - Report created 28/05/2014 at 07:26:29
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dons - DONS-PC
# Running from : C:\Users\Dons\Videos\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\robotaskbaricon_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\robotaskbaricon_RASMANCS

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

*************************

AdwCleaner[R0].txt - [5165 octets] - [30/04/2014 17:28:38]
AdwCleaner[R10].txt - [749 octets] - [28/05/2014 07:26:29]
AdwCleaner[R1].txt - [805 octets] - [06/05/2014 09:32:45]
AdwCleaner[R2].txt - [884 octets] - [21/05/2014 13:57:38]
AdwCleaner[R3].txt - [943 octets] - [21/05/2014 14:00:21]
AdwCleaner[R4].txt - [1002 octets] - [21/05/2014 14:03:55]
AdwCleaner[R5].txt - [1062 octets] - [21/05/2014 14:05:09]
AdwCleaner[R6].txt - [1123 octets] - [21/05/2014 14:07:22]
AdwCleaner[R7].txt - [1365 octets] - [27/05/2014 12:26:30]
AdwCleaner[R8].txt - [1029 octets] - [28/05/2014 05:07:38]
AdwCleaner[R9].txt - [1485 octets] - [28/05/2014 05:36:39]
AdwCleaner[S0].txt - [4569 octets] - [30/04/2014 17:30:23]
AdwCleaner[S1].txt - [867 octets] - [06/05/2014 09:35:03]

########## EOF - C:\AdwCleaner\AdwCleaner[R10].txt - [1465 octets] ##########



#18 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:11 AM

Posted 28 May 2014 - 10:51 AM

Hello Don 221,

right click on AdwCleaner.exe to run the tool again.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • When the scan has finished, the actual line should say "Pending. Please uncheck elements you do not want to remove". Look through the scan results and uncheck any entries that you do not wish to remove.
  • This time, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

***


Please download Junkware Removal Tool from HERE and save it to your desktop.
Shutdown your antivirus to avoid any potential conflicts.
Right click JRT.exe to run the tool.
Vista / Windows 7/8 users right-click and select Run As Administrator.
  • JRT will begin to backup your registry and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, the log JRT.txt is saved on your desktop and will automatically open.
Enable your antivirus!
Post the contents of JRT.txt into your next reply.



***


Run OTL again.
  • Right click on the icon to run it.
    Vista / Windows 7/8 users right-click and select Run As Administrator.
  • Make sure all other windows are closed and to let it run uninterrupted.
  • When the window appears, underneath Output at the top change it to Minimal Output.
  • don't check the boxes beside LOP Check and Purity Check this time.
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window OTL.Txt.
  • Please copy (Edit->Select All, Edit->Copy) the content of the file and post it with your next reply.

***


How the computer is running now?



***


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#19 Don 221

Don 221
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 28 May 2014 - 03:03 PM

Jo, I think this will take care of the current request.  I have followed your instruction completely

Thank you

 

OTL logfile created on: 5/28/2014 12:37:43 PM - Run 7
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Dons\Videos\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.96 Gb Total Physical Memory | 5.77 Gb Available Physical Memory | 72.54% Memory free
15.92 Gb Paging File | 13.41 Gb Available in Paging File | 84.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 906.19 Gb Total Space | 604.67 Gb Free Space | 66.73% Space Free | Partition Type: NTFS
 
Computer Name: DONS-PC | User Name: Dons | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (Siber Systems)
PRC - C:\Users\Dons\Videos\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe (BillP Studios)
PRC - C:\Users\Dons\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
PRC - C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe (SlimWare Utilities, Inc.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe (SlimWare Utilities, Inc.)
PRC - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe (Firetrust)
PRC - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
PRC - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
PRC - C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files\ASUS\Rotation Desktop for G Series\AsusUacSvc.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Entity\e1a31634a43becfaae07ce060f2d215b\System.Data.Entity.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data7706cdc8#\63a45b1c847f54f37f06512b2894e84f\System.Data.DataSetExtensions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio49d6fefe#\47e7fc401facd4a5d3f2237f16948f36\PresentationFramework-SystemXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio84a7b877#\af02d03484578dbc357d1df8d1b6fd01\PresentationFramework-SystemData.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsForm0b574481#\1ab52f8951c2ab97592ec25830dd5165\WindowsFormsIntegration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationProvider\c94c36c9ae776de930f2aacb6dd51c38\UIAutomationProvider.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\6bbed231aec6fd82547e09474da0b2f9\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\4c8a153aa66fcd62db6fff269a2ef2b4\System.Numerics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\e7e7e3b82e91028e6ed05189f837ea13\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Firetrust\MailWasher\MWPappDLL.dll ()
MOD - C:\Program Files (x86)\Firetrust\MailWasher\MWPBridgeDLL.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Program Files (x86)\Firetrust\MailWasher\FTBridge.dll ()
MOD - C:\Program Files (x86)\Firetrust\MailWasher\FTClientNode.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (SlimService) -- C:\Program Files\SlimCleaner Plus\SlimServiceFactory.exe (SlimWare Utilities, Inc.)
SRV:64bit: - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (WTabletServicePro) -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Wacom Technology, Corp.)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe (Intel® Corporation)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel® Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel® Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel® Corporation)
SRV:64bit: - (AsusUacSvc) -- C:\Program Files\ASUS\Rotation Desktop for G Series\AsusUacSvc.exe ()
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (btwdins) -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV:64bit: - (VIAKaraokeService) -- C:\Windows\SysNative\ViakaraokeSrv.exe (VIA Technologies, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (MbaeSvc) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe (Malwarebytes Corporation)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE (Microsoft Corporation.)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (afcdpsrv) -- C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (syncagentsrv) -- C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Acronis)
SRV - (AcrSch2Svc) -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis)
SRV - (nlsX86cc) -- C:\Windows\SysWOW64\nlssrv32.exe (Nalpeiron Ltd.)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe (ASUS)
SRV - (FanChkService) -- C:\Program Files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe (ASUSTek Computer Inc.)
SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (YahooAUService) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe (Yahoo! Inc.)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (SWDUMon) -- C:\Windows\SysNative\drivers\SWDUMon.sys ()
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (WacHidRouter) -- C:\Windows\SysNative\drivers\wachidrouter.sys (Wacom Technology)
DRV:64bit: - (wacomrouterfilter) -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys (Wacom Technology)
DRV:64bit: - (hidkmdf) -- C:\Windows\SysNative\drivers\hidkmdf.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (tdrpman) -- C:\Windows\SysNative\drivers\tdrpman.sys (Acronis International GmbH)
DRV:64bit: - (afcdp) -- C:\Windows\SysNative\drivers\afcdp.sys (Acronis)
DRV:64bit: - (tib) -- C:\Windows\SysNative\drivers\tib.sys (Acronis International GmbH)
DRV:64bit: - (tib_mounter) -- C:\Windows\SysNative\drivers\tib_mounter.sys (Acronis)
DRV:64bit: - (vididr) -- C:\Windows\SysNative\drivers\vididr.sys (Acronis International GmbH)
DRV:64bit: - (vidsflt) -- C:\Windows\SysNative\drivers\vidsflt.sys (Acronis International GmbH)
DRV:64bit: - (snapman) -- C:\Windows\SysNative\drivers\snapman.sys (Acronis)
DRV:64bit: - (fltsrv) -- C:\Windows\SysNative\drivers\fltsrv.sys (Acronis International GmbH)
DRV:64bit: - (tbhsd) -- C:\Windows\SysNative\drivers\tbhsd.sys (RapidSolution Software AG)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.)
DRV:64bit: - (PSKMAD) -- C:\Windows\SysNative\drivers\PSKMAD.sys (Panda Security, S.L.)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver.sys (Synaptics Incorporated)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel® Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (ssmirrdr) -- C:\Windows\SysNative\drivers\ssmirrdr.sys (support.com, Inc)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (AgereSoftModem) -- C:\Windows\SysNative\drivers\agrsm64.sys (LSI Corp)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV - (ESProtectionDriver) -- C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys ()
DRV - (AiCharger) -- C:\Windows\SysWOW64\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV - (ATKWMIACPIIO_) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://news.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFD_enUS553
IE - HKCU\..\SearchScopes\7C3F0EDD5DAA4C638CABB118A333AFB9: "URL" = http://www2.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80273&iwk=296&lng=en
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;<local>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@DailyBibleGuide.com/Plugin: C:\Program Files (x86)\DailyBibleGuide\bar\1.bin\NP2vStub.dll File not found
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@citrixonline.com/appdetectorplugin: C:\Users\Dons\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013/09/07 12:21:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/12/17 18:09:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014/05/21 16:08:58 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013/12/17 18:09:27 | 000,000,000 | ---D | M]
 
[2014/01/16 12:11:31 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dons\AppData\Roaming\Mozilla\Extensions
 
O1 HOSTS File: ([2009/06/10 14:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dll ()
O2 - BHO: (Bing Bar Helper) - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O2 - BHO: (WOT Helper) - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll ()
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {2a942ab7-2073-49bc-a7e1-77e93835889a} - No CLSID value found.
O3 - HKLM\..\Toolbar: (WOT) - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (WOT) - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll ()
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis)
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\Run: [AcronisTibMounterMonitor] C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Acronis)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [ProcessTamer] C:\Program Files (x86)\ProcessTamer\ProcessTamerTray.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUSTeK Computer Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Dons\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\Run: [SlimCleaner Plus] C:\Program Files\SlimCleaner Plus\SlimCleanerPlus.exe (SlimWare Utilities, Inc.)
O4 - HKCU..\Run: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe (BillP Studios)
O4 - HKLM..\RunOnce: [PromoteInstaller] C:\ProgramData\Promote Installer\Starter.exe ()
O4 - Startup: C:\Users\Dons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk = C:\Program Files (x86)\Firetrust\MailWasher\MailWasherPro.exe (Firetrust)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoThumbnailCache = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSaveSettings = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra 'Tools' menuitem : Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} http://support.asus.com/select/asusTek_sys_ctrl3.cab (asusTek_sysctrl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 76.14.96.13 76.14.96.14
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3771B519-3C29-462E-A452-E8B701A7A3A6}: DhcpNameServer = 192.168.1.1 76.14.96.13 76.14.96.14
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll ()
O18 - Protocol\Handler\wot {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (auto_reactivate \\?\GLOBALROOT\Device\HarddiskVolume1\EFI\Acronis\bootwiz.efi)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/05/28 12:11:14 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/05/28 11:42:55 | 001,016,261 | ---- | C] (Thisisu) -- C:\Users\Dons\Videos\Desktop\JRT.exe
[2014/05/27 18:23:36 | 000,000,000 | ---D | C] -- C:\Users\Dons\mbar
[2014/05/27 12:44:26 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Dons\Videos\Desktop\mbar-1.07.0.1009 (1).exe
[2014/05/26 18:35:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Promote Installer
[2014/05/24 08:06:28 | 000,000,000 | ---D | C] -- C:\Program Files\WOT
[2014/05/24 08:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WOT
[2014/05/23 07:20:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Google
[2014/05/21 12:55:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[2014/05/21 12:54:18 | 000,000,000 | ---D | C] -- C:\Users\Dons\Videos\Desktop\mbar
[2014/05/21 09:32:40 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dons\Videos\Desktop\OTL.exe
[2014/05/20 08:57:29 | 000,000,000 | ---D | C] -- C:\Users\Dons\AppData\Roaming\DonationCoder
[2014/05/20 08:57:27 | 000,000,000 | ---D | C] -- C:\Users\Dons\Music\Documents\DonationCoder
[2014/05/20 08:29:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DonationCoder
[2014/05/20 08:29:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProcessTamer
[2014/05/20 08:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ProcessTamer
[2014/05/17 10:52:33 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2014/05/17 10:52:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2014/05/17 10:52:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2014/05/16 09:39:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
[2014/05/16 09:39:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Exploit
[2014/05/15 13:08:50 | 000,000,000 | --SD | C] -- C:\Windows\SysNative\CompatTel
[2014/05/15 13:07:02 | 000,477,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/15 13:07:01 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/14 20:08:01 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/14 20:08:01 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/14 20:06:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/05/14 19:59:04 | 001,460,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2014/05/14 19:59:02 | 003,969,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2014/05/14 19:59:01 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2014/05/14 19:59:00 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winlogon.exe
[2014/05/14 19:58:58 | 000,722,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\objsel.dll
[2014/05/14 19:58:57 | 005,550,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2014/05/14 19:58:56 | 000,538,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\objsel.dll
[2014/05/14 19:58:56 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2014/05/14 19:58:52 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cngprovider.dll
[2014/05/14 19:58:52 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\adprovider.dll
[2014/05/14 19:58:52 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dimsroam.dll
[2014/05/14 19:58:52 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dimsroam.dll
[2014/05/14 19:58:51 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cngprovider.dll
[2014/05/14 19:58:51 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\adprovider.dll
[2014/05/14 19:58:50 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\capiprovider.dll
[2014/05/14 19:58:50 | 000,052,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dpapiprovider.dll
[2014/05/14 19:58:50 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\capiprovider.dll
[2014/05/14 19:58:50 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dpapiprovider.dll
[2014/05/14 19:58:48 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspicli.dll
[2014/05/14 19:58:46 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wincredprovider.dll
[2014/05/14 19:58:45 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wincredprovider.dll
[2014/05/14 19:58:44 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\sspisrv.dll
[2014/05/14 19:58:44 | 000,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secur32.dll
[2014/05/14 08:06:19 | 000,000,000 | ---D | C] -- C:\Users\Dons\AppData\Local\Macromedia
[2014/05/14 08:01:46 | 000,000,000 | ---D | C] -- C:\Users\Dons\AppData\Local\Mozilla
[2014/05/14 08:01:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/05/13 17:29:25 | 000,000,000 | ---D | C] -- C:\Users\Dons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
[2014/05/13 17:29:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Trend Micro
[2014/05/13 17:25:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PrivaZer
[2014/05/12 09:46:41 | 000,000,000 | ---D | C] -- C:\Users\Dons\Music\Documents\OneNote Notebooks
[2014/05/07 07:40:25 | 000,040,392 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvvad64v.sys
[2014/05/07 07:40:25 | 000,034,760 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvaudcap32v.dll
[2014/05/03 21:52:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ThePluginSite
[2014/04/30 17:28:34 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/30 17:13:17 | 000,000,000 | ---D | C] -- C:\Users\Dons\AppData\Roaming\Oracle
[2014/04/30 17:12:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/04/30 17:12:27 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/04/30 17:12:24 | 000,175,528 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/04/30 17:12:24 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/04/30 17:12:24 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/04/30 17:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/04/30 17:12:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/04/30 12:02:11 | 000,000,000 | ---D | C] -- C:\Users\Dons\Music\Documents\Blitz Media Player
[2014/04/30 12:01:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Yahoo!
[2014/04/30 12:01:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yahoo!
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/05/28 12:21:00 | 000,000,428 | ---- | M] () -- C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - Dons).job
[2014/05/28 12:14:47 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/05/28 12:13:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/28 12:13:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/28 12:09:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/28 12:05:32 | 000,000,062 | ---- | M] () -- C:\Users\Dons\AppData\Roaming\sp_data.sys
[2014/05/28 12:04:58 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/28 12:04:58 | 000,000,408 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
[2014/05/28 12:03:07 | 000,016,152 | ---- | M] () -- C:\Windows\SysNative\drivers\SWDUMon.sys
[2014/05/28 12:00:40 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/28 11:56:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/28 11:43:13 | 001,016,261 | ---- | M] (Thisisu) -- C:\Users\Dons\Videos\Desktop\JRT.exe
[2014/05/28 03:58:21 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/05/27 12:44:36 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Dons\Videos\Desktop\mbar-1.07.0.1009 (1).exe
[2014/05/27 12:24:08 | 001,327,971 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\AdwCleaner.exe
[2014/05/26 09:03:46 | 009,740,288 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\Quicken Backups2.QDF
[2014/05/26 08:42:11 | 000,356,464 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\Quicken Backups2OFXLOG.DAT
[2014/05/23 07:41:13 | 005,036,496 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/23 07:29:36 | 000,001,382 | ---- | M] () -- C:\Users\Dons\Music\Documents\cc_20140523_072929.reg
[2014/05/23 07:21:16 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/05/21 09:32:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dons\Videos\Desktop\OTL.exe
[2014/05/21 09:24:07 | 000,854,367 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\SecurityCheck.exe
[2014/05/20 08:57:29 | 000,000,046 | ---- | M] () -- C:\Windows\SysWow64\DonationCoder_processtamer_InstallInfo.dat
[2014/05/20 08:57:29 | 000,000,046 | ---- | M] () -- C:\Users\Dons\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
[2014/05/19 05:35:47 | 000,005,940 | ---- | M] () -- C:\Users\Dons\Music\Documents\cc_20140519_053536.reg
[2014/05/16 17:21:43 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/05/16 09:39:56 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
[2014/05/15 08:22:37 | 000,783,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/05/15 08:22:37 | 000,663,086 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/05/15 08:22:37 | 000,122,664 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/05/14 11:09:37 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/05/14 11:09:37 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/05/13 17:29:25 | 000,002,977 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\HiJackThis.lnk
[2014/05/13 17:25:16 | 000,001,887 | ---- | M] () -- C:\Users\Public\Desktop\PrivaZer.lnk
[2014/05/12 07:26:10 | 000,063,704 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/05/12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/05/08 23:14:03 | 000,477,184 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aepdu.dll
[2014/05/08 23:11:23 | 000,424,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\aeinv.dll
[2014/05/06 06:50:00 | 000,000,210 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\MapQuest Maps - Driving Directions - Map.url
[2014/05/05 20:00:47 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/05/05 19:10:52 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/05/05 18:30:22 | 000,002,154 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\Perfect Photo Suite 7.lnk
[2014/05/05 18:30:00 | 000,045,523 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\Digital Photo Mentor Lessons - Week #4 Six steps to becoming a better photographer.eml
[2014/05/05 18:28:02 | 000,029,079 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\Digital Photo Mentor Lessons - Week #3 Getting into action!.eml
[2014/05/05 18:27:30 | 000,026,827 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\Thank you and welcome to Digital Photo Mentor Dgm21 !.eml
[2014/05/05 18:27:30 | 000,011,507 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\ 6 Common Lightroom Catalog Questions – Ask Darlene.eml
[2014/05/05 18:27:29 | 000,011,421 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\How to Give Your Pictures an Authentic Vintage Appearance.eml
[2014/05/05 18:27:29 | 000,003,302 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\Thanks for signing up - one more step to go! Confirm and receive your Ebook next! .eml
[2014/05/05 17:15:04 | 000,049,554 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\Acknowlegment  for SO C2598712 (1).pdf
[2014/05/03 21:53:50 | 000,917,510 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\FocalBlade2Manual.pdf
[2014/04/30 17:12:19 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/04/30 17:12:17 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/04/30 17:12:17 | 000,175,528 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/04/30 17:12:17 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/04/30 12:01:43 | 000,910,843 | ---- | M] () -- C:\Users\Dons\Videos\Desktop\manuals.pdf
[2014/04/30 11:29:25 | 001,081,112 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvspcap.dll
[2014/04/30 11:29:03 | 001,225,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvspcap64.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/05/27 12:23:51 | 001,327,971 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\AdwCleaner.exe
[2014/05/23 07:33:56 | 005,036,496 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/05/23 07:29:33 | 000,001,382 | ---- | C] () -- C:\Users\Dons\Music\Documents\cc_20140523_072929.reg
[2014/05/21 09:23:53 | 000,854,367 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\SecurityCheck.exe
[2014/05/20 08:57:29 | 000,000,046 | ---- | C] () -- C:\Windows\SysWow64\DonationCoder_processtamer_InstallInfo.dat
[2014/05/20 08:57:29 | 000,000,046 | ---- | C] () -- C:\Users\Dons\AppData\Local\DonationCoder_processtamer_InstallInfo.dat
[2014/05/19 05:35:42 | 000,005,940 | ---- | C] () -- C:\Users\Dons\Music\Documents\cc_20140519_053536.reg
[2014/05/16 09:39:56 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
[2014/05/15 11:37:29 | 000,002,101 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2014/05/13 17:29:25 | 000,002,977 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\HiJackThis.lnk
[2014/05/06 06:50:00 | 000,000,210 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\MapQuest Maps - Driving Directions - Map.url
[2014/05/05 18:30:00 | 000,045,523 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\Digital Photo Mentor Lessons - Week #4 Six steps to becoming a better photographer.eml
[2014/05/05 18:28:02 | 000,029,079 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\Digital Photo Mentor Lessons - Week #3 Getting into action!.eml
[2014/05/05 18:27:29 | 000,026,827 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\Thank you and welcome to Digital Photo Mentor Dgm21 !.eml
[2014/05/05 18:27:29 | 000,011,507 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\ 6 Common Lightroom Catalog Questions – Ask Darlene.eml
[2014/05/05 18:27:29 | 000,011,421 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\How to Give Your Pictures an Authentic Vintage Appearance.eml
[2014/05/05 18:27:29 | 000,003,302 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\Thanks for signing up - one more step to go! Confirm and receive your Ebook next! .eml
[2014/05/05 17:15:05 | 000,049,554 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\Acknowlegment  for SO C2598712 (1).pdf
[2014/05/03 21:53:50 | 000,917,510 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\FocalBlade2Manual.pdf
[2014/05/02 12:53:48 | 000,001,887 | ---- | C] () -- C:\Users\Public\Desktop\PrivaZer.lnk
[2014/04/30 12:01:42 | 000,910,843 | ---- | C] () -- C:\Users\Dons\Videos\Desktop\manuals.pdf
[2014/03/26 19:08:49 | 000,000,062 | ---- | C] () -- C:\Users\Dons\AppData\Roaming\sp_data.sys
[2014/03/02 20:46:02 | 000,000,047 | ---- | C] () -- C:\Users\Dons\AppData\Roaming\WB.CFG
[2014/02/02 02:56:33 | 000,000,024 | ---- | C] () -- C:\Windows\SetupTemp.ini
[2013/12/17 18:06:12 | 000,200,480 | ---- | C] () -- C:\Windows\hpoins16.dat
[2013/12/17 18:06:12 | 000,003,770 | ---- | C] () -- C:\Windows\hpomdl16.dat
[2013/11/26 09:18:23 | 144,752,885 | ---- | C] () -- C:\Users\Dons\AppData\Local\ACCCx2_2_1_260.zip.aamdownload
[2013/11/26 09:18:23 | 000,001,732 | ---- | C] () -- C:\Users\Dons\AppData\Local\ACCCx2_2_1_260.zip.aamdownload.aamd
[2013/10/29 19:34:26 | 000,000,004 | ---- | C] () -- C:\Users\Dons\AppData\Roaming\cache.ini
[2013/09/14 12:37:55 | 000,655,333 | ---- | C] () -- C:\Windows\hpoins16.dat.temp
[2013/09/08 06:52:10 | 000,007,622 | ---- | C] () -- C:\Users\Dons\AppData\Local\resmon.resmoncfg
[2013/09/08 06:23:11 | 000,000,090 | ---- | C] () -- C:\Windows\SysWow64\ftm31.dat
[2013/09/07 14:33:37 | 000,003,770 | ---- | C] () -- C:\Windows\hpomdl16.dat.temp
[2013/09/07 13:13:29 | 000,000,126 | ---- | C] () -- C:\Windows\QUICKEN.INI
 
========== ZeroAccess Check ==========
 
[2009/07/13 21:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 19:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 19:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 18:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 05:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 18:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 256 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 1339 bytes -> C:\Users\Dons\Videos\Desktop\Thanks for signing up - one more step to go! Confirm and receive your Ebook next! .eml:OECustomProperty
@Alternate Data Stream - 1331 bytes -> C:\Users\Dons\Videos\Desktop\Digital Photo Mentor Lessons - Week #4 Six steps to becoming a better photographer.eml:OECustomProperty
@Alternate Data Stream - 1187 bytes -> C:\Users\Dons\Videos\Desktop\Digital Photo Mentor Lessons - Week #3 Getting into action!.eml:OECustomProperty
@Alternate Data Stream - 1175 bytes -> C:\Users\Dons\Videos\Desktop\How to Give Your Pictures an Authentic Vintage Appearance.eml:OECustomProperty
@Alternate Data Stream - 1151 bytes -> C:\Users\Dons\Videos\Desktop\Thank you and welcome to Digital Photo Mentor Dgm21 !.eml:OECustomProperty
@Alternate Data Stream - 1139 bytes -> C:\Users\Dons\Videos\Desktop\ 6 Common Lightroom Catalog Questions – Ask Darlene.eml:OECustomProperty
@Alternate Data Stream - 1115 bytes -> C:\Users\Dons\Videos\Desktop\Photoshop Star Newsletter_ Issue #30.eml:OECustomProperty

< End of report >

 

 # AdwCleaner v3.211 - Report created 28/05/2014 at 11:57:10
# Updated 26/05/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Dons - DONS-PC
# Running from : C:\Users\Dons\Videos\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\robotaskbaricon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\robotaskbaricon_RASMANCS
Key Deleted : HKCU\Software\AppDataLow\Software

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041

*************************

AdwCleaner[R0].txt - [5165 octets] - [30/04/2014 17:28:38]
AdwCleaner[R10].txt - [1546 octets] - [28/05/2014 07:26:29]
AdwCleaner[R11].txt - [1607 octets] - [28/05/2014 11:49:06]
AdwCleaner[R1].txt - [805 octets] - [06/05/2014 09:32:45]
AdwCleaner[R2].txt - [884 octets] - [21/05/2014 13:57:38]
AdwCleaner[R3].txt - [943 octets] - [21/05/2014 14:00:21]
AdwCleaner[R4].txt - [1002 octets] - [21/05/2014 14:03:55]
AdwCleaner[R5].txt - [1062 octets] - [21/05/2014 14:05:09]
AdwCleaner[R6].txt - [1123 octets] - [21/05/2014 14:07:22]
AdwCleaner[R7].txt - [1365 octets] - [27/05/2014 12:26:30]
AdwCleaner[R8].txt - [1029 octets] - [28/05/2014 05:07:38]
AdwCleaner[R9].txt - [1485 octets] - [28/05/2014 05:36:39]
AdwCleaner[S0].txt - [4569 octets] - [30/04/2014 17:30:23]
AdwCleaner[S1].txt - [867 octets] - [06/05/2014 09:35:03]
AdwCleaner[S2].txt - [1534 octets] - [28/05/2014 11:57:10]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1594 octets] ##########

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Dons on Wed 05/28/2014 at 12:18:15.31
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\fixcleaner
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0631BFF0-6846-48CA-982D-D62D7F376E97}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BEEA7FA9-D1F4-49A2-9B1F-6FB7A2D9BC2A}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\Users\Dons\AppData\Roaming\fixcleaner"
Successfully deleted: [Folder] "C:\Users\Dons\appdata\locallow\dailybibleguide"
Successfully deleted: [Folder] "C:\Users\Dons\appdata\locallow\dictionaryboss"
Successfully deleted: [Folder] "C:\Program Files (x86)\fixcleaner"
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{01F34CF6-9B5B-4030-A5F7-C08E9326D936}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{030FB640-9946-4DB3-BF89-600604DB9C60}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{032B44A3-CB42-48A0-A592-087D51774AC8}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{034A4D6B-B4E7-470C-8972-57F486712E0E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{03C28B43-B890-4E01-AEC1-41F53DF6E37C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{04269BF9-58F1-4C94-8B63-D508774B354A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{0574A312-8BCE-4622-907A-14D293E7BE26}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{07740386-7B30-48A4-AE50-BC34996C574C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{079182F9-1F41-490D-8933-1755FBE559CE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{07E22619-A076-4A04-87D3-7ACB7FE7125D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{08A15201-D447-4604-9218-7F0244C862A0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{0A9F685A-C67F-41A8-B4E3-7AF575E465BF}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{0AA65413-2B52-497E-8118-465CD54C827E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{0BF8D8B6-4124-4F65-85B7-5058EDC3848A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{0F8DDE80-B352-43B7-A1BF-ED8DC0C928D1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1120AFEA-4540-4BCA-A08D-A9384C916DFE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1157BA6B-908B-49CC-80D3-150E78D9F7F9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{11EB5D98-D67E-4C65-A3F2-1B3C201746A0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{12878CC9-0412-4841-943E-DDCDEB7B0D2B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{12FC1161-9561-4B1B-877B-19E7D2700E6D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{13C59996-5169-4909-B57B-127EAD053664}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{14448908-212E-4472-8838-C201F01449B4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{14D0843F-745B-4967-886D-54DE75373A1B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{14F81F7E-B6DC-4A47-84C8-01309816AEEF}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1511F84D-90B5-4DB6-A8CF-E6FCC16ED3CB}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{15784224-A064-4994-B8EA-13F6B046D10E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{15B4B075-B571-422C-9BA8-43C8CEEAFBAF}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1670BE6A-585B-49F3-999B-E9536B5CC3DD}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{167472EA-E03B-411A-BD1B-1C13274D6FB3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{183736A2-FCC5-4656-85B9-D5C2637B2A50}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1855E040-3E34-4946-A651-C589485C730C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{186A2ECD-7227-4D60-86E9-FE14A77D69AB}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{18C0D2C7-FDE6-4D5F-879F-D29FABE3884E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{18F39274-FA8D-4766-A327-5A524E28D2A4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{19ECB186-29D1-4305-AED9-096F275A01CA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1A41EF45-E35D-4063-AF5F-F166C4BA1D43}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1AE2233A-B519-4127-B2F7-4351F4BE3261}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1B0D4E03-7F2A-49AF-885C-C9D975956340}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1B485029-9755-42B0-8216-EE4481EB22CA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1C5A5C7F-A6C3-4E84-B814-F52FD5725D49}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1CF1CFEF-EBF1-4A30-BF6D-F8167F601C4E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1D96A0F8-C438-4975-B33C-A58CED16B314}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{1F30F1F0-B6BF-42DF-97AE-C2C606F9E4B1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{20F22E1D-80D2-4848-9BE3-5042BFCB7733}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{212CBD21-9E98-427E-A577-157CFA5BE6D6}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{21C23BEF-A781-4329-9FD0-41FEDE8A6C92}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{21C3AF90-3FBC-4345-B2B6-F48A3643B104}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2249218E-F907-4730-9606-10970AFFC64C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{23B00D5D-4BC8-423C-97AB-AA7983CEC701}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{23BE2A56-4891-4FBE-A81E-49743B39BBEE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{23F5B741-A1A3-4764-8C86-28875366371A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{24874233-7A59-4FAA-9BB2-9AA30D74ECF3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{24D4F543-7E2A-4F3E-A438-73DBB62D2290}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{255177DC-5B66-47BE-848D-7B7FBC9622DE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{255FA03F-00B5-4B64-836E-C643D1D1915D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{25B2B56A-459F-4B50-8E20-672BEDF4F17C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2771E3D2-39D4-4C6C-8DCE-54B9F6502F83}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{27B788CB-40C5-4E59-90B9-AF9115042D06}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2894FA34-1E3F-4A36-9004-859E6FC3732B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{28C97AB7-690F-4A22-98A2-75FC654F02A0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{29AF1F04-D41A-4F65-88D5-29967196250E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2A075C0B-A74D-4E26-AB21-DCC8BBE9B611}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2AB18CD8-464E-42F0-BF90-5A8B42A46D37}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2AD85B15-5861-4236-BA9F-73427B0522C1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2AE64DA7-A38A-487B-899D-A5A4341CE825}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2B67FDE8-8EE1-40FF-867D-5245E28522FF}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2BEFCF10-3CCE-4952-902E-F87BBE1A7DB2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2D68B72B-CC5F-4AC8-97B8-203A5656F88F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2D68FB9A-8E8B-4515-B9A7-DF2D25CBB40C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2DB753D3-AD94-4844-B696-B0CCD0B09101}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2DCA7B8A-F80F-4943-9575-6E3945A97738}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2E39BFDB-3A7A-494C-9172-86E8EAB8F22A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2E64D0D4-148C-48AA-BC0D-670E377B216D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2F0E2091-66E4-4B8D-84D4-BBBDEA62D3A5}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2F357360-F80B-4F6C-8302-A41879E84C80}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2F675FD7-FE0E-4414-B8CC-263BF32E7B95}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{2FFD68CE-5BA2-41C9-94AC-93D75D6B89E9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{31AECD63-D44C-48FE-84CE-518F57C3506E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{31ED02F3-A7D3-4AF2-B831-21DD826159F6}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3384B03A-2580-4937-9729-BED63E2AC79E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{34C7C3AA-D159-4DDA-A82D-F00C9B8728D0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{35644BED-7001-4CAB-8EFB-87C70D96FE11}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{35B5C496-A2B8-4991-8A86-1A98E25741D7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3639B71C-D729-49B4-B227-9E42EA4FD690}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{37DCF57E-48AD-4C16-8DAD-30553D120518}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3A9CB526-9446-44DC-A9C2-5609114AF4B3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3ACFD628-0643-4A83-BE9B-D199FC7EF403}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3AD45001-2F57-4920-A6F8-E120C1BEB827}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3B238960-DCF1-41EE-8F67-FCF9C733C1A8}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3B4EFCC2-9CD6-4FD3-A5B1-7CF10CEF17B3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3CB354DD-A962-44D1-808D-E943940C7CE4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3D342A67-6A14-4B24-B667-4E721D00922E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3DEE87E7-7A70-4619-A573-EBA5B6788FDC}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3EE47EF8-C562-4C91-80EE-2EC54D3B0642}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3F6724B1-61E4-4028-8526-3710CA316FD7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3FEAA54E-2A91-4F83-A810-3A8E3C5CC24D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{3FFEF0D7-11B8-4B5C-9BA2-0697AEB9988E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{40819C14-9516-451D-8B1A-1BC5A1A90C33}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{40CD8F8C-B0B6-4B50-87B2-0DD7BA69CB28}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{429DC0C2-E390-487F-B055-3554B66F7DCF}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{445E1E46-DCE5-48A1-B164-66FE20CA23FE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{44CA5B6E-2156-4072-8C54-AF33D38AA8F0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{45AB2DA3-6430-4927-A53F-9CE47C67B5B9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{46D32175-DCFA-417B-9997-252DF7F3CDC2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{46E7A374-02C9-47B4-893C-4F0B3C3701C1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{47AA9F80-6915-4437-A129-676C497E5F76}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{48CE41D5-5104-42F7-A6D8-FAD734A9F0E4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{49434962-901B-4A5A-853F-8CD1337E3421}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{497D8C2E-D13C-4176-AC9D-4BBBAA1C06A2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{499651C3-C079-455B-9F98-6C86B5C3EF97}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{4BB56167-7AAA-4CB0-8904-78FF3DCA91F5}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{4BC27A4D-4B11-4176-BD32-7290772A5BCA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{4C6C995C-D538-43D6-B852-A95FE9669FC6}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{4CC1FDAD-FF33-4318-AB2C-066E70327FC0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{4D6766FA-3DED-41E1-A732-F38BF1EC1568}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{4D7AA899-D96A-477C-93BD-35E811A7017F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{4DA23B8B-8315-44AA-B4C3-9A87B4EBFA7C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{4E56BACA-0EB5-47DA-A9CA-BBC16E26F337}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{52A0D05C-1756-4C1B-96A5-3F01F76C21AA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{5587F00E-BA8A-4ECD-A22A-F08061988C1E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{55B9FFC6-2126-4157-9D2A-029D54FF052D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{55C1B827-EFE2-4F4A-A38B-08796DEFF76C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{5726ADA7-DFC9-4D6A-A592-CF8BC20C7015}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{57CA75A8-6316-43B9-A25B-BFE261E99D95}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{57CEBB36-4EC4-42D4-945F-000779F1B3C5}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{57D4F5C3-8646-4D7D-8320-0AB2C5ACA2EF}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{581357F1-AD44-4BAD-A9B1-26D7C409A350}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{59D833D4-9BB6-4B04-934F-258586862C5B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{5C03EA61-5733-450D-9B89-1521B23B341B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{5CC09BE1-177C-44F8-B91D-7955D3E1C8FE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{5DA47FCE-4BA6-484D-907F-EB53D3E05391}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{5DD42AFF-1B0F-4E6A-AF02-B5D29EAD7374}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{5F7974A0-F386-4FDE-AB25-93F1900CA73D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{5FAEB24A-EE3D-4C88-A7DC-13D786E53067}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{603ACB39-0428-4A46-BFA1-7FF04A794D3A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{603FA792-A85B-4768-AAB9-DEF8CA6DCCB2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{60674FD9-8719-425E-B7B7-E9BAEE2FF307}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{60BAD29F-E038-4C83-82C5-D240AA92AE43}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{60DA4E3A-9B59-46FA-88EC-DAD6C4A51D59}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{611D23A4-F6B2-412D-B4AD-6F56FF26417F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{612377AE-21A9-4482-AD00-67A7FCBD5DA6}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{61FA71AA-0315-4EE5-959D-C2258007BCFC}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6222D760-433E-44CD-B286-4DB3BC8D6BF2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{657BBD19-6AC8-4732-920A-B5360752F8E2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{657C948E-BB7E-465E-AB5D-46A133E6708B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{65E73747-1A1F-4053-894D-4BE31048EF1B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{65FCCE44-F965-4758-8657-5D790F2256E4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6640892A-0D3E-4DF5-A42C-A37B035D59B3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{66AEE68E-C559-4125-808A-67242E993681}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{66F74DBB-6F5E-46BA-9FCE-8120E5E30E86}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{67A8DB4F-D447-487E-8DBC-0548E6170E79}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6842B0A1-E06D-4EC6-92B2-BF5210BAA111}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{68598E05-9E77-497E-A8BC-191C92AE1857}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{68D61FBC-10FD-4E0F-9D6A-4E331CA671AD}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{695A3AD0-DFCC-4C60-8A92-BE4B6D253117}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6981AAA6-176B-4FD2-A02F-ADAF8197D589}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{69D3976E-AE42-4AB8-B2F4-EC6ABDE85A26}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6A61776F-153E-4A94-8804-838EAFF9F0B3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6B17CEBF-2BB7-46C0-9304-F88B1AF2A09D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6B92D57E-A2EF-4EDC-A440-9262474BEF7C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6C0D56C7-17FD-4ECE-A75A-AD5912CFAD24}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6C17EFAD-885B-42AF-A71B-C9F98EA4C5F5}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6CA534BD-5005-4BC2-886D-1F0645D40961}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6D016B70-9337-4E8D-98C9-513F0F35F761}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6D204DCD-173C-4749-8847-1AA86FB9CFB3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6D7E1A87-541C-45E2-9916-498804ECC013}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6FA8E967-EC3F-4819-BF42-C6BD8969414E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6FBBAB17-65E0-4423-AF5A-B3FA9C8971ED}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{6FE8EF51-D71C-45DA-920F-FD089054F456}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{7178470A-EA0B-4BB2-BA2D-722888226061}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{71A73727-9D7A-41F6-9349-A16AC1F8823A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{71AE8A00-3643-434C-A1B2-6177A2DBC4ED}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{72045C00-6C2D-462E-988D-5EFF341DDF3B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{721E506D-BC50-4576-9B5E-462128485141}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{72FCDE04-02F7-466F-AF8B-062BE7DFC526}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{73B4314B-19F5-47E7-B11E-8B744C2CC386}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{73EF75E4-0E52-4416-8E95-311D0D35DD71}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{742A7DF8-2324-444B-A322-659424BDB7D5}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{7510721F-BA6E-4CA1-A4C4-B0F9DE7E1C4B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{75F07338-7BB5-43DD-8174-9F14361C9317}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{761DDE5B-7992-4785-A434-FD7E78B6B216}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{76E80D3E-E97F-4D4F-9EE8-D706F0066EE9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{774B3AE0-A7DB-43FA-961E-CEA28420D5B2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{77C03732-0BC3-412A-B5F5-6B207321FC5E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{782F7D6A-5142-47C7-999C-0888DE35877B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{78B2AC1A-74CF-4E9F-BF52-4A195744E53C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{790F33CC-A7C4-4A14-97AE-E13DC4104FDB}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{79141FCA-63CD-46F2-9C1E-F8731E907927}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{7BC8AB51-EEBA-42F7-B9EF-D46072A2CB5D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{7F20BF82-E54A-461D-B789-1F3D44E5A873}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{7F5DA9F9-4416-40EF-9D5E-C37D860132B2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{7F7D8D2B-CDD0-48D8-84EE-33EA0B8BF610}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{802FF3D4-52A8-4E4D-8EF9-3AC1B56C1596}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{80E945C4-7451-4035-B8D9-59652D733EC8}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{815445BF-6288-4C3F-A518-43B3548EF1E1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{825D5871-94DB-4F1E-A33E-02492D069456}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{826C73C2-CF36-4C66-AFC0-CAA64C6BE4DE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{82EFBB96-C888-46B2-8E9C-AEEF88E79E1C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8315522A-9360-4195-8233-3484BECB9C54}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{83C1ABE3-BC85-4977-8306-1A737CD34094}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{83C9B21D-A018-4D0A-A76B-80B820A63792}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{845011E0-0AA1-4501-B42C-57E0A6147041}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{84777486-85FA-4ADA-901B-8CF41F5AFD9F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8699343C-8F36-45D5-B281-40FF4F81F2DA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{86F79F85-8CA2-4CAF-9F35-0A88383FD36C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{87CCD51A-9327-466F-BA6F-B8EF200CA50F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{87EC4055-0A37-4F65-9F1D-CFC43379869C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{885DD4F8-CF07-470B-98B0-8D32F49A9BC1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{886D8409-6AFB-4D25-A1DE-C665BBF74F43}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{89BF9EEB-EACA-4DE5-A505-C24ED67B46D1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8A9AE9D4-9C9D-4F4D-B2B0-B4738273B21E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8B2E72BE-26B2-4EFD-8C45-92FB8574B17C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8BA85826-2B86-49F2-90DB-97D7DA884C42}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8BE67240-5BE1-4287-9B9A-EEF57B6A15CD}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8BFE285A-D704-4334-9CBF-2E3F24DDD4BE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8CD52393-463C-46AB-A619-801DC655B9F7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{8F48C4F1-6264-4B6C-95C8-CA3CAC00B7E0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9019F1B6-A9C6-490E-BFC2-D2EF4CD7FBC5}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{902230BD-2AF7-4116-9D80-902248993A46}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{93199EFA-3D34-4D27-9D6C-69C6E724E0F7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{94259435-6772-4A46-9F00-8799333A4755}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{947B5340-9D8E-4DEF-8255-B2ADA98D3485}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{94FF8FA4-9BD9-4F2B-B3DA-A4D461020B1D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{959A7A61-9CDC-40B1-ACEC-1A71EF857C35}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{95C2AC51-B9AF-47FF-9BCC-142AECFC41FD}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{95CBC2C7-971C-48E0-B2C6-51BB2F58E303}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{95F4266F-CBFD-4895-B1FE-D4BD0BCEF232}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9769396B-89D0-4E06-B056-89EAE9B993B6}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{98314956-0C68-445E-8F66-ED51426A992C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{98EA7D35-E7A0-4265-AB06-CB7A27BD360B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{98F2B159-786F-457A-A008-1EE068FDFC13}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{98F7A63A-2DD5-4BA0-A32B-0D42A7E50B6F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{99EA1173-C0C1-4507-ADED-0488FE5F880A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{99F13212-00C5-4727-8F0A-D9E10DA3192A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9AB3F54B-B027-465A-AAFA-872473062C5C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9AB750D0-1E2E-41E8-B2FF-3D8A38697B8B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9B25AC7B-14B9-4BE2-9D6D-8934BCC3EFC7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9C2FB1D4-A59F-4047-A39F-DF250D84769D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9C32588A-659A-4521-80AB-E8EED02F4BD9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9C58306A-09B4-4939-AC37-9C8BE5904DF7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9CD8918B-3EC7-4DEE-9CE1-81BD2B3FEFD8}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9DC2AD01-D7B4-4F88-A47A-E8240AE1CCCC}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{9DF5621C-0FC2-4D54-835B-CA25C60C5E11}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A078FC8D-4EE5-4B2F-92DC-BC1D40027B71}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A0ADF5D0-5EC2-453A-A91F-07B57F17E197}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A0D08013-1A4C-444E-870A-5DA1016C4D3D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A0F57296-5A89-4FDF-9268-228AF6ECAF0C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A197D38B-1BBE-4B3A-8DDA-623264830946}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A2BD5BEE-978F-4B99-AD8B-CB74A263921C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A30B75C7-E081-4410-8DB3-C8E851EFE7BF}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A31F077F-61B1-47EF-B4D3-1C921825250F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A32CEEA2-9580-4FFE-8EA7-463F304F5D1C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A3357AED-4D4B-4F67-8ABB-D9BD35141354}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A3D9303D-6786-4FBC-91D3-6DE340586CAE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A4CB3B43-C672-45AF-9865-419654AF2A32}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A5115074-DC8B-426B-A886-8564C35DB2FE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A51AB214-C4BE-460C-BBD8-2E6339F57C93}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A541E1C3-E5FB-4A15-B7B4-4F1673D0EDE2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A60F752C-FCA8-4DE5-BC2B-6B0349C0E4A4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A61460DA-599D-4C1A-B3F7-B0B96E3C24D3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A615DBBB-ABE9-4347-8ACF-D8F8C13FA42D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A6DAD828-0972-42C0-B507-EB548D14D288}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A7DC1147-3917-445F-9E7F-30D58787358F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A86428C3-DD05-46EF-937D-18785038C357}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A8F55FD1-D154-465E-A9B0-42323498FAFE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A968C825-0BAB-4446-A823-7252959E6622}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{A9A5F544-6B3A-47BE-8BFB-69A37259F8CC}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{AA659520-D196-48B5-AA80-0EF2886807D0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{AAA4F1E0-6D97-48DF-BF77-C99F782992CC}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{AD2F300D-19D6-4F1B-BCBA-27C47D164AA8}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{AE3A8C80-F90E-42DA-8F29-D66D2FA782D3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{AE8AE8DB-9472-4557-B886-96B018FD257E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{AF245FFD-68BA-47DF-B79B-E23F2D1A7064}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{AF9931E9-C267-4940-AFC5-C324A797CB1E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B00B20C5-3B40-489D-BA47-792A7F1683A9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B0642F6B-4E80-41E6-9E72-777D07EC7C96}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B07CDA8A-5C2B-4E75-AB06-638930DB46D9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B122CF83-DB1A-4C29-A236-699EF44DD7BE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B1BAA2ED-9A47-4A0C-9944-9BBB65650134}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B1F24B2B-CD06-45CB-B51B-0F8E722D21B9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B214FCF2-68CA-4740-B3AA-022FF5F5443A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B242B23D-B651-4500-AC95-FB54EBF83F13}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B26CCDFF-DC1A-4C70-82CF-FEC0BB76C503}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B279422C-1F6E-4D8D-9F5C-9A796E6CB554}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B29C9405-813A-45E2-B11B-DECF8322C5AA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B2D51AF8-80E0-481F-B3F7-5B5A95E1D6D2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B332D8EB-79DE-4CA7-BA1A-EDFB29D0A510}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B351BB68-EFE1-4AA9-839E-F2464C16A961}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B489FEC4-0DDC-40F5-8130-A563E66FDA4A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B48C0CF7-ADD3-4940-B639-2535423DC3DC}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B6875D8C-A566-4F08-B2E5-BE4F20CAC5DD}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B695EAC8-027B-45D8-BE9A-8B18D57781DA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B6A5890E-6FD8-4697-9016-8EC9E5890086}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B6F49E49-A433-4FB2-93EF-40AEEB3AF19B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B7EB2CA2-4B99-4209-A280-F0D817B85301}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B960FAEA-A48F-4DCD-929F-C6BD00717E6B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{B9BF5106-CE9C-4AEB-BB09-EFB7FF9DC35C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BA16B941-0642-4BAE-8211-5B85056D6942}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BA1E79AA-E168-4D2E-9996-C69343A60E3A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BA346872-37D2-452F-BC5A-5EAA4901B8AA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BAFCFAD6-35A5-4FEE-B42A-B61D55AF8837}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BB426A78-9D2C-4860-B8C4-1C65649FDA70}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BC56BCBC-BE8F-40A2-BDCC-1C21A92F9083}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BC7EE9D7-7CB9-46B9-8AD4-89442A1CB855}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BCF88F58-6BF6-4E50-8090-25AD83AFCE92}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BCF8E5E6-A2B2-4289-A748-B546CFE3381B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BD46CAFA-5AEA-4FC7-9945-D941C6001BFE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BE8726E9-976D-4A8F-ACDF-E673D2975A4A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BEA412D7-D1FE-4238-BC09-1C1806DCD12A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BF5765AD-5322-45EC-B13D-8C1DEDEB80E9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{BFA411B0-C729-4864-85E2-F8CB804F4769}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C1A56AE3-598C-4DF2-8A60-90AB696A7F76}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C326C585-DE26-4CC6-A441-C1E467E2E6AA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C3299726-9E38-46D1-BEC3-C400597B5328}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C329DCEA-29D0-4547-B469-25BE8E796D03}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C41EAECF-BC53-4426-A2E9-4BC98BA13393}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C4AB3507-98E1-4D5B-9331-8A2CFE9D8CF2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C4AD4360-F0F4-454C-979C-3F83E5F77E48}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C58F638C-6461-4A5E-A370-020769583B30}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C5FBED0E-B897-4907-A8A1-08E0D0854498}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C6539EEC-B443-4C3B-BF20-0D4E7ECDD543}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C7AA64BC-A462-4CC9-9CF5-754128CCB884}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C87E6D60-AADE-4A55-B537-7B68B4984F29}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C8893F82-9C00-4B01-8700-B4176F4CBFFF}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{C9FA1BC2-D968-4198-92BE-2FBA0AC7CFBE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CB1E0E87-C004-470F-96A4-58D8B4B0442A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CB528E48-D80B-46F3-B624-70DBE51820B9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CB9ADCE4-4014-445B-84FB-9A7A7563CC12}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CC33DA9E-82F0-41FE-9E55-68BD44928BD1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CC3B9252-1F2C-4382-8FFD-F5B931632A7B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CC7F5ECA-FEA7-49DC-8DE6-EBE3E3D550F4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CD5A2633-6382-4272-902A-22E5F312E631}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CDBA5042-EE0E-4601-9F7F-D243858354DD}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CE217222-4D4C-473D-BA15-EF01FE600383}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{CFF7F2F0-8C10-434E-A1B5-74F30D5227F7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D04D11BD-0051-4DE1-A39F-9EA866493DAE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D0C100E7-002D-4029-A1B7-015E74A79913}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D2A91664-4CAC-49D8-8498-8E243D021A4C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D31B8874-E4D8-4D11-B706-F2AE47EE944F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D32BB93D-F905-4B2D-8D3A-524C10AE4C53}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D331701D-3BAE-4458-917F-F5D1103555DC}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D331F193-46C1-41A9-9666-089DBC2194E9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D444C147-D6FB-4187-8F34-A296F813475E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D5DC8C35-55F9-45AB-9988-CB81A5D47575}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D75D7DA5-1B28-4170-AE59-CFCE9B9CF99B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D81A29DA-04A5-4ACE-A129-2A2ED8B45E3D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{D82889CC-A29C-409B-9D21-74FD9096175F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DA01A46F-E68F-47AC-9E58-D2922274A786}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DA26E994-5317-4698-AE2F-50E4E55AA4B5}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DA3B9CF2-5773-4487-866C-D4FE0D19389E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DBCE4033-C24F-457E-B1BB-9B2DBD74BB93}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DC249DBE-31A8-4B61-8897-F5D461FFF6D1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DC74853F-A004-4E4C-9776-3D15B8C5AD4F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DE0C1CF8-04DD-4FE6-8CCF-5E476ADF319D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DE72CB4E-F69E-4BDF-BABC-E8898A21D52D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DE8A2E65-D1C1-4962-AF33-4FB4DEA6D8FB}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DEE6199D-6E86-4EA6-8A7D-2473172024B0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DF151B9F-7B5D-4CCB-91FB-32CB99CCDBAA}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{DFB89955-648E-454F-A41A-6D9C12F77209}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E03DA740-9FE3-4561-816C-7BDF518CEF68}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E12421BC-7DCC-447C-BD7C-3C4062842B8E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E2686DF4-3988-43F2-BC5A-57EF060EDAE0}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E3F3C2DF-3A10-4ADE-B426-E6749B3F1699}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E4396040-0E46-4812-A722-76922872A744}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E4B951B5-338C-4D15-AED7-ED1A903EF713}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E4D3D881-1E5E-4F54-A0B1-140DDAE3587E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E5B7EF46-9D6C-4EB5-B411-3921A6685627}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E64CF1ED-8F9D-46D9-8F9B-95FFAD50992E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E7A5E8AC-DDC4-4A77-ABE7-7AD53FBF915C}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E7C66774-5464-40AF-B864-4F107A5E3527}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E851FBED-825E-4925-8F4A-49774725F92D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E874D850-6954-41C6-ACD6-37A64C22325A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{E8FBFF97-6CF2-4773-9A54-56E44FA2E4A4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{EA1A28A5-3C10-49EA-8E8B-924FCF9A6277}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{EB01A5C0-8976-4014-A8C4-0E8D643CBAA1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{EC32EFFE-C559-49F6-90A4-9678AA0FB58D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{ED6A7202-CA2B-4502-A17F-F170649566BE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{EDD47758-7B3E-4004-A789-5EEB1F0BA597}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{EE30CA7E-60D6-4E96-BD6F-C64E4830372F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{EF5D5036-7F35-41A3-9905-E522D698FF57}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F0F516EA-5002-43F9-BEB0-B8A83C8C2DA7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F1342C1E-7497-4C5F-B96F-8B73ED1AEBA1}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F17C6353-6679-4077-8EFB-7732C0976607}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F25143C1-F2CC-493B-884F-38757DC2CAEC}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F29C895A-563D-455A-8970-36FBB92C1CD2}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F29DAB19-05B2-4E0E-B491-762C3893F347}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F2A18172-2CB2-4C57-8992-E43E655D6AE8}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F3EA8B3C-C003-4952-B26A-8574A6077378}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F3F17F8B-3F2E-4EC2-9E46-951EDCC4D68E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F4ADF40C-5D31-4CFD-B884-BA55EF936D95}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F4C96F0B-8149-48FB-B497-F05030B3B0D4}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F6040F88-5825-430D-984E-CF9ED6EDBCC3}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F654DDAC-0C28-43A1-BB2B-C9E471CE6E33}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F6CCF191-F3CD-4531-B0CF-298932508CAB}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F6CE9B8D-C477-47BA-B436-42F6570248FB}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F76596DB-EA92-4E95-AADB-BED08F58AC56}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F7667754-708F-471D-B9B2-A496850D1622}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F7823494-F6CF-4176-9F63-85765D51CA92}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F7AECAAC-5E00-4B9E-A2D0-2EFC40284A57}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F7D2A3D1-101A-402E-AE5B-1FF015FBF66A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F828E7F2-1FF6-4CA2-97A3-9D3055EC0C6E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F89BE264-F911-415B-8E36-D89D45DAE32A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F91A8D04-4A18-4126-83D4-36FCC67B2FCE}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{F9D27286-A240-4182-9397-EC149D99967B}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FA77363B-E5F9-4102-8AFB-7121645C2B6E}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FA9529F1-0CFD-4957-9036-50A900A3B15A}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FC17DBDF-77AD-44B2-9555-F9061B16E16F}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FC33C97A-F73D-4A20-8ED1-9CC3F1EDBDB9}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FC880B72-E58D-4AD9-89C8-4D3EDAC1CE31}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FE86CF40-85ED-4379-B62A-B6360AFD4440}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FF335102-D812-4390-A86B-8F6D4BBD600D}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FFC47FF5-3652-4E45-A6A0-995D58F78AF7}
Successfully deleted: [Empty Folder] C:\Users\Dons\appdata\local\{FFDAFE78-B1DC-4971-A129-23850EEE8165}

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/28/2014 at 12:33:08.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#20 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:11 AM

Posted 29 May 2014 - 04:28 AM


Download ComboFix from the following location:
Link

* IMPORTANT- Save ComboFix.exe to your Desktop

***


Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools.
Note: If you are having difficulty properly disabling your protective programs, or are unsure as to what programs need to be disabled, please refer to the information available through this link:
How to Disable your Security Programs

***


Double click on combofix.exe & follow the prompts.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.
Enable your antivirus!

***



How the computer is running now?

Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#21 Don 221

Don 221
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 30 May 2014 - 10:57 AM

Here is the results of ComboFix

 

Thanks all

 

 

 

ComboFix 14-05-29.01 - Dons 05/30/2014   8:36.4.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8152.5533 [GMT -7:00]
Running from: c:\users\Dons\Videos\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2014-04-28 to 2014-05-30  )))))))))))))))))))))))))))))))
.
.
2014-05-30 15:43 . 2014-05-30 15:43 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-05-29 21:11 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1DA06D86-CDBB-444E-99CA-830C9CBA6194}\mpengine.dll
2014-05-28 19:11 . 2014-05-28 19:11 -------- d-----w- c:\windows\ERUNT
2014-05-28 18:27 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-05-28 01:23 . 2014-05-28 02:06 -------- d-----w- c:\users\Dons\mbar
2014-05-27 01:35 . 2014-05-27 01:35 -------- d-----w- c:\programdata\Promote Installer
2014-05-25 14:22 . 2014-05-02 06:56 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A10355E3-39C0-434C-B42D-131F045E2726}\gapaengine.dll
2014-05-24 15:06 . 2014-05-24 15:06 -------- d-----w- c:\program files\WOT
2014-05-24 15:06 . 2014-05-24 15:06 -------- d-----w- c:\program files (x86)\WOT
2014-05-21 19:55 . 2014-05-28 11:36 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-05-20 15:57 . 2014-05-20 15:57 -------- d-----w- c:\users\Dons\AppData\Roaming\DonationCoder
2014-05-20 15:29 . 2014-05-20 15:29 -------- d-----w- c:\programdata\DonationCoder
2014-05-20 15:29 . 2014-05-21 01:22 -------- d-----w- c:\program files (x86)\ProcessTamer
2014-05-17 17:52 . 2014-05-17 17:53 -------- d-----w- c:\programdata\SecTaskMan
2014-05-17 17:52 . 2014-05-17 17:55 -------- d-----w- c:\program files (x86)\Security Task Manager
2014-05-16 16:39 . 2014-05-16 16:39 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Exploit
2014-05-15 20:08 . 2014-05-15 20:08 -------- d-s---w- c:\windows\system32\CompatTel
2014-05-15 20:07 . 2014-05-09 06:14 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-05-15 20:07 . 2014-05-09 06:11 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-15 03:08 . 2014-05-06 04:40 23544320 ----a-w- c:\windows\system32\mshtml.dll
2014-05-15 03:08 . 2014-05-06 03:00 84992 ----a-w- c:\windows\system32\mshtmled.dll
2014-05-15 03:07 . 2014-05-06 04:17 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-05-15 03:07 . 2014-05-06 03:07 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-05-15 02:59 . 2014-04-12 02:19 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-05-15 02:59 . 2014-03-04 09:44 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-15 02:59 . 2014-03-04 09:20 3969984 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2014-05-15 02:59 . 2014-03-04 09:17 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-15 02:59 . 2014-03-04 09:20 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2014-05-15 02:59 . 2014-03-04 09:43 455168 ----a-w- c:\windows\system32\winlogon.exe
2014-05-14 15:06 . 2014-05-14 15:06 -------- d-----w- c:\users\Dons\AppData\Local\Macromedia
2014-05-14 15:01 . 2014-05-14 15:02 -------- d-----w- c:\users\Dons\AppData\Local\Mozilla
2014-05-14 00:29 . 2014-05-14 00:29 388096 ----a-r- c:\users\Dons\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2014-05-14 00:29 . 2014-05-14 00:29 -------- d-----w- c:\program files (x86)\Trend Micro
2014-05-14 00:25 . 2014-05-14 00:25 -------- d-----w- c:\program files (x86)\PrivaZer
2014-05-08 13:48 . 2014-05-08 13:48 227704 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
2014-05-07 14:40 . 2014-03-31 16:42 40392 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-05-07 14:40 . 2014-03-31 16:42 34760 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-05-04 04:52 . 2014-05-08 16:25 -------- d-----w- c:\program files (x86)\ThePluginSite
2014-05-01 00:28 . 2014-05-28 18:57 -------- d-----w- C:\AdwCleaner
2014-05-01 00:13 . 2014-05-01 00:13 -------- d-----w- c:\users\Dons\AppData\Roaming\Oracle
2014-05-01 00:12 . 2014-05-01 00:12 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-05-01 00:12 . 2014-05-01 00:12 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-05-01 00:12 . 2014-05-01 00:12 -------- d-----w- c:\program files (x86)\Java
2014-04-30 19:01 . 2014-04-30 19:01 -------- d-----w- c:\programdata\Yahoo!
2014-04-30 19:01 . 2014-04-30 19:01 -------- d-----w- c:\program files (x86)\Yahoo!
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-29 23:58 . 2014-03-31 16:01 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-29 23:56 . 2014-03-27 02:08 62 ----a-w- c:\users\Dons\AppData\Roaming\sp_data.sys
2014-05-29 23:53 . 2014-03-30 22:29 16152 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2014-05-28 10:58 . 2013-11-30 14:57 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-05-15 03:02 . 2013-09-11 00:54 93223848 ----a-w- c:\windows\system32\MRT.exe
2014-05-14 18:09 . 2013-09-08 19:46 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-14 18:09 . 2013-09-08 19:46 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-12 14:26 . 2014-03-31 16:01 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-05-12 14:25 . 2013-11-30 03:31 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-05-02 06:56 . 2014-01-24 01:57 1031560 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-04-30 18:29 . 2014-02-02 09:34 1081112 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:29 . 2014-02-02 09:34 1225920 ----a-w- c:\windows\system32\nvspcap64.dll
2014-04-15 09:34 . 2014-04-15 09:34 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-31 16:42 . 2014-02-02 09:30 37320 ----a-w- c:\windows\system32\nvaudcap64v.dll
2014-03-28 20:34 . 2014-03-28 20:34 3376736 ----a-w- c:\windows\system32\auto_reactivate.exe
2014-03-12 15:45 . 2013-09-07 19:21 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2014-03-11 16:52 . 2013-09-27 17:53 133928 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2014-03-06 09:31 . 2014-04-09 19:32 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-06 08:59 . 2014-04-09 19:32 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-06 08:57 . 2014-04-09 19:33 548352 ----a-w- c:\windows\system32\vbscript.dll
2014-03-06 08:57 . 2014-04-09 19:32 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-06 08:53 . 2014-04-09 19:32 2767360 ----a-w- c:\windows\system32\iertutil.dll
2014-03-06 08:40 . 2014-04-09 19:32 51200 ----a-w- c:\windows\system32\jsproxy.dll
2014-03-06 08:39 . 2014-04-09 19:32 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-03-06 08:32 . 2014-04-09 19:33 574976 ----a-w- c:\windows\system32\ieui.dll
2014-03-06 08:29 . 2014-04-09 19:32 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-06 08:29 . 2014-04-09 19:32 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-06 08:28 . 2014-04-09 19:32 752640 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-06 08:15 . 2014-04-09 19:32 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-06 08:11 . 2014-04-09 19:32 5784064 ----a-w- c:\windows\system32\jscript9.dll
2014-03-06 08:09 . 2014-04-09 19:32 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2014-03-06 08:03 . 2014-04-09 19:32 586240 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-06 08:02 . 2014-04-09 19:32 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-03-06 08:02 . 2014-04-09 19:33 455168 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-03-06 08:01 . 2014-04-09 19:32 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56 . 2014-04-09 19:32 38400 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-03-06 07:48 . 2014-04-09 19:32 195584 ----a-w- c:\windows\system32\msrating.dll
2014-03-06 07:46 . 2014-04-09 19:32 4254720 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-06 07:42 . 2014-04-09 19:32 296960 ----a-w- c:\windows\system32\dxtrans.dll
2014-03-06 07:38 . 2014-04-09 19:32 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36 . 2014-04-09 19:32 592896 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:21 . 2014-04-09 19:32 628736 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-06 07:13 . 2014-04-09 19:32 32256 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11 . 2014-04-09 19:32 2043904 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-06 06:53 . 2014-04-09 19:32 13551104 ----a-w- c:\windows\system32\ieframe.dll
2014-03-06 06:40 . 2014-04-09 19:32 1967104 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22 . 2014-04-09 19:32 2260480 ----a-w- c:\windows\system32\wininet.dll
2014-03-06 05:58 . 2014-04-09 19:32 1400832 ----a-w- c:\windows\system32\urlmon.dll
2014-03-06 05:50 . 2014-04-09 19:32 846336 ----a-w- c:\windows\system32\ieapfltr.dll
2014-03-06 05:41 . 2014-04-09 19:32 1789440 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-04 14:35 . 2014-03-30 23:19 9728064 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-03-04 14:35 . 2014-03-30 23:19 9690424 ----a-w- c:\windows\SysWow64\nvopencl.dll
2014-03-04 14:35 . 2014-03-30 23:19 892704 ----a-w- c:\windows\system32\NvIFR64.dll
2014-03-04 14:35 . 2014-03-30 23:19 877856 ----a-w- c:\windows\system32\NvFBC64.dll
2014-03-04 14:35 . 2014-03-30 23:19 863064 ----a-w- c:\windows\SysWow64\NvIFR.dll
2014-03-04 14:35 . 2014-03-30 23:19 846168 ----a-w- c:\windows\SysWow64\NvFBC.dll
2014-03-04 14:35 . 2014-03-30 23:19 484296 ----a-w- c:\windows\system32\nvEncodeAPI64.dll
2014-03-04 14:35 . 2014-03-30 23:19 409544 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-03-04 14:35 . 2014-03-30 23:19 377688 ----a-w- c:\windows\system32\NvIFROpenGL.dll
2014-03-04 14:35 . 2014-03-30 23:19 333600 ----a-w- c:\windows\SysWow64\NvIFROpenGL.dll
2014-03-04 14:35 . 2014-03-30 23:19 31474976 ----a-w- c:\windows\system32\nvoglv64.dll
2014-03-04 14:35 . 2014-03-30 23:19 3143456 ----a-w- c:\windows\system32\nvcuvid.dll
2014-03-04 14:35 . 2014-03-30 23:19 2958792 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-03-04 14:35 . 2014-03-30 23:19 2783008 ----a-w- c:\windows\system32\nvcuvenc.dll
2014-03-04 14:35 . 2014-03-30 23:19 2411976 ----a-w- c:\windows\SysWow64\nvcuvenc.dll
2014-03-04 14:35 . 2014-03-30 23:19 23716640 ----a-w- c:\windows\SysWow64\nvoglv32.dll
2014-03-04 14:35 . 2014-03-30 23:19 1885472 ----a-w- c:\windows\system32\nvdispco6433523.dll
2014-03-04 14:35 . 2014-03-30 23:19 1516488 ----a-w- c:\windows\system32\nvdispgenco6433523.dll
2014-03-04 14:35 . 2014-03-30 23:19 12708128 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2014-03-04 14:35 . 2014-03-30 23:19 11636176 ----a-w- c:\windows\system32\nvcuda.dll
2014-03-04 14:35 . 2014-03-30 23:19 11589272 ----a-w- c:\windows\system32\nvopencl.dll
2014-03-04 14:35 . 2014-03-30 23:19 25255256 ----a-w- c:\windows\system32\nvcompiler.dll
2014-03-04 14:35 . 2014-03-30 23:19 17561544 ----a-w- c:\windows\SysWow64\nvcompiler.dll
2014-03-04 14:35 . 2014-02-02 09:30 15783992 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-03-04 14:35 . 2013-12-10 16:13 18302384 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-03-04 14:35 . 2013-12-10 16:13 17755424 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-03-04 14:35 . 2013-12-10 16:13 14709720 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-03-04 14:35 . 2013-12-10 16:12 3093280 ----a-w- c:\windows\system32\nvapi64.dll
2014-03-04 14:35 . 2013-12-10 16:12 2715264 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-03-04 13:06 . 2013-09-07 19:37 6714312 ----a-w- c:\windows\system32\nvcpl.dll
2014-03-04 13:06 . 2013-09-07 19:37 3497816 ----a-w- c:\windows\system32\nvsvc64.dll
2014-03-04 13:05 . 2013-09-07 19:37 922968 ----a-w- c:\windows\system32\nvvsvc.exe
2014-03-04 13:05 . 2013-09-07 19:37 64968 ----a-w- c:\windows\system32\nvshext.dll
2014-03-04 13:05 . 2013-09-07 19:37 2558808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-03-04 13:05 . 2013-09-07 19:37 386336 ----a-w- c:\windows\system32\nvmctray.dll
2014-03-04 11:32 . 2014-03-30 23:21 599840 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-03-04 09:44 . 2014-04-09 19:31 362496 ----a-w- c:\windows\system32\wow64win.dll
2014-03-04 09:44 . 2014-04-09 19:31 243712 ----a-w- c:\windows\system32\wow64.dll
2014-03-04 09:44 . 2014-04-09 19:31 13312 ----a-w- c:\windows\system32\wow64cpu.dll
2014-03-04 09:44 . 2014-04-09 19:31 16384 ----a-w- c:\windows\system32\ntvdm64.dll
2014-03-04 09:44 . 2014-04-09 19:31 1163264 ----a-w- c:\windows\system32\kernel32.dll
2014-03-04 09:17 . 2014-04-09 19:31 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17 . 2014-04-09 19:31 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-04 09:16 . 2014-04-09 19:31 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2014-03-04 09:16 . 2014-04-09 19:31 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2014-03-04 08:09 . 2014-04-09 19:31 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2014-03-04 08:09 . 2014-04-09 19:31 2048 ----a-w- c:\windows\SysWow64\user.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SlimCleaner Plus"="c:\program files\SlimCleaner Plus\SlimCleanerPlus.exe" [2014-03-20 26049856]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2014-04-23 533568]
"Akamai NetSession Interface"="c:\users\Dons\AppData\Local\Akamai\netsession_win.exe" [2014-04-18 4672920]
"RoboForm"="c:\program files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2014-05-21 109784]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2014-05-23 39408]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2014-04-10 1300792]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2012-02-02 2321072]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2000-01-01 292088]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-23 150528]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"CLMLServer"="c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe" [2012-05-25 111120]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2012-02-16 322176]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2011-10-25 174720]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2012-02-18 3331312]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2013-09-07 3058304]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2013-04-25 1075296]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"AcronisTibMounterMonitor"="c:\program files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" [2013-01-10 1103424]
"ProcessTamer"="c:\program files (x86)\ProcessTamer\ProcessTamerTray.exe" [2009-03-28 163840]
.
c:\users\Dons\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
MailWasherPro.lnk - c:\program files (x86)\Firetrust\MailWasher\MailWasherPro.exe -nosplash [2013-6-11 5755208]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoThumbnailCache"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ    autocheck autochk *\0auto_reactivate \\?\GLOBALROOT\Device\HarddiskVolume1\EFI\Acronis\bootwiz.efi
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys;c:\windows\SYSNATIVE\DRIVERS\amppal.sys [x]
R3 AmUStor;AM USB Stroage Driver; [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 PSKMAD;PSKMAD;c:\windows\system32\DRIVERS\PSKMAD.sys;c:\windows\SYSNATIVE\DRIVERS\PSKMAD.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys;c:\windows\SYSNATIVE\DRIVERS\revoflt.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys;c:\windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 ssmirrdr;ssmirrdr;c:\windows\system32\DRIVERS\ssmirrdr.sys;c:\windows\SYSNATIVE\DRIVERS\ssmirrdr.sys [x]
R3 SWDUMon;SWDUMon;c:\windows\system32\DRIVERS\SWDUMon.sys;c:\windows\SYSNATIVE\DRIVERS\SWDUMon.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.5;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 ATKWMIACPIIO_;ATKWMIACPI Driver_;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [x]
S2 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
S2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe;c:\program files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [x]
S2 AsusUacSvc;Asus process privilege adjust service;c:\program files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe;c:\program files\Asus\Rotation Desktop for G Series\AsusUacSvc.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BTHSSecurityMgr;Intel® Centrino® Wireless Bluetooth® + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 FanChkService;Fan Filter Checker Service;c:\program files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe;c:\program files (x86)\ASUS\ASUS Fan Filter Checker\FanChkSrv.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\nlssrv32.exe;c:\windows\SysWOW64\nlssrv32.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 SlimService;SlimWare Utility Service Launcher;c:\program files\SlimCleaner Plus\SlimServiceFactory.exe;c:\program files\SlimCleaner Plus\SlimServiceFactory.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 VIAKaraokeService;VIA Karaoke digital mixer Service;c:\windows\system32\viakaraokesrv.exe;c:\windows\SYSNATIVE\viakaraokesrv.exe [x]
S2 WTabletServicePro;Wacom Professional Service;c:\program files\Tablet\Wacom\WTabletServicePro.exe;c:\program files\Tablet\Wacom\WTabletServicePro.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 SmbDrv;SmbDrv;c:\windows\system32\DRIVERS\Smb_driver.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ    hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-05-30 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-08 18:09]
.
2014-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 07:02]
.
2014-05-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 07:02]
.
2014-05-29 c:\windows\Tasks\SlimCleaner Plus (Scheduled Scan - Dons).job
- c:\program files\SlimCleaner Plus\SlimCleanerPlus.exe [2014-03-20 16:14]
.
2014-05-29 c:\windows\Tasks\SlimDrivers Startup.job
- c:\program files (x86)\SlimDrivers\SlimDrivers.exe [2013-09-24 19:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-03-28 05:37 2818800 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-03-28 05:37 2818800 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-03-28 05:37 2818800 ----a-w- c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2014-04-23 533568]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 1271072]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-21 1832760]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"HDAudDeck"="c:\program files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" [2000-01-01 4694192]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2013-07-31 3091224]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2012-03-28 373248]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2013-12-11 472984]
"Acronis Scheduler2 Service"="c:\program files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" [2013-02-15 516928]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://news.google.com/
mStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local;<local>
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.1.1 76.14.96.13 76.14.96.14
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Toolbar-{2a942ab7-2073-49bc-a7e1-77e93835889a} - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
"Key"="ActionsPane3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0]
"Key"="http://schemas.microsoft.com/office/smartdocuments/2003"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions\http://schemas.microsoft.com/office/smartdocuments/2003\0\{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}\Alias]
"0"="Microsoft Actions Pane 3"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-05-30  08:47:08
ComboFix-quarantined-files.txt  2014-05-30 15:47
ComboFix2.txt  2014-05-30 00:05
.
Pre-Run: 648,407,965,696 bytes free
Post-Run: 648,346,009,600 bytes free
.
- - End Of File - - 49A09516C41807206673CECD1F3607CF
 



#22 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:11 AM

Posted 30 May 2014 - 11:08 AM

Hello Don 221,

how long does it take now to start windows?

Java
Find here instructions how to clear the java cache.
Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)
Under Temporary Internet Files, click the Delete Files button.
There are options in the window to clear the cache - Leave ALL Checked
  • Applications and Applets
  • Trace and log files
Click OK on Delete Temporary Files Window
Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. Click OK to leave the Java Control Panel.
 

---


Malwarebytes' Anti-Malware
If this program is already installed: Skip the installation and run only the scan!
Download and install: Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

---


ESET Online Scanner

Connect any existing external hard drives and / or other removable media.

Note:
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



If this program is already installed: Skip the installation and run only the scan!
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the esetOnline.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Check esetScanArchives.png
  • Make sure that the option "Remove found threats" is Unchecked
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as MyEsetScan. Alternatively, look for report in C:\Program Files\ESET\ESET Online Scanner\log.txt. Include the contents of this report in your next reply.
  • Push the Back button.
  • Select Uninstall application on close check box and push esetFinish.png

---


How the computer is running now?


---


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#23 Don 221

Don 221
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 30 May 2014 - 07:13 PM

Jo, I wanted to send you a personal memo, but don't now who to send it too.

 

 

Still working on the files you sent will have for you soon.



#24 Jo*

Jo*

  • Malware Response Team
  • 3,445 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:11 AM

Posted 04 June 2014 - 04:03 AM

Hi,

 

it has been several days since I sent my last set of instructions to help with your computer problem.

Please let me know if you are having problems and still need help.

 

Note: Threads will be closed if no response after 3 days.


Graduate of the WTT Classroom
Cheers,
Jo
If I have been helping you, and I have not replied to your latest post in 36 hours please send me a PM.


#25 Don 221

Don 221
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:11:11 PM

Posted 04 June 2014 - 10:43 AM

Jo,

 

Thank you for your help.

 

I will leave the forum now as I have to reformat my computer which should resolve the problem.  Have drive problem

 

Thank you again jo.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users