Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Potential Malware Issue


  • This topic is locked This topic is locked
10 replies to this topic

#1 rodricuz14

rodricuz14

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 12 June 2014 - 01:19 AM

Lately my computer has become very unresponsive , in the past week or so it has crashed and froze on every app about 30% of the time..i think it has to do with Malware. ANY help is GREATLY appreciated .


Edited by rodricuz14, 12 June 2014 - 06:46 AM.


BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:02 PM

Posted 12 June 2014 - 01:26 PM

Hello and Welcome on board rodricuz14 :welcome:,

my Name is Machiavelli and I will assist you with your problem.
If you booted into safe mode on your computer then print my instructions!
I'm in the 'Malware Staff Team' and will provide you with advice:

To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.

Below are a few tips:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 rodricuz14

rodricuz14
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 13 June 2014 - 08:28 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Roc (administrator) on ROC-PC on 13-06-2014 20:22:33
Running from C:\Users\Roc\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\HEM\wmime.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Bongiovi Acoustics) C:\Program Files\Bongiovi Acoustics\Digital Power Station\Digital Power Station.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
() C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\OFFICEVIRT.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927888 2012-05-10] (Synaptics Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
HKLM-x32\...\Run: [wmime] => C:\Program Files (x86)\HEM\wmime.exe [970240 2013-09-23] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-01-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2109263369-3482990966-500902494-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-06-05] (Google Inc.)
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Power Station.lnk
ShortcutTarget: Digital Power Station.lnk -> C:\Program Files\Bongiovi Acoustics\Digital Power Station\Digital Power Station.exe (Bongiovi Acoustics)
BootExecute: autocheck autochk * 搀渀挀氀攀愀渀㘀㐀⸀攀砀攀
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKCU - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKCU - {10A5C051-B386-4DCD-8E47-4FD4DB86437D} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie11
SearchScopes: HKCU - {8EA729B0-D668-49E8-9E1D-B506E20D30BA} URL = http://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKCU - {E10E541F-A538-4625-B41A-9D169047E9A1} URL = http://delicious.com/search?p={searchTerms}
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
BHO-x32: Wondershare Video Converter Ultimate - {65DEE40A-3E93-4cae-9F98-B8E06DCEE2BF} - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRIEPlugin.dll (Wondershare Software Co., Ltd.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Yahoo Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 02 C:\windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 06 C:\windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 07 C:\windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9 17 C:\windows\SysWOW64\WTFastDrv.dll [72296] (Initex)
Winsock: Catalog9-x64 01 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 02 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 06 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 07 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Winsock: Catalog9-x64 17 %SystemRoot%\system32\WTFastDrv.dll [79464] (Initex)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF ProfilePath: C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3324416&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP363FBEFA-DC6A-47CE-8FA4-BD050817BE99
FF DefaultSearchEngine: Conduit Search
FF SearchEngineOrder.1: Mysearchdial
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13&UP=SP363FBEFA-DC6A-47CE-8FA4-BD050817BE99&SSPV=
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&SearchSource=2&CUI=UN36775804722603499&UM=2&q=
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Roc\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @raidcall.kr/RCplugin - C:\Users\Roc\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Webzen.com/NPBrowserExt - C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @TrianglePlayer - C:\Users\Roc\AppData\Roaming\TrianglePlayer\NPTrianglePlayer.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Roc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF SearchPlugin: C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\searchplugins\conduit-search.xml
FF Extension: Adblock Plus - C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-30]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-29]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-29]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-18]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-30]
FF HKCU\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []
 
Chrome: 
=======
CHR HomePage: hxxp://yahoo.com/
CHR StartupUrls: "hxxp://youtube.com/", "hxxp://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}"
CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo!
CHR DefaultNewTabURL: 
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Adblock Plus) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-30]
CHR Extension: (Wondershare Video Converter Ultimate) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chgdeabpmphfhkoemjjglmilajldekbp [2014-03-29]
CHR Extension: (Empty New Tab Page) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2014-03-30]
CHR Extension: (LoL Stream Browser) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2014-03-30]
CHR Extension: (YoWindow Weather) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\fanogbnclpilemkifpjeglokomebpnef [2014-03-30]
CHR Extension: (AdBlock) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-30]
CHR Extension: (avast! Online Security) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-30]
CHR Extension: (RealDownloader) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-03-29]
CHR Extension: (Skype Click to Call) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-29]
CHR Extension: (Downloads) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25]
CHR Extension: (PDF Viewer) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2014-03-30]
CHR HKLM-x32\...\Chrome\Extension: [chgdeabpmphfhkoemjjglmilajldekbp] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRChromePlugin.crx [2013-12-15]
CHR HKLM-x32\...\Chrome\Extension: [faklkmlkcleeoibffcbligohmkciloif] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx [2013-12-15]
CHR HKLM-x32\...\Chrome\Extension: [gidgkgdncfdcifhejcblapmlfjggmico] - C:\ProgramData\Bcool\gidgkgdncfdcifhejcblapmlfjggmico.crx [2013-12-15]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [ngoiabglmnijabkfknliolcbjfcmbmdl] - C:\ProgramData\FreePriceAlerts\Chrome\FreePriceAlerts.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [nnfegheljpcijmdgonkecjpcaopjlpac] - C:\Users\Roc\AppData\Local\ArcadeCandy\candyLinkx.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [ppdjnkblmcjfnlogjjhpigpdgpcgdpll] - C:\Program Files (x86)\BrowseFox\ppdjnkblmcjfnlogjjhpigpdgpcgdpll.crx [2014-04-11]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-05] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-05] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-11-14] (NETGEAR)
S4 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [123320 2011-07-19] (Symantec Corporation)
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [4865496 2011-08-08] (INCA Internet Co., Ltd.) [File not signed]
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-11-11] (Overwolf Ltd)
S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-01-16] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TipCtrl; C:\Program Files (x86)\uTIPu\TipCtrl.exe [314504 2009-02-03] (Utipu inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 xsherlock; C:\windows\SysWOW64\xsherlock.xem [666720 2012-11-11] (Wellbia.com Co., Ltd.) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-04] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-06-16] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [113424 2013-12-05] (BlueStack Systems)
S3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2008-03-26] (DemoForge, LLC)
R3 digitalpower; C:\Windows\System32\drivers\digitalpower.sys [29016 2013-06-12] (Bongiovi Acoustics)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-06-12] (Qualcomm Atheros Co., Ltd.)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-06-16] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-06-12] (Intel Corporation)
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2014-03-10] (CACE Technologies, Inc.)
S3 NPPTNT2; C:\windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3073752 2014-06-12] (Realtek Semiconductor Corporation                           )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2011-12-23] (Synaptics Incorporated)
R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [26896 2012-05-10] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-11-24] () [File not signed]
R3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R1 TsLwWfF; C:\Windows\System32\DRIVERS\TsLwWfF.sys [29384 2013-07-26] (TamoSoft)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
R3 vmkbd2; C:\windows\system32\drivers\VMkbd.sys [32848 2013-10-18] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 WinRing0_1_2_0; C:\Users\Roc\Downloads\RealTemp_370\WinRing0x64.sys [14544 2014-06-11] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 GPADriver; \??\C:\Users\Roc\AppData\Local\Temp\gpadrv.sys [X]
S3 MFE_RR; \??\C:\Users\Roc\AppData\Local\Temp\mfe_rr.sys [X]
S3 shy; \??\C:\AeriaGames\Shaiya\avital\shaiya64.sys [X]
S3 X6va009; \??\C:\windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va012; \??\C:\windows\SysWOW64\Drivers\X6va012 [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-13 20:22 - 2014-06-13 20:23 - 00034843 _____ () C:\Users\Roc\Downloads\FRST.txt
2014-06-13 20:19 - 2014-06-13 20:19 - 02081792 _____ (Farbar) C:\Users\Roc\Downloads\FRST64.exe
2014-06-13 19:25 - 2014-06-13 19:25 - 00000000 ____D () C:\ProgramData\Brother
2014-06-12 15:17 - 2014-06-12 15:17 - 00034179 _____ () C:\Users\Roc\Downloads\GTA San Andreas (2).pin
2014-06-12 15:04 - 2014-06-12 15:04 - 00002117 _____ () C:\Users\Public\Desktop\Pinnacle Game Profiler.lnk
2014-06-12 15:04 - 2014-06-12 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Game Profiler
2014-06-12 15:04 - 2014-06-12 15:04 - 00000000 ____D () C:\Program Files (x86)\PowerUp Software
2014-06-12 15:04 - 2009-07-13 21:16 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\vers87a8.rra
2014-06-12 15:04 - 2009-07-13 21:16 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsoc87c7.rra
2014-06-12 15:04 - 2009-07-13 21:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shfo8798.rra
2014-06-12 15:04 - 2009-07-13 21:14 - 00126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\advp8789.rra
2014-06-12 14:52 - 2014-06-12 14:53 - 00000000 ____D () C:\Users\Roc\Desktop\XPadder
2014-06-12 14:33 - 2014-06-12 14:33 - 00034179 _____ () C:\Users\Roc\Downloads\GTA San Andreas (1).pin
2014-06-12 14:07 - 2014-06-12 14:07 - 00034179 _____ () C:\Users\Roc\Downloads\GTA San Andreas.pin
2014-06-12 13:09 - 2014-06-12 13:09 - 00091577 _____ () C:\Users\Roc\Downloads\gta-xbox360_126.zip
2014-06-12 12:35 - 2008-04-13 19:11 - 00619008 _____ (Microsoft Corporation) C:\windows\SysWOW64\dx7vb.dll
2014-06-12 12:35 - 2008-01-13 19:59 - 00036864 _____ () C:\windows\SysWOW64\dxinputdll.dll
2014-06-12 12:25 - 2014-06-12 12:26 - 09780729 _____ () C:\Users\Roc\Downloads\Pinnacle Game Profiler V5-Mbb.rar
2014-06-12 12:14 - 2014-06-12 12:14 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\PowerUp Software
2014-06-12 12:14 - 2014-06-12 12:14 - 00000000 ____D () C:\ProgramData\PowerUp Software
2014-06-12 12:13 - 2014-06-13 01:35 - 00119296 _____ () C:\windows\SysWOW64\zlib.dll
2014-06-12 12:13 - 2013-12-31 15:11 - 01227264 _____ (Microsoft Corporation) C:\windows\SysWOW64\dx8vb.dll
2014-06-12 12:13 - 2009-07-13 21:16 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\vers32b8.rra
2014-06-12 12:13 - 2009-07-13 21:16 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsoc347c.rra
2014-06-12 12:13 - 2009-07-13 21:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shfo2b96.rra
2014-06-12 12:13 - 2009-07-13 21:14 - 00126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\advp2a8d.rra
2014-06-12 12:13 - 2008-01-13 17:36 - 00091632 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsofile.dll
2014-06-12 12:13 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\windows\SysWOW64\capicom.dll
2014-06-12 12:13 - 2003-01-26 14:41 - 00040960 _____ (vbAccelerator) C:\windows\SysWOW64\SSubTmr6.dll
2014-06-12 12:13 - 2002-08-09 12:18 - 00045056 ____N (Microsoft) C:\windows\SysWOW64\NTSVC.ocx
2014-06-12 12:13 - 2001-04-05 07:43 - 00094208 ___RS (Microsoft Corporation) C:\windows\SysWOW64\msstkprp.dll
2014-06-12 12:13 - 2000-04-03 21:52 - 00164144 _____ (Microsoft Corporation) C:\windows\SysWOW64\comct232.ocx
2014-06-12 12:13 - 1999-05-17 14:55 - 00057344 ____N () C:\windows\SysWOW64\ADsSecurity.dll
2014-06-12 12:13 - 1998-06-18 01:00 - 00089360 _____ (Microsoft Corporation) C:\windows\SysWOW64\VB5DB.DLL
2014-06-12 12:01 - 2014-06-12 12:01 - 11826619 _____ (InstallShield Software Corporation) C:\Users\Roc\Downloads\pinnacle-setup.exe
2014-06-12 11:52 - 2014-06-12 11:53 - 00816854 _____ () C:\Users\Roc\Downloads\JoyToKey_en.zip
2014-06-12 11:34 - 2014-06-12 11:37 - 00000000 ____D () C:\Users\Roc\Downloads\GTA San Andreas
2014-06-12 11:32 - 2014-06-12 11:32 - 00001297 _____ () C:\Users\Roc\Desktop\Grand Theft Auto San Andreas.lnk
2014-06-12 11:12 - 2014-06-12 11:12 - 00000000 ____D () C:\Users\Roc\Desktop\extra files
2014-06-12 10:01 - 2010-04-01 07:45 - 00000000 ____D () C:\Users\Roc\Desktop\Grand Theft Auto IV
2014-06-12 08:49 - 2014-06-12 08:49 - 00887896 _____ (Microsoft Corporation) C:\Users\Roc\Downloads\dotNetFx40_Client_setup.exe
2014-06-12 07:54 - 2014-06-12 07:54 - 00000287 _____ () C:\Users\Roc\Dad
2014-06-12 07:46 - 2014-06-12 07:46 - 00003354 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-12 07:46 - 2014-06-12 07:46 - 00003216 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-12 06:43 - 2014-06-13 13:10 - 00003332 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-12 00:49 - 2014-06-12 00:50 - 16291184 _____ (Rockstar Games) C:\Users\Roc\Downloads\Social Club v1.1.0.6 Setup.exe
2014-06-12 00:48 - 2014-06-12 00:48 - 09889352 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RsCRIcon.dll
2014-06-12 00:48 - 2014-06-12 00:48 - 00271064 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUStor.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2014-06-12 00:47 - 2014-06-12 00:47 - 00128200 _____ (Qualcomm Atheros Co., Ltd.) C:\windows\system32\Drivers\L1C62x64.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 00100312 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-12 00:44 - 2014-06-12 00:44 - 03073752 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-06-12 00:41 - 2014-06-12 00:41 - 00003210 _____ () C:\windows\System32\Tasks\Driver Booster Scan
2014-06-12 00:41 - 2014-06-12 00:41 - 00003154 _____ () C:\windows\System32\Tasks\Driver Booster Update
2014-06-12 00:41 - 2014-06-12 00:41 - 00002850 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Roc)
2014-06-12 00:41 - 2014-06-12 00:41 - 00001181 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-06-12 00:41 - 2014-06-12 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-12 00:36 - 2014-06-12 00:37 - 00886532 _____ () C:\Users\Roc\Downloads\GTAIV_For_Low-End.zip
2014-06-11 23:43 - 2014-06-11 23:43 - 00000310 _____ () C:\Users\Roc\Desktop\RootkitRemover_20140611_234302.log
2014-06-11 22:45 - 2014-06-11 22:45 - 00606048 _____ (gputemp.com ) C:\Users\Roc\Downloads\gputemp_setup.exe
2014-06-11 22:45 - 2014-06-11 22:45 - 00000947 _____ () C:\Users\Public\Desktop\GPU Temp.lnk
2014-06-11 22:45 - 2014-06-11 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPU Temp
2014-06-11 22:45 - 2014-06-11 22:45 - 00000000 ____D () C:\Program Files (x86)\GPU Temp
2014-06-11 22:41 - 2014-06-11 22:41 - 00330853 _____ () C:\Users\Roc\Downloads\RealTemp_370.zip
2014-06-11 22:41 - 2014-06-11 22:41 - 00000000 ____D () C:\Users\Roc\Downloads\RealTemp_370
2014-06-11 21:52 - 2014-06-12 06:39 - 00000898 _____ () C:\windows\PFRO.log
2014-06-11 21:52 - 2014-06-11 21:52 - 00000000 _____ () C:\windows\SysWOW64\sho65CA.tmp
2014-06-11 21:50 - 2014-06-11 21:50 - 00000150 _____ () C:\windows\wininit.ini
2014-06-11 19:48 - 2014-06-11 19:49 - 18070304 _____ (IObit ) C:\Users\Roc\Downloads\driver_booster_setup.exe
2014-06-11 19:39 - 2014-06-11 19:39 - 00003162 _____ () C:\windows\System32\Tasks\SmartDefrag3_Startup
2014-06-11 19:39 - 2014-06-11 19:39 - 00003160 _____ () C:\windows\System32\Tasks\SmartDefrag3_Update
2014-06-11 19:39 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\windows\system32\IObitSmartDefragExtension.dll
2014-06-11 19:39 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\windows\system32\SmartDefragBootTime.exe
2014-06-11 19:38 - 2013-12-24 10:40 - 00021184 _____ (IObit) C:\windows\system32\Drivers\SmartDefragDriver.sys
2014-06-11 19:37 - 2014-06-12 00:41 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\IObit
2014-06-11 19:37 - 2014-06-11 19:37 - 00001181 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-06-11 19:37 - 2014-06-11 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-06-11 19:36 - 2014-06-11 19:36 - 08935344 _____ (IObit ) C:\Users\Roc\Downloads\smart-defrag-setup.exe
2014-06-11 19:21 - 2014-06-11 19:21 - 00000000 ____D () C:\Program Files (x86)\Raxco
2014-06-11 19:19 - 2014-06-11 21:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-11 19:19 - 2014-06-11 19:19 - 00001402 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-11 19:19 - 2014-06-11 19:19 - 00001390 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-11 19:19 - 2014-06-11 19:19 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-11 19:19 - 2014-06-11 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-11 19:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-06-11 19:18 - 2014-06-11 19:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-11 19:04 - 2014-06-11 19:06 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Roc\Downloads\spybot-2.3.exe
2014-06-11 18:57 - 2014-06-11 21:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-11 18:56 - 2014-06-11 21:03 - 00000000 ____D () C:\Users\Roc\Desktop\mbar
2014-06-11 18:56 - 2014-06-11 18:56 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-06-11 18:54 - 2014-06-11 18:55 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Roc\Downloads\mbar-1.07.0.1012.exe
2014-06-11 18:54 - 2014-06-11 18:55 - 04161050 _____ () C:\Users\Roc\Downloads\tdsskiller.zip
2014-06-11 18:53 - 2014-06-11 18:53 - 00000310 _____ () C:\Users\Roc\Downloads\RootkitRemover_20140611_185307.log
2014-06-11 18:52 - 2014-06-11 18:52 - 00782584 _____ (McAfee, Inc.) C:\Users\Roc\Desktop\rootkitremover.exe
2014-06-11 16:31 - 2014-06-11 16:31 - 00020040 _____ () C:\Users\Roc\Downloads\[kickass.to]gtaiv.patch.1040.crack.razor1911.working.key.generator (1).torrent
2014-06-11 16:09 - 2014-06-12 08:55 - 00000000 ____D () C:\Users\Roc\Downloads\GTA IV ALL PATCHES + CRACK + XLIVE DLL FIX
2014-06-11 15:43 - 2014-06-11 15:43 - 00000077 _____ () C:\Users\Roc\Allegiance
2014-06-10 17:59 - 2014-06-10 17:59 - 00071566 _____ () C:\Users\Roc\Downloads\[kickass.to]gta.iv.pc.version.rwt007.torrent
2014-06-10 17:57 - 2014-06-10 17:58 - 02796287 _____ () C:\Users\Roc\Downloads\RGSC_1_1_3_0.rar
2014-06-10 17:21 - 2014-06-10 17:21 - 00001890 _____ () C:\Users\Roc\GTA IV BS
2014-06-10 17:17 - 2014-06-11 02:02 - 00000000 ____D () C:\Users\Roc\Downloads\GTAIV_Patch_1040 + Crack Razor1911+Working_Key_Generator
2014-06-10 17:17 - 2014-06-10 17:17 - 00020040 _____ () C:\Users\Roc\Downloads\[kickass.to]gtaiv.patch.1040.crack.razor1911.working.key.generator.torrent
2014-06-10 13:46 - 2014-06-10 13:46 - 00001084 _____ () C:\Users\Guest\Desktop\FreeArc.lnk
2014-06-10 13:46 - 2014-06-10 13:46 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\FreeArc
2014-06-10 13:45 - 2014-06-10 13:46 - 00000000 ____D () C:\Program Files (x86)\FreeArc
2014-06-10 13:45 - 2014-06-10 13:45 - 00001084 _____ () C:\Users\Roc\Desktop\FreeArc.lnk
2014-06-10 13:45 - 2014-06-10 13:45 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeArc
2014-06-10 13:45 - 2014-06-10 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeArc
2014-06-10 13:44 - 2014-06-10 13:45 - 07938425 _____ () C:\Users\Roc\Downloads\FreeArc-0.666-win32.exe
2014-06-10 08:46 - 2014-06-11 16:33 - 00000000 ____D () C:\Users\Roc\Downloads\PC » GTA IV PERFECT RIP directplay by globe@
2014-06-10 07:14 - 2014-06-10 07:14 - 00020158 _____ () C:\Users\Roc\Downloads\[TorrentDownloads.me]_GTAIV_Patch_1040 + Crack Razor1911+Working_Key_Generator.torrent
2014-06-10 06:20 - 2014-06-10 07:57 - 00000000 ____D () C:\Program Files (x86)\Arab-GB
2014-06-08 08:31 - 2014-06-08 08:40 - 00000000 ____D () C:\R.G. Catalyst
2014-06-08 06:12 - 2014-06-08 06:12 - 00001276 _____ () C:\Users\Roc\Desktop\OpenIV.lnk
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\New Technology Studio
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Local\New Technology Studio
2014-06-08 06:11 - 2014-06-08 06:11 - 00001257 _____ () C:\Users\Roc\Desktop\GTA IV Vehicle Mod Installer.lnk
2014-06-08 06:07 - 2014-06-08 06:07 - 00000000 ____D () C:\Users\Roc\AppData\Local\Mato_Technologies
2014-06-08 03:29 - 2012-05-15 07:13 - 00144896 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-06-08 03:29 - 2012-05-15 07:13 - 00020992 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2014-06-08 03:29 - 2012-05-15 06:20 - 00104448 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-06-08 03:29 - 2012-05-15 06:20 - 00017920 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2014-06-08 03:28 - 2014-06-13 19:21 - 00001674 _____ () C:\windows\setupact.log
2014-06-08 03:28 - 2014-06-08 03:28 - 00000000 _____ () C:\windows\setuperr.log
2014-06-08 03:07 - 2014-06-08 03:07 - 00000000 ____D () C:\Users\Roc\Downloads\Microsoft Word 2010 + Crack {LCD}
2014-06-08 03:00 - 2014-06-08 03:00 - 00004030 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-08 03:00 - 2014-06-08 03:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 03:00 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-08 03:00 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-06-08 03:00 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-06-08 03:00 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-06-07 11:25 - 2014-06-07 11:25 - 00000000 ____D () C:\Games
2014-06-07 11:06 - 2014-06-07 11:06 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-06-07 10:55 - 2014-06-07 10:55 - 00000000 ___SH () C:\Users\Roc\AppData\Local\LumaEmu
2014-06-07 10:55 - 2014-06-07 10:55 - 00000000 ____D () C:\ProgramData\LumaEmu_SteamCloud
2014-06-06 16:20 - 2014-06-06 16:20 - 00000000 ____D () C:\Users\Roc\AppData\Local\Rockstar Games
2014-06-05 10:15 - 2014-06-06 06:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
2014-06-02 01:05 - 2014-06-02 01:05 - 00000000 ____D () C:\Users\Roc\Downloads\Mods
2014-06-02 01:03 - 2014-06-07 10:35 - 00000000 ____D () C:\Users\Roc\Downloads\MP3 and Other bleep
2014-06-01 04:52 - 2014-06-01 04:52 - 00001445 _____ () C:\Users\Roc\Desktop\SnapTimer.exe - Shortcut.lnk
2014-05-31 08:27 - 2014-05-31 08:27 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-05-31 08:21 - 2014-05-31 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-05-31 08:21 - 2014-05-31 08:21 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-05-29 19:28 - 2014-05-29 19:28 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-05-29 19:28 - 2014-05-29 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-05-29 19:25 - 2014-05-29 19:29 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Riot Games
2014-05-29 06:41 - 2014-06-07 11:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Tunngle
2014-05-29 06:41 - 2014-06-07 11:12 - 00000000 ____D () C:\ProgramData\Tunngle
2014-05-29 06:41 - 2014-05-29 06:42 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00001002 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Roc\Documents\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-05-29 06:41 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys
2014-05-29 06:03 - 2014-05-29 06:26 - 00000890 _____ () C:\Users\Public\Desktop\Torchlight II.lnk
2014-05-29 06:03 - 2014-05-29 06:03 - 00000850 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight II.lnk
2014-05-29 06:00 - 2014-05-29 06:23 - 00000000 ____D () C:\Program Files (x86)\Torchlight II
2014-05-26 08:47 - 2014-06-02 09:38 - 00000144 _____ () C:\Users\Roc\Temp Services
2014-05-25 17:27 - 2014-06-08 09:20 - 00000000 ____D () C:\Users\Roc\Documents\Telltale Games
2014-05-25 17:27 - 2014-05-25 17:27 - 00000000 ____D () C:\ProgramData\REVOLT
2014-05-25 04:36 - 2014-05-25 04:36 - 00002669 _____ () C:\Users\Roc\Desktop\Morroblivion.lnk
2014-05-24 21:19 - 2014-05-24 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-05-24 21:11 - 2014-06-12 15:16 - 00000000 ____D () C:\Program Files (x86)\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-05-18 20:25 - 2014-05-18 20:25 - 00000294 _____ () C:\Users\Roc\refining
 
==================== One Month Modified Files and Folders =======
 
2014-06-13 20:23 - 2014-06-13 20:22 - 00034843 _____ () C:\Users\Roc\Downloads\FRST.txt
2014-06-13 20:23 - 2012-06-05 21:05 - 00000000 ____D () C:\Users\Roc\AppData\Local\Temp
2014-06-13 20:22 - 2013-02-13 04:25 - 00000000 ____D () C:\FRST
2014-06-13 20:19 - 2014-06-13 20:19 - 02081792 _____ (Farbar) C:\Users\Roc\Downloads\FRST64.exe
2014-06-13 20:13 - 2012-06-05 21:44 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-13 20:10 - 2014-03-02 15:10 - 00000284 _____ () C:\windows\Tasks\MySearchDial.job
2014-06-13 19:57 - 2013-11-26 02:58 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-13 19:29 - 2009-07-13 22:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-13 19:29 - 2009-07-13 22:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-13 19:25 - 2014-06-13 19:25 - 00000000 ____D () C:\ProgramData\Brother
2014-06-13 19:24 - 2012-06-05 21:09 - 01189666 _____ () C:\windows\WindowsUpdate.log
2014-06-13 19:21 - 2014-06-08 03:28 - 00001674 _____ () C:\windows\setupact.log
2014-06-13 19:21 - 2013-11-24 04:50 - 00000000 ____D () C:\ProgramData\VMware
2014-06-13 19:21 - 2012-09-17 04:37 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1cd94c07f095136.job
2014-06-13 19:21 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-13 13:10 - 2014-06-12 06:43 - 00003332 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-13 13:10 - 2013-11-29 10:51 - 00003194 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-13 02:54 - 2013-12-25 17:42 - 00003910 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{F2C8E097-E7CB-489D-BD91-6E2373E427CB}
2014-06-13 02:00 - 2012-06-07 06:44 - 00000000 ____D () C:\Users\Roc\AppData\Local\Adobe
2014-06-13 01:47 - 2013-07-29 13:01 - 00024168 _____ () C:\Users\Roc\AppData\Roaming\Notepad2.ini
2014-06-13 01:36 - 2013-11-20 14:05 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-06-13 01:35 - 2014-06-12 12:13 - 00119296 _____ () C:\windows\SysWOW64\zlib.dll
2014-06-12 20:18 - 2009-07-13 23:13 - 00798842 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-12 15:17 - 2014-06-12 15:17 - 00034179 _____ () C:\Users\Roc\Downloads\GTA San Andreas (2).pin
2014-06-12 15:16 - 2014-05-24 21:11 - 00000000 ____D () C:\Program Files (x86)\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-06-12 15:04 - 2014-06-12 15:04 - 00002117 _____ () C:\Users\Public\Desktop\Pinnacle Game Profiler.lnk
2014-06-12 15:04 - 2014-06-12 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Game Profiler
2014-06-12 15:04 - 2014-06-12 15:04 - 00000000 ____D () C:\Program Files (x86)\PowerUp Software
2014-06-12 14:58 - 2013-12-08 05:03 - 00000000 ____D () C:\Program Files\PeerBlock
2014-06-12 14:53 - 2014-06-12 14:52 - 00000000 ____D () C:\Users\Roc\Desktop\XPadder
2014-06-12 14:53 - 2012-06-05 20:28 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\uTorrent
2014-06-12 14:33 - 2014-06-12 14:33 - 00034179 _____ () C:\Users\Roc\Downloads\GTA San Andreas (1).pin
2014-06-12 14:07 - 2014-06-12 14:07 - 00034179 _____ () C:\Users\Roc\Downloads\GTA San Andreas.pin
2014-06-12 13:09 - 2014-06-12 13:09 - 00091577 _____ () C:\Users\Roc\Downloads\gta-xbox360_126.zip
2014-06-12 12:26 - 2014-06-12 12:25 - 09780729 _____ () C:\Users\Roc\Downloads\Pinnacle Game Profiler V5-Mbb.rar
2014-06-12 12:14 - 2014-06-12 12:14 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\PowerUp Software
2014-06-12 12:14 - 2014-06-12 12:14 - 00000000 ____D () C:\ProgramData\PowerUp Software
2014-06-12 12:12 - 2011-10-30 20:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-12 12:01 - 2014-06-12 12:01 - 11826619 _____ (InstallShield Software Corporation) C:\Users\Roc\Downloads\pinnacle-setup.exe
2014-06-12 11:55 - 2013-11-23 05:01 - 00000000 ____D () C:\ProgramData\hem
2014-06-12 11:53 - 2014-06-12 11:52 - 00816854 _____ () C:\Users\Roc\Downloads\JoyToKey_en.zip
2014-06-12 11:37 - 2014-06-12 11:34 - 00000000 ____D () C:\Users\Roc\Downloads\GTA San Andreas
2014-06-12 11:32 - 2014-06-12 11:32 - 00001297 _____ () C:\Users\Roc\Desktop\Grand Theft Auto San Andreas.lnk
2014-06-12 11:12 - 2014-06-12 11:12 - 00000000 ____D () C:\Users\Roc\Desktop\extra files
2014-06-12 11:12 - 2012-09-08 06:00 - 00000000 ____D () C:\Users\Roc\AppData\Local\CrashDumps
2014-06-12 11:10 - 2012-06-06 07:05 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-06-12 08:55 - 2014-06-11 16:09 - 00000000 ____D () C:\Users\Roc\Downloads\GTA IV ALL PATCHES + CRACK + XLIVE DLL FIX
2014-06-12 08:49 - 2014-06-12 08:49 - 00887896 _____ (Microsoft Corporation) C:\Users\Roc\Downloads\dotNetFx40_Client_setup.exe
2014-06-12 08:11 - 2012-06-06 18:24 - 00000000 ____D () C:\Users\Roc\AppData\Local\PMB Files
2014-06-12 08:11 - 2012-06-06 18:24 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-12 07:54 - 2014-06-12 07:54 - 00000287 _____ () C:\Users\Roc\Dad
2014-06-12 07:54 - 2012-06-05 21:05 - 00000000 ____D () C:\Users\Roc
2014-06-12 07:46 - 2014-06-12 07:46 - 00003354 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-12 07:46 - 2014-06-12 07:46 - 00003216 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-12 06:39 - 2014-06-11 21:52 - 00000898 _____ () C:\windows\PFRO.log
2014-06-12 00:50 - 2014-06-12 00:49 - 16291184 _____ (Rockstar Games) C:\Users\Roc\Downloads\Social Club v1.1.0.6 Setup.exe
2014-06-12 00:48 - 2014-06-12 00:48 - 09889352 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RsCRIcon.dll
2014-06-12 00:48 - 2014-06-12 00:48 - 00271064 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUStor.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2014-06-12 00:47 - 2014-06-12 00:47 - 00128200 _____ (Qualcomm Atheros Co., Ltd.) C:\windows\system32\Drivers\L1C62x64.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 00100312 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-12 00:44 - 2014-06-12 00:44 - 03073752 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-06-12 00:41 - 2014-06-12 00:41 - 00003210 _____ () C:\windows\System32\Tasks\Driver Booster Scan
2014-06-12 00:41 - 2014-06-12 00:41 - 00003154 _____ () C:\windows\System32\Tasks\Driver Booster Update
2014-06-12 00:41 - 2014-06-12 00:41 - 00002850 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Roc)
2014-06-12 00:41 - 2014-06-12 00:41 - 00001181 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-06-12 00:41 - 2014-06-12 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-12 00:41 - 2014-06-11 19:37 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\IObit
2014-06-12 00:41 - 2012-06-06 23:54 - 00000000 ____D () C:\ProgramData\IObit
2014-06-12 00:41 - 2012-06-06 23:54 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-12 00:37 - 2014-06-12 00:36 - 00886532 _____ () C:\Users\Roc\Downloads\GTAIV_For_Low-End.zip
2014-06-11 23:43 - 2014-06-11 23:43 - 00000310 _____ () C:\Users\Roc\Desktop\RootkitRemover_20140611_234302.log
2014-06-11 22:45 - 2014-06-11 22:45 - 00606048 _____ (gputemp.com ) C:\Users\Roc\Downloads\gputemp_setup.exe
2014-06-11 22:45 - 2014-06-11 22:45 - 00000947 _____ () C:\Users\Public\Desktop\GPU Temp.lnk
2014-06-11 22:45 - 2014-06-11 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPU Temp
2014-06-11 22:45 - 2014-06-11 22:45 - 00000000 ____D () C:\Program Files (x86)\GPU Temp
2014-06-11 22:41 - 2014-06-11 22:41 - 00330853 _____ () C:\Users\Roc\Downloads\RealTemp_370.zip
2014-06-11 22:41 - 2014-06-11 22:41 - 00000000 ____D () C:\Users\Roc\Downloads\RealTemp_370
2014-06-11 21:52 - 2014-06-11 21:52 - 00000000 _____ () C:\windows\SysWOW64\sho65CA.tmp
2014-06-11 21:50 - 2014-06-11 21:50 - 00000150 _____ () C:\windows\wininit.ini
2014-06-11 21:50 - 2014-06-11 19:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-11 21:03 - 2014-06-11 18:57 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-11 21:03 - 2014-06-11 18:56 - 00000000 ____D () C:\Users\Roc\Desktop\mbar
2014-06-11 19:49 - 2014-06-11 19:48 - 18070304 _____ (IObit ) C:\Users\Roc\Downloads\driver_booster_setup.exe
2014-06-11 19:39 - 2014-06-11 19:39 - 00003162 _____ () C:\windows\System32\Tasks\SmartDefrag3_Startup
2014-06-11 19:39 - 2014-06-11 19:39 - 00003160 _____ () C:\windows\System32\Tasks\SmartDefrag3_Update
2014-06-11 19:37 - 2014-06-11 19:37 - 00001181 _____ () C:\Users\Public\Desktop\Smart Defrag 3.lnk
2014-06-11 19:37 - 2014-06-11 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-06-11 19:36 - 2014-06-11 19:36 - 08935344 _____ (IObit ) C:\Users\Roc\Downloads\smart-defrag-setup.exe
2014-06-11 19:21 - 2014-06-11 19:21 - 00000000 ____D () C:\Program Files (x86)\Raxco
2014-06-11 19:21 - 2014-06-11 19:18 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-11 19:19 - 2014-06-11 19:19 - 00001402 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-11 19:19 - 2014-06-11 19:19 - 00001390 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-06-11 19:19 - 2014-06-11 19:19 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-11 19:19 - 2014-06-11 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-11 19:06 - 2014-06-11 19:04 - 46392680 _____ (Safer-Networking Ltd. ) C:\Users\Roc\Downloads\spybot-2.3.exe
2014-06-11 18:56 - 2014-06-11 18:56 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-06-11 18:55 - 2014-06-11 18:54 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Roc\Downloads\mbar-1.07.0.1012.exe
2014-06-11 18:55 - 2014-06-11 18:54 - 04161050 _____ () C:\Users\Roc\Downloads\tdsskiller.zip
2014-06-11 18:55 - 2012-06-22 14:07 - 00000000 ___RD () C:\Users\Roc\Desktop\Utilities
2014-06-11 18:53 - 2014-06-11 18:53 - 00000310 _____ () C:\Users\Roc\Downloads\RootkitRemover_20140611_185307.log
2014-06-11 18:52 - 2014-06-11 18:52 - 00782584 _____ (McAfee, Inc.) C:\Users\Roc\Desktop\rootkitremover.exe
2014-06-11 16:33 - 2014-06-10 08:46 - 00000000 ____D () C:\Users\Roc\Downloads\PC » GTA IV PERFECT RIP directplay by globe@
2014-06-11 16:31 - 2014-06-11 16:31 - 00020040 _____ () C:\Users\Roc\Downloads\[kickass.to]gtaiv.patch.1040.crack.razor1911.working.key.generator (1).torrent
2014-06-11 15:43 - 2014-06-11 15:43 - 00000077 _____ () C:\Users\Roc\Allegiance
2014-06-11 15:43 - 2012-06-09 01:23 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\SoftGrid Client
2014-06-11 02:02 - 2014-06-10 17:17 - 00000000 ____D () C:\Users\Roc\Downloads\GTAIV_Patch_1040 + Crack Razor1911+Working_Key_Generator
2014-06-10 17:59 - 2014-06-10 17:59 - 00071566 _____ () C:\Users\Roc\Downloads\[kickass.to]gta.iv.pc.version.rwt007.torrent
2014-06-10 17:58 - 2014-06-10 17:57 - 02796287 _____ () C:\Users\Roc\Downloads\RGSC_1_1_3_0.rar
2014-06-10 17:21 - 2014-06-10 17:21 - 00001890 _____ () C:\Users\Roc\GTA IV BS
2014-06-10 17:17 - 2014-06-10 17:17 - 00020040 _____ () C:\Users\Roc\Downloads\[kickass.to]gtaiv.patch.1040.crack.razor1911.working.key.generator.torrent
2014-06-10 13:46 - 2014-06-10 13:46 - 00001084 _____ () C:\Users\Guest\Desktop\FreeArc.lnk
2014-06-10 13:46 - 2014-06-10 13:46 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\FreeArc
2014-06-10 13:46 - 2014-06-10 13:45 - 00000000 ____D () C:\Program Files (x86)\FreeArc
2014-06-10 13:45 - 2014-06-10 13:45 - 00001084 _____ () C:\Users\Roc\Desktop\FreeArc.lnk
2014-06-10 13:45 - 2014-06-10 13:45 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeArc
2014-06-10 13:45 - 2014-06-10 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeArc
2014-06-10 13:45 - 2014-06-10 13:44 - 07938425 _____ () C:\Users\Roc\Downloads\FreeArc-0.666-win32.exe
2014-06-10 07:57 - 2014-06-10 06:20 - 00000000 ____D () C:\Program Files (x86)\Arab-GB
2014-06-10 07:14 - 2014-06-10 07:14 - 00020158 _____ () C:\Users\Roc\Downloads\[TorrentDownloads.me]_GTAIV_Patch_1040 + Crack Razor1911+Working_Key_Generator.torrent
2014-06-08 09:20 - 2014-05-25 17:27 - 00000000 ____D () C:\Users\Roc\Documents\Telltale Games
2014-06-08 08:40 - 2014-06-08 08:31 - 00000000 ____D () C:\R.G. Catalyst
2014-06-08 06:12 - 2014-06-08 06:12 - 00001276 _____ () C:\Users\Roc\Desktop\OpenIV.lnk
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\New Technology Studio
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Local\New Technology Studio
2014-06-08 06:11 - 2014-06-08 06:11 - 00001257 _____ () C:\Users\Roc\Desktop\GTA IV Vehicle Mod Installer.lnk
2014-06-08 06:07 - 2014-06-08 06:07 - 00000000 ____D () C:\Users\Roc\AppData\Local\Mato_Technologies
2014-06-08 05:30 - 2012-11-09 13:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-08 03:29 - 2012-06-11 23:17 - 00000000 ____D () C:\ProgramData\Intel
2014-06-08 03:29 - 2012-06-05 21:09 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-08 03:28 - 2014-06-08 03:28 - 00000000 _____ () C:\windows\setuperr.log
2014-06-08 03:07 - 2014-06-08 03:07 - 00000000 ____D () C:\Users\Roc\Downloads\Microsoft Word 2010 + Crack {LCD}
2014-06-08 03:02 - 2012-06-07 06:22 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\SystemRequirementsLab
2014-06-08 03:02 - 2012-06-07 06:22 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-08 03:01 - 2013-11-24 05:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 03:00 - 2014-06-08 03:00 - 00004030 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-08 03:00 - 2014-06-08 03:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 03:00 - 2013-07-11 15:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-07 11:25 - 2014-06-07 11:25 - 00000000 ____D () C:\Games
2014-06-07 11:12 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Tunngle
2014-06-07 11:12 - 2014-05-29 06:41 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-07 11:06 - 2014-06-07 11:06 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-06-07 10:55 - 2014-06-07 10:55 - 00000000 ___SH () C:\Users\Roc\AppData\Local\LumaEmu
2014-06-07 10:55 - 2014-06-07 10:55 - 00000000 ____D () C:\ProgramData\LumaEmu_SteamCloud
2014-06-07 10:51 - 2014-01-16 03:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-07 10:35 - 2014-06-02 01:03 - 00000000 ____D () C:\Users\Roc\Downloads\MP3 and Other bleep
2014-06-06 16:20 - 2014-06-06 16:20 - 00000000 ____D () C:\Users\Roc\AppData\Local\Rockstar Games
2014-06-06 06:15 - 2014-06-05 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
2014-06-02 09:38 - 2014-05-26 08:47 - 00000144 _____ () C:\Users\Roc\Temp Services
2014-06-02 01:05 - 2014-06-02 01:05 - 00000000 ____D () C:\Users\Roc\Downloads\Mods
2014-06-01 04:52 - 2014-06-01 04:52 - 00001445 _____ () C:\Users\Roc\Desktop\SnapTimer.exe - Shortcut.lnk
2014-05-31 19:55 - 2012-06-06 23:18 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Skype
2014-05-31 08:27 - 2014-05-31 08:27 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-05-31 08:27 - 2012-06-20 12:04 - 00000000 ____D () C:\Just Cause 2
2014-05-31 08:21 - 2014-05-31 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-05-31 08:21 - 2014-05-31 08:21 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-05-30 05:56 - 2012-06-25 18:38 - 00000023 _____ () C:\windows\BlendSettings.ini
2014-05-29 19:29 - 2014-05-29 19:25 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Riot Games
2014-05-29 19:28 - 2014-05-29 19:28 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-05-29 19:28 - 2014-05-29 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-05-29 19:28 - 2013-11-26 13:11 - 00000000 __SHD () C:\windows\SysWOW64\AI_RecycleBin
2014-05-29 19:28 - 2012-06-17 01:56 - 00000000 __SHD () C:\AI_RecycleBin
2014-05-29 07:10 - 2012-06-05 20:09 - 00059208 _____ () C:\Users\Roc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-29 06:45 - 2009-07-13 22:45 - 04939336 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-29 06:42 - 2014-05-29 06:41 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00001002 _____ () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Roc\Documents\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-05-29 06:26 - 2014-05-29 06:03 - 00000890 _____ () C:\Users\Public\Desktop\Torchlight II.lnk
2014-05-29 06:23 - 2014-05-29 06:00 - 00000000 ____D () C:\Program Files (x86)\Torchlight II
2014-05-29 06:03 - 2014-05-29 06:03 - 00000850 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight II.lnk
2014-05-29 03:08 - 2012-09-27 09:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-29 00:41 - 2012-09-24 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-25 17:27 - 2014-05-25 17:27 - 00000000 ____D () C:\ProgramData\REVOLT
2014-05-25 04:36 - 2014-05-25 04:36 - 00002669 _____ () C:\Users\Roc\Desktop\Morroblivion.lnk
2014-05-24 21:19 - 2014-05-24 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-05-24 21:19 - 2012-06-06 18:32 - 00000000 ____D () C:\windows\SysWOW64\directx
2014-05-24 14:07 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\system32\NDF
2014-05-19 23:53 - 2013-12-08 05:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2014-05-18 20:25 - 2014-05-18 20:25 - 00000294 _____ () C:\Users\Roc\refining
2014-05-15 14:25 - 2014-01-03 16:01 - 00085328 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-05-15 14:25 - 2012-09-29 21:42 - 01039096 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-05-15 14:25 - 2012-09-29 21:42 - 00423240 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
 
Files to move or delete:
====================
C:\Users\Roc\AppData\Roaming\CamLayout.ini
C:\Users\Roc\AppData\Roaming\CamShapes.ini
C:\Users\Roc\jagex_cl_runescape_LIVE.dat
C:\Users\Roc\random.dat
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-08 03:35
 
==================== End Of Log ============================
 
 
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2014 02
Ran by Roc at 2014-06-13 20:23:53
Running from C:\Users\Roc\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.21 (HKLM-x32\...\{23170F69-40C1-2701-0921-000001000000}) (Version: 9.21.00.0 - Igor Pavlov)
AC2 server emulator 0.44 by Dormine (HKLM-x32\...\{675DD1E6-637A-4F0E-B6DE-26F45CC26092}_is1) (Version:  - bjamikel)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.3.0.322 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
Any Video Converter 5.5.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
Assassins Creed - Revelations version 1.5 (HKLM-x32\...\{B45A9A00-4016-AC3-A973-5A8AB70A03DE}_is1) (Version: 1.5 - Black_Box)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.00 - Ubisoft)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Auto Clicker by Shocker (HKLM-x32\...\Auto Clicker by Shocker_is1) (Version: V3.0 - shockingsoft.com)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
BearShare (HKCU\...\BearShare) (Version: 11.0.0.133554 - Musiclab, LLC)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.3.3026 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{757C4173-6457-48F5-898E-CF6A8E62287F}) (Version: 0.8.3.3026 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Call of Duty - World at War (HKLM-x32\...\{2775C25A-DF39-44AA-8E59-E0447DC164C2}) (Version: 1.00.0000 - Modern)
Call of Duty® - World at War™ 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty® - World at War™ 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty® - World at War™ 1.3 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.3 Patch (x32 Version: 1.3 - Activision) Hidden
Call of Duty® - World at War™ 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty® - World at War™ 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty® 4 - Modern Warfare™ 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.3 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.5 Multiplayer Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty® 4 - Modern Warfare™ 1.7 Patch (x32 Version:  - ) Hidden
CamStudio 2.7.2 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.2 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CommView for WiFi (HKLM-x32\...\{CDED9EF0-D072-11DF-2EA6-0104A00B0BB3}) (Version: 7.0 - TamoSoft)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.49.50 - Conexant)
CoS Arkadia Micro-client Launcher (HKLM-x32\...\{9C108657-4DCC-4A57-B782-C09B7447D732}) (Version: 2.0.0.0 - MECHANIST.co)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Rising 2: OTR (HKLM-x32\...\GFWL_{43430FA2-C625-49DA-8882-351000008300}) (Version: 1.0.0000.131 - Capcom)
Dead Rising 2: OTR (x32 Version: 1.0.0000.131 - Capcom) Hidden
Debian-Installer loader (HKLM-x32\...\Debian-Installer Loader) (Version: 0.7.4.7+deb7u1 - The Debian Project)
Defraggler (HKLM\...\Defraggler) (Version: 2.16 - Piriform)
DesktopWeatherAlerts (HKCU\...\DesktopWeatherAlerts) (Version: 1.0.13.0 - Local Weather LLC)
Digital Power Station version 1.2.3 (HKLM\...\{ABAC2C1F-1BD5-45B1-89D8-1AA34CD16B7B}_is1) (Version: 1.2.3 - Bongiovi Acoustics)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.26.0.202 - Innovative Solutions)
Dropbox (HKCU\...\Dropbox) (Version: 2.0.26 - Dropbox, Inc.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EZ CD Audio Converter (64-bit) (HKLM-x32\...\EZ CD Audio Converter (64-bit)) (Version: 1.3.4 - Poikosoft)
Fable III (x32 Version: 1.0.0001.131 - Microsoft Game Studios) Hidden
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
Float32 2.0 (HKLM-x32\...\{FED34B00-1DA2-4F4C-A3EC-A5F5893F5D86}) (Version: 2.0.2198 - www.thefloatingpoint.org)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
FreeArc 0.666 (HKLM-x32\...\FreeArc) (Version: 0.666 - Bulat Ziganshin)
FreePriceAlerts 2.3.5 (HKLM\...\{DC3381CB-10D4-431D-B9B3-7DB84B00645F}) (Version: 2.3.5 - myVBO LLC)
GamersFirst LIVE! (HKCU\...\GamersFirst LIVE!) (Version:  - GamersFirst)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GPU Temp version 1.0 (HKLM-x32\...\{8C8711FD-0FC8-4801-B33E-ED19BB0350B1}_is1) (Version: 1.0 - gputemp.com)
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto San Andreas + MultiPlayer [0.3e] (HKLM-x32\...\{E1D22FE1-AB5F-42CA-9480-6F70B96DDD88}_is1) (Version: 0.3(e) - RePack by -=M@N=-)
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
GTA IV Vehicle Mod Installer v1.2 (HKLM-x32\...\GTA IV Vehicle Mod Installer v1.2_is1) (Version:  - MobileD2)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.10.1464 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Graphics Performance Analyzers 2012 R3 (HKLM\...\{B48DBBEE-2CCB-492E-5534-78ECE932A8E3}) (Version: 12.3.0.174307 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.23.943.1 - Intel Corporation) Hidden
Internet Explorer Toolbar 4.9 by SweetPacks (HKLM-x32\...\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}) (Version: 4.9.0000 - SweetIM Technologies Ltd.) <==== ATTENTION
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
John's Background Switcher 4.6 (HKLM-x32\...\{DD3DAD13-289E-440E-A5D3-3EFB25305018}_is1) (Version: 4.6 - johnsadventures.com)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LibUSB-Win32-0.1.10.1 (HKLM-x32\...\LibUSB-Win32_is1) (Version: 0.1.10.1 - LibUSB-Win32)
Lineage II (HKLM-x32\...\{23664DA8-8872-4CF4-A2F2-327CC539823B}) (Version: 4.0.0.2 - NC Interactive, LLC)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.7.9.44 - www.leaguereplays.com)
Mafia II (HKLM-x32\...\Mafia II_is1) (Version:  - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version:  - )
MotioninJoy ds3 driver version 0.6.0003 (HKLM-x32\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.6.00001 - www.motioninjoy.com)
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
NCsoft Launcher (HKLM-x32\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.19002 - NCsoft)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.3.1.13 - NETGEAR Inc.)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
Nexon Game Manager (HKLM-x32\...\{289AC7E0-0AEE-4a7b-913C-709D9803D23E}) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.45.6 - Black Tree Gaming)
Notepad2 (Notepad Replacement) (HKLM\...\Notepad2) (Version: 4.2.25  - Florian Balmer)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.4.1.210 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\{0A337036-B73E-4C85-8D32-3851F84B7CFE}) (Version: 0.46.271 - Overwolf)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1+ (r691) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.691 - PeerBlock, LLC)
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.6.9 - PowerUp Software)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)
Python 2.7 comtypes-0.6.2 (HKLM-x32\...\comtypes-py2.7) (Version:  - )
Python 2.7 PIL-1.1.7 (HKLM-x32\...\PIL-py2.7) (Version:  - )
Python 2.7 pywin32-217 (HKLM-x32\...\pywin32-py2.7) (Version:  - )
Python 2.7.3 (HKLM-x32\...\{C0C31BCC-56FB-42a7-8766-D29E1BD74C7C}) (Version: 2.7.3150 - Python Software Foundation)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.0.4-1.0.2409.253 - raidcall.com)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.0 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30133 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - )
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Replay Media Catcher 4 (4.4.3) (HKLM-x32\...\Replay Media Catcher 4) (Version: 4.4.3 - Applian Technologies)
RGF HotSpot version 0.6b (HKLM-x32\...\RGF HotSpot_is1) (Version: 0.6b - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
RollerCoaster Tycoon 3: Platinum (x32 Version: 2.2.0.98 - WildTangent) Hidden
San Andreas Mod Installer (HKLM-x32\...\San Andreas Mod Installer1.1) (Version: 1.1 - cpmusick)
ScreenShot V1.1.0.0 (HKLM-x32\...\{1BBEB0C2-B5F6-4B8E-A4EA-1B13C45FCE7D}) (Version: 1.1.0 - MichaelFontana)
Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7001 - Six Projects)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Smart Mod Manager (HKLM-x32\...\{98ED974C-09EC-4081-BF88-FA5645B41622}) (Version: 1.8.3.0 - Don Reba)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.1.6.0 - Synaptics Incorporated)
System Requirements Lab CYRI (HKLM-x32\...\{E362724E-9320-4946-AF34-874E7B6B2927}) (Version: 6.0.7.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Tales of Lagoona (x32 Version: 2.2.0.98 - WildTangent) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.18051 - TeamViewer)
Technitium MAC Address Changer v6.0.5 (HKLM-x32\...\TMACv6.0) (Version: 6.0.5 - Technitium)
TES Construction Set (HKLM-x32\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version:  - )
TipCam 2.2 (HKLM-x32\...\TipCam) (Version: 2.2 - UTIPU, Inc.)
Titan Quest (HKLM-x32\...\Titan Quest_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
ToneSync for Windows (HKCU\...\c2c9648a374f64d1) (Version: 1.2.3.309 - Zedge Europe AS)
tools-linux (x32 Version: 9.6.1.1379776 - VMware, Inc.) Hidden
Torchlight II © Runic Games version 1 (HKLM-x32\...\Torchlight II © Runic Games_is1) (Version: 1 - )
TorrentRover v0.22.0 beta (HKLM-x32\...\{E65DD5E7-E6D2-4E65-B2C6-C6B77BE6BEF6}) (Version: 0.22.0 - John Loper II (All Rights Reserved))
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.0 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}) (Version: 2.2.7530 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.17.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\{97965331-BC5D-4D9F-B6DF-5C0A123E4AE0}) (Version: 2.1.0.3 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.13.11 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.4 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.5 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.5.5109a - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.21.64 - TOSHIBA Corporation) Hidden
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.2001 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{0AF17224-CF88-40B8-BB1A-D179369847B4}) (Version: 2.1.0.2 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.1.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.6.1.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.6.1.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.3 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.3 - TOSHIBA Corporation) Hidden
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.7 - TOSHIBA)
TQ Defiler.NET (HKLM-x32\...\{F4CB0C1E-A88F-46D7-AC9A-03B349A8D64F}) (Version: 1.3.7 - Soul's Software)
TQVault (HKLM-x32\...\{5E19D0AA-D95B-456C-ADE9-B046D86EAA24}) (Version: 2.30.4 - bman654)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UE3Redist (HKCU\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Uninstall TrianglePlayer (HKLM-x32\...\TrianglePlayer_is1) (Version: 2012 - Fuzhou Zhuo Yue Wu Xian Software Development Company Limited)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unofficial Oblivion Patch v3.4.4 (HKLM-x32\...\Unofficial Oblivion Patch_is1) (Version: 3.4.4 - Quarn, Kivan, and Arthmoor)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vice Cry (HKLM-x32\...\Vice Cry 1.7) (Version: 1.7 - Vice Cry Team)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.1 - VMware, Inc)
VMware Player (Version: 6.0.1 - VMware, Inc.) Hidden
WEBZEN Browser Extension (HKLM-x32\...\{95723791-2C44-454B-9220-C65D47D70E9C}) (Version: 1.01.020 - WEBZEN)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.9 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Wise Video Converter 1.36 (HKLM-x32\...\Wise Video Converter_is1) (Version: 1.36 - WiseCleaner.com, Inc.)
Wondershare Video Converter Ultimate(Build 6.6.0.5) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 6.6.0.5 - Wondershare Software)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 0.3.0.3 - Wrye & Wrye Bash Development Team)
WTFast 3.0 (HKLM-x32\...\{12B4121D-5221-4AFC-9EDC-63B0CA139856}_is1) (Version: 3.0.2.9 - Initex & AAA Internet Publishing)
wxPython 2.8.12.1 (unicode) for Python 2.7 (HKLM-x32\...\wxPython2.8-unicode-py27_is1) (Version: 2.8.12.1-unicode - Total Control Software)
Yahoo Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo Inc.)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
12-06-2014 06:42:56 Driver Booster : Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20)
12-06-2014 18:10:34 Installed Pinnacle Game Profiler
12-06-2014 18:28:32 Configured Pinnacle Game Profiler
12-06-2014 18:32:24 Removed Pinnacle Game Profiler
12-06-2014 18:34:20 Installed Pinnacle Game Profiler
12-06-2014 21:02:48 Configured Pinnacle Game Profiler
12-06-2014 21:03:41 Removed Pinnacle Game Profiler
12-06-2014 21:04:28 Installed Pinnacle Game Profiler
 
==================== Hosts content: ==========================
 
2009-07-13 20:34 - 2013-03-13 01:07 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {00476EBA-A8DC-4B56-8735-7F33CA7E37FC} - System32\Tasks\RealCreateProcessScheduledTask69141468S-1-5-21-2109263369-3482990966-500902494-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2013-01-18] (RealNetworks, Inc.)
Task: {082820F4-6F10-41E6-AC98-06D197DB7886} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {0CB922AF-7389-40D6-B102-95C36C758794} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-03-07] (IObit)
Task: {0CDC1254-331B-4E4B-9DF6-97B4B54E9DA7} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {0CFA5A4F-9A77-4BC6-B8D0-DC82DF0C70E9} - System32\Tasks\Real Player online update program => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2013-01-18] (RealNetworks, Inc.)
Task: {122B1741-5BF0-49EF-9A20-8CAA63A57BD8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {12C1F79F-6E7D-4310-9448-A9D714FBD872} - System32\Tasks\RealCreateProcessScheduledTask513080502S-1-5-21-2109263369-3482990966-500902494-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2013-01-18] (RealNetworks, Inc.)
Task: {167CBFEF-967E-4358-AB9F-ECC157EFDC6E} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {1F57E6D4-F4B9-483A-8207-62B3FC1AF61A} - System32\Tasks\Driver Booster SkipUAC (Roc) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-06-04] (IObit)
Task: {27891FE8-A9B7-4481-9DE1-77BCED7A63E3} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\SymErr.exe
Task: {2A169EF9-9FE4-4697-BA2A-C1038F8581A7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36FA5D49-8291-4553-A9CC-029F548CB626} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {42CDD67F-6197-48A3-80C4-BDEE23949A98} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {46CE70AB-1090-4DFC-9219-8B9665CCD5A6} - System32\Tasks\GoogleUpdateTaskMachineCore1cd94c07f095136 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {534DEB98-E033-421A-81E6-8E3846745B8E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {562A0F2B-17F6-4504-9D9A-4FBC5813DF4E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {5632E6FF-2043-4695-B114-ECB1F58D7F13} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {57539C1D-0DD4-458B-872F-C41736B05075} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe [2014-03-10] (IObit)
Task: {59FD93F2-75D6-41B6-AF80-6906B6E09B63} - System32\Tasks\Intel® GPA Monitor 12.3 => C:\Program Files\Intel\GPA\2012 R3\gpamonitor.exe [2012-05-11] (Intel Corporation)
Task: {617541A8-9B6E-4AD8-A286-9E3CB548A4FC} - System32\Tasks\{EFD408BA-F3F5-4AA1-82FE-F986569F7FB0} => C:\Program Files (x86)\Electronic Arts\Crytek\Crysis 2\bin32\Crysis2.exe
Task: {733428D0-A614-4E03-8500-AA52CC5CE231} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {74C5CBDB-2E53-4C62-A160-8F8D0532AB7F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {76A56180-F3E6-4667-B70F-DC396A8822CE} - System32\Tasks\Games\UpdateCheck_S-1-5-21-2109263369-3482990966-500902494-1000
Task: {76F638A0-44D8-449F-A833-AB8B0FF7BAB8} - System32\Tasks\MySearchDial => C:\Users\Roc\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {7C3552C5-4700-41CC-B349-5CD710DD075B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe
Task: {7CBAB1DD-208A-4DEF-816A-14C4C5757036} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-05] (Google Inc.)
Task: {7EF2AD8D-5E16-4C7F-A3FC-DD8958EF37BA} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2012-11-29] (RealNetworks, Inc.)
Task: {7F3AA974-B08E-4A61-B9AB-4A5A5BABBF7F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {90E4693E-9E9C-4E79-8979-219FBBE8E965} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {951470EA-32AF-4C13-BC9B-BFAB8C1E53D1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {9D782829-7529-4DAF-AF89-F0422EC7DDC7} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-04] (AVAST Software)
Task: {B3E2CB52-51E9-4158-9EE0-919A444CB547} - System32\Tasks\RealCreateProcessScheduledTask10695522S-1-5-21-2109263369-3482990966-500902494-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2013-01-18] (RealNetworks, Inc.)
Task: {B5889687-7A3A-4236-92DD-D13F46C68B6D} - System32\Tasks\Express Files Updater => C:\Program Files (x86)\ExpressFiles\EFupdater.exe <==== ATTENTION
Task: {BDCD554D-7F50-4CD8-B5AF-CBB6E5D6492A} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\SymErr.exe
Task: {C0A1FAAA-4EC8-4AB7-AF69-8252D292DD72} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-06-04] (IObit)
Task: {DDB12B2B-82FF-43EB-B264-5B4818486D56} - System32\Tasks\RealCreateProcessScheduledTask472852228S-1-5-21-2109263369-3482990966-500902494-1000 => c:\program files (x86)\real\realplayer\update\realsched.exe [2013-01-18] (RealNetworks, Inc.)
Task: {E452B20A-51BA-4779-B6B3-7BADF4DFF549} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {E6D55C1C-4F44-4AA1-B014-8D9847E95041} - System32\Tasks\AdobeAAMUpdater-1.0-Roc-PC-Roc => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-12-10] (Adobe Systems Incorporated)
Task: {EA186D93-5A9C-46A9-9032-9E73EAAAD3BE} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {EAEA2E8D-6618-4AC3-B834-E90928623347} - System32\Tasks\{3A440083-DA01-4A4C-817B-194E8162DDE3} => C:\Program Files (x86)\Square Enix\Sleeping Dogs\HKShip.exe [2013-11-30] ()
Task: {EE324751-86ED-4497-B9F3-C263BAE11964} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2012-11-29] (RealNetworks, Inc.)
Task: {EF6A5622-D5F0-4DE4-8AF8-D3A526FEE21B} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\6.2.1.5\WSCStub.exe
Task: {FA89CB9B-D7B4-4737-8016-7B5BD13937B6} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore1cd94c07f095136.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\MySearchDial.job => C:\Users\Roc\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000.job => C:\Program Files (x86)\Real\RealUpgrade\realupgrade.exe
Task: C:\windows\Tasks\ReclaimerResumeInstall_Roc.job => C:\Users\Roc\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.30\agent\rnupgagent.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-06-12 14:32 - 2014-01-16 03:43 - 00076888 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2012-11-29 20:31 - 2012-11-29 20:31 - 00038608 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-12-13 12:20 - 2013-12-13 12:20 - 03359600 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-12-15 14:38 - 2013-08-23 13:36 - 00721263 _____ () C:\windows\SysWOW64\WSCM64.dll
2011-04-04 20:18 - 2011-04-04 20:18 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-23 13:55 - 2013-09-23 13:54 - 00970240 _____ () C:\Program Files (x86)\HEM\wmime.exe
2010-02-28 02:33 - 2010-02-28 02:33 - 00077664 _____ () C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe
2014-06-13 18:29 - 2014-06-13 18:29 - 02776064 _____ () C:\Program Files\AVAST Software\Avast\defs\14061301\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-11 19:19 - 2014-04-25 14:11 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-06-11 19:19 - 2014-04-25 14:11 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-06-11 19:19 - 2014-04-25 14:11 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-06-11 19:19 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-06-11 19:19 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2013-10-18 12:46 - 2013-10-18 12:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2013-11-20 14:10 - 2013-11-20 14:10 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-11 16:16 - 2014-06-05 07:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-11 16:16 - 2014-06-05 07:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-11 16:16 - 2014-06-05 07:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-11 16:16 - 2014-06-05 07:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-11 16:16 - 2014-06-05 07:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Windows:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
AlternateDataStreams: C:\windows\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\windows\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\windows\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\ProgramData\TEMP:3E7908F7
AlternateDataStreams: C:\Users\Roc\Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3
AlternateDataStreams: C:\Users\Roc\Downloads:Shareaza.GUID
AlternateDataStreams: C:\Users\Roc\My Documents:{2C848322-7882-41E2-AFF6-B060B946FEE9}3
AlternateDataStreams: C:\Users\Roc\Downloads\Game Downloads:Shareaza.GUID
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: CodeMeter.exe => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Norton PC Checkup Application Launcher => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\Services: TMachInfo => 3
MSCONFIG\Services: TODDSrv => 2
MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VideoAcceleratorService => 2
MSCONFIG\Services: Wecsvc => 3
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupreg: TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: wmime => C:\Program Files (x86)\HEM\wmime.exe /STARTUP
 
==================== Faulty Device Manager Devices =============
 
Name: USB Video Device
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: VMware Virtual Ethernet Adapter for VMnet1
Description: VMware Virtual Ethernet Adapter for VMnet1
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: VMware Virtual Ethernet Adapter for VMnet8
Description: VMware Virtual Ethernet Adapter for VMnet8
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: VMware, Inc.
Service: VMnetAdapter
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/13/2014 07:30:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3448
 
Error: (06/13/2014 07:30:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3448
 
Error: (06/13/2014 07:30:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/13/2014 07:21:49 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/13/2014 07:21:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/13/2014 06:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12355
 
Error: (06/13/2014 06:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12355
 
Error: (06/13/2014 06:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/13/2014 06:36:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11357
 
Error: (06/13/2014 06:36:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11357
 
 
System errors:
=============
Error: (06/13/2014 07:51:18 PM) (Source: bowser) (EventID: 8003) (User: )
Description: The master browser has received a server announcement from the computer ROUTER
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{905CA1A6-0050-46D5-BB9E-9FD1796D6D47}.
The master browser is stopping or an election is being forced.
 
Error: (06/13/2014 07:21:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
amdkmafd
 
Error: (06/13/2014 07:21:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/13/2014 07:21:49 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error: 
%%1064
 
Error: (06/13/2014 07:21:19 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Common Client Job Manager Service service terminated with service-specific error %%-1.
 
Error: (06/13/2014 07:21:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LibUsb-Win32 - Daemon, Version 0.1.10.1 service failed to start due to the following error: 
%%2
 
Error: (06/13/2014 07:21:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (06/13/2014 03:08:29 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
 
Error: (06/13/2014 01:35:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/13/2014 01:35:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
amdkmafd
 
 
Microsoft Office Sessions:
=========================
Error: (06/13/2014 07:30:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3448
 
Error: (06/13/2014 07:30:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3448
 
Error: (06/13/2014 07:30:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/13/2014 07:21:49 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (06/13/2014 07:21:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (06/13/2014 06:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12355
 
Error: (06/13/2014 06:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12355
 
Error: (06/13/2014 06:36:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (06/13/2014 06:36:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11357
 
Error: (06/13/2014 06:36:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11357
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-13 19:22:08.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 19:22:08.442
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 18:29:32.712
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 13:31:14.931
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 13:31:10.605
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 13:10:19.853
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 13:10:19.713
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 13:10:13.035
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 13:10:12.941
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 13:10:04.949
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\CX64AP75.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 45%
Total physical RAM: 4043.86 MB
Available physical RAM: 2222.98 MB
Total Pagefile: 13138.04 MB
Available Pagefile: 10827.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (TI106321W0B) (Fixed) (Total:581.04 GB) (Free:92.06 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 96F9B475)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=581 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=17)
 
==================== End Of Log ============================


#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:02 PM

Posted 14 June 2014 - 02:02 AM

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:02 PM

Posted 17 June 2014 - 12:00 PM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#6 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:07:02 PM

Posted 17 June 2014 - 12:18 PM

This topic has been re-opened at the request of the person who originally posted.

#7 rodricuz14

rodricuz14
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 17 June 2014 - 11:48 PM

# AdwCleaner v3.212 - Report created 15/06/2014 at 10:59:47
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Roc - ROC-PC
# Running from : C:\Users\Roc\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
File Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Found : C:\Users\Guest\Desktop\My Video Downloads.lnk
File Found : C:\Users\Guest\Desktop\SPEEDbit Video Downloader.lnk
File Found : C:\Users\Roc\AppData\LocalLow\SkwConfig.bin
File Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\firefox@browsefox.com.xpi
File Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
File Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Mysearchdial.xml
File Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\searchplugins\conduit-search.xml
File Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\user.js
File Found : C:\windows\System32\Tasks\Driver Booster Update
File Found : C:\windows\System32\Tasks\MySearchDial
File Found : C:\windows\Tasks\MySearchDial.job
Folder Found : C:\Program Files (x86)\BearShare Applications
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\Uniblue
Folder Found : C:\Program Files\Uninstaller
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\AVG SafeGuard toolbar
Folder Found : C:\ProgramData\TheBflixUpdater
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb
Folder Found : C:\Users\Guest\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\Guest\AppData\LocalLow\searchresultstb
Folder Found : C:\Users\Guest\AppData\LocalLow\Toolbar4
Folder Found : C:\Users\Roc\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\Roc\AppData\LocalLow\Conduit
Folder Found : C:\Users\Roc\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Found : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\Smartbar
Folder Found : C:\Users\Roc\AppData\Roaming\SendSpace
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\BrowseFox
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dt soft\daemon tools toolbar
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\BrowseFox
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dt soft\daemon tools toolbar
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Found : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Found : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Found : HKLM\SOFTWARE\Classes\driverscanner
Key Found : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Found : HKLM\Software\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Key Found : HKLM\Software\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_enditall (1)_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_enditall (1)_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_enditall_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_enditall_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_nokia-multimedia-player_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_nokia-multimedia-player_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
Key Found : HKLM\Software\Uniblue
Key Found : HKLM\Software\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Found : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Found : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]
 
Line Found : user_pref("browser.search.defaultenginename", "Mysearchdial");
Line Found : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Found : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N[...]
 
[ File : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\prefs.js ]
 
Line Found : user_pref("CT3298573.1000082.isPlayDisplay", "true");
Line Found : user_pref("CT3298573.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Found : user_pref("CT3298573.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3298573.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3298573.FF19Solved", "true");
Line Found : user_pref("CT3298573.FirstTime", "true");
Line Found : user_pref("CT3298573.FirstTimeFF3", "true");
Line Found : user_pref("CT3298573.PG_ENABLE", "dHJ1ZQ==");
Line Found : user_pref("CT3298573.SF_JUST_INSTALLED", "%CC%C7%D2%D9%CB");
Line Found : user_pref("CT3298573.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Found : user_pref("CT3298573.SF_STATUS", "%CB%D4%C7%C8%D2%CB%CA");
Line Found : user_pref("CT3298573.SF_STATUS.enc", "RU5BQkxFRA==");
Line Found : user_pref("CT3298573.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&SearchSource=2&CUI=UN36775804722603499&UM=2&q=");
Line Found : user_pref("CT3298573.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL3N0b3JhZ2UuY29uZHVpdC5jb20vcHMvVG9wSGl0c0dlbmVyaWNBcHAvY29uZmlncy9VUy1VSy1EYW5jZS1Sb2NrLVJhcC9zcHJpdGUucG5nIiwNCiAgICAiaX[...]
Line Found : user_pref("CT3298573.UserID", "UN36775804722603499");
Line Found : user_pref("CT3298573.YTbyClickFavorites.enc", "W10=");
Line Found : user_pref("CT3298573.YTbyClickRecent.enc", "W10=");
Line Found : user_pref("CT3298573.addressBarTakeOverEnabledInHidden", "true");
Line Found : user_pref("CT3298573.browser.search.defaultthis.engineName", "true");
Line Found : user_pref("CT3298573.cbfirsttime", "%DA%FB%EB%A6%D3%E7%F8%A6%B8%BB%A6%B8%B6%B7%BA%A6%B7%BE%C0%BA%BC%C0%B8%BA%A6%CD%D3%DA%B3%B6%BC%B6%B6%A6%AE%C9%EB%F4%FA%F8%E7%F2%A6%C7%F3%EB%F8%EF%E9%E7%A6%D9%FA%E7%F[...]
Line Found : user_pref("CT3298573.cbfirsttime.enc", "VHVlIE1hciAyNSAyMDE0IDE4OjQ2OjI0IEdNVC0wNjAwIChDZW50cmFsIEFtZXJpY2EgU3RhbmRhcmQgVGltZSk=");
Line Found : user_pref("CT3298573.countryCode", "US");
Line Found : user_pref("CT3298573.defaultSearch", "true");
Line Found : user_pref("CT3298573.embeddedsData", "[{\"appId\":\"130110228602769889\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Found : user_pref("CT3298573.enableAlerts", "true");
Line Found : user_pref("CT3298573.enableSearchFromAddressBar", "true");
Line Found : user_pref("CT3298573.enlargeSearchBox", "{\"enabled\":true,\"maxWidth\":1000,\"minWidth\":250,\"width\":500}");
Line Found : user_pref("CT3298573.firstTimeDialogOpened", "true");
Line Found : user_pref("CT3298573.fixPageNotFoundError", "true");
Line Found : user_pref("CT3298573.fixPageNotFoundErrorByUser", "true");
Line Found : user_pref("CT3298573.fixPageNotFoundErrorInHidden", "true");
Line Found : user_pref("CT3298573.fixUrls", true);
Line Found : user_pref("CT3298573.fullUserID", "UN36775804722603499.IN.20130801095458");
Line Found : user_pref("CT3298573.installDate", "01/08/2013 09:54:58");
Line Found : user_pref("CT3298573.installId", "cid128_49");
Line Found : user_pref("CT3298573.installSessionId", "{49B29CBA-30C3-440A-A94D-4D5E73381EF2}");
Line Found : user_pref("CT3298573.installSp", "true");
Line Found : user_pref("CT3298573.installType", "conduitnsisintegration");
Line Found : user_pref("CT3298573.installUsage", "2014-03-26T02:46:01.2061289+03:00");
Line Found : user_pref("CT3298573.installUsageEarly", "2014-03-26T02:45:59.6928998+03:00");
Line Found : user_pref("CT3298573.installerVersion", "1.5.4.4");
Line Found : user_pref("CT3298573.isCheckedStartAsHidden", true);
Line Found : user_pref("CT3298573.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3298573.isFirstTimeToolbarLoading", "false");
Line Found : user_pref("CT3298573.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3298573.keyword", "true");
Line Found : user_pref("CT3298573.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT3298573&octid=CT3298573&ISID=ISID_ID&SearchSource=15&CUI=UN36775804722603499&SSPV=&[...]
Line Found : user_pref("CT3298573.lastVersion", "10.16.70.5");
Line Found : user_pref("CT3298573.mam_gk_appStateReportTime", "%B7%B9%BF%BB%BD%BF%BA%BD%BD%B7%B9%BF%B9");
Line Found : user_pref("CT3298573.mam_gk_appStateReportTime.enc", "MTM5NTc5NDc3MTM5Mw==");
Line Found : user_pref("CT3298573.mam_gk_appState_Chango", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_Chango.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_Clarity_Active", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_Clarity_Active.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_CouponBuddy", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_Discover_Apps", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_Discover_Apps.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_Easytobook", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_Easytobook.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_Easytobook_targeted", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_Find-a-Pro", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_Find-a-Pro.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_JobsMiner", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_JobsMiner.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_PriceGong", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_PriceGong.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appState_WindowShopper", "%F5%F4");
Line Found : user_pref("CT3298573.mam_gk_appState_WindowShopper.enc", "b24=");
Line Found : user_pref("CT3298573.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Found : user_pref("CT3298573.mam_gk_appsDefaultEnabled", "%FA%F8%FB%EB");
Line Found : user_pref("CT3298573.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3298573.mam_gk_currentVersion", "%B7%B4%B7%B9%B4%B6%B4%B7%BD");
Line Found : user_pref("CT3298573.mam_gk_currentVersion.enc", "MS4xMy4wLjE3");
Line Found : user_pref("CT3298573.mam_gk_existingUsersRecoveryDone", "%B7");
Line Found : user_pref("CT3298573.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Found : user_pref("CT3298573.mam_gk_first_time", "%B7");
Line Found : user_pref("CT3298573.mam_gk_first_time.enc", "MQ==");
Line Found : user_pref("CT3298573.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3298573.mam_gk_lastLoginTime", "%B7%B9%BF%BB%BD%BF%BA%BD%BD%B7%BD%B8%BA");
Line Found : user_pref("CT3298573.mam_gk_lastLoginTime.enc", "MTM5NTc5NDc3MTcyNA==");
Line Found : user_pref("CT3298573.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXBtZW50In0sImRtYnVsbGV0MSI6[...]
Line Found : user_pref("CT3298573.mam_gk_new_welcome_experience", "%B7");
Line Found : user_pref("CT3298573.mam_gk_new_welcome_experience.enc", "MQ==");
Line Found : user_pref("CT3298573.mam_gk_pgUnloadedOnce", "%FA%F8%FB%EB");
Line Found : user_pref("CT3298573.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Found : user_pref("CT3298573.mam_gk_settings1.13.0.17", "ā%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0ā%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%[...]
Line Found : user_pref("CT3298573.mam_gk_settings1.13.0.17.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxNDAzMjYiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjEwNDNfMCIsIlJUSyI6Ikg0c0lBQUFBQUFBRUFPeTl[...]
Line Found : user_pref("CT3298573.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
Line Found : user_pref("CT3298573.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Found : user_pref("CT3298573.mam_gk_stamp", "%B7%B6%BA%B9%E5%B6");
Line Found : user_pref("CT3298573.mam_gk_stamp.enc", "MTA0M18w");
Line Found : user_pref("CT3298573.mam_gk_userBornDate", "%D4%B5%C7");
Line Found : user_pref("CT3298573.mam_gk_userBornDate.enc", "Ti9B");
Line Found : user_pref("CT3298573.mam_gk_userId", "%E9%B8%BC%BD%EA%E7%EA%E8%B3%E8%B8%BC%B9%B3%BA%BC%B9%B8%B3%E8%BC%E7%E7%B3%BB%EA%B7%E7%B9%B8%BE%B7%B6%EA%B7%BA");
Line Found : user_pref("CT3298573.mam_gk_userId.enc", "YzI2N2RhZGItYjI2My00NjMyLWI2YWEtNWQxYTMyODEwZDE0");
Line Found : user_pref("CT3298573.mam_gk_user_approval_interacted", "%B7");
Line Found : user_pref("CT3298573.mam_gk_user_approval_interacted.enc", "MQ==");
Line Found : user_pref("CT3298573.mam_gk_welcomeDialogMode", "%B7");
Line Found : user_pref("CT3298573.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Found : user_pref("CT3298573.migrateAppsAndComponents", true);
Line Found : user_pref("CT3298573.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.mysearchdial.com%2F%3Fchnl%3Dprtk\",\"EB_MAIN_FRAME_TITLE\":\"My%20Search%20Dial\",\"EB_[...]
Line Found : user_pref("CT3298573.openThankYouPage", "false");
Line Found : user_pref("CT3298573.openUninstallPage", "true");
Line Found : user_pref("CT3298573.originalHomepage", "about:home");
Line Found : user_pref("CT3298573.originalSearchAddressUrl", "");
Line Found : user_pref("CT3298573.originalSearchEngine", "");
Line Found : user_pref("CT3298573.originalSearchEngineName", "");
Line Found : user_pref("CT3298573.rematchagent-matkot-user-id", "%A8%B7%B9%BF%BB%BD%BF%B7%B7%BF%BB%BB%BE%BA%BC%B8%B8%B9%BA%BB%BC%A8");
Line Found : user_pref("CT3298573.rematchagent-matkot-user-id.enc", "IjEzOTU3OTExOTU1ODQ2MjIzNDU2Ig==");
Line Found : user_pref("CT3298573.rematchagent-periodic-reports", "ā%A8%F6%EF%F4%ED%E5%B6%A8%C0%E1%B7%B9%BF%BB%BD%BF%BA%BD%BE%B9%BC%BB%BE%B2%B7%BA%BA%B6%B6%B6%B6%B6%E3ă");
Line Found : user_pref("CT3298573.rematchagent-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzk1Nzk0NzgzNjU4LDE0NDAwMDAwXX0=");
Line Found : user_pref("CT3298573.revertSettingsEnabled", "false");
Line Found : user_pref("CT3298573.search.searchAppId", "130110228602769889");
Line Found : user_pref("CT3298573.search.searchCount", "0");
Line Found : user_pref("CT3298573.searchFromAddressBarEnabledByUser", "true");
Line Found : user_pref("CT3298573.searchInNewTabEnabledByUser", "true");
Line Found : user_pref("CT3298573.searchInNewTabEnabledInHidden", "true");
Line Found : user_pref("CT3298573.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Found : user_pref("CT3298573.searchRevert", "false");
Line Found : user_pref("CT3298573.searchSuggestEnabledByUser", "true");
Line Found : user_pref("CT3298573.searchUserMode", "2");
Line Found : user_pref("CT3298573.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3298573.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Found : user_pref("CT3298573.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\"}");
Line Found : user_pref("CT3298573.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3298573\"}");
Line Found : user_pref("CT3298573.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://MixiDJV37.OurToolbar.com//xpi\"}");
Line Found : user_pref("CT3298573.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MixiDJ V37\"}");
Line Found : user_pref("CT3298573.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Found : user_pref("CT3298573.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Found : user_pref("CT3298573.serviceLayer_services_Configuration_lastUpdate", "1395794760265");
Line Found : user_pref("CT3298573.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1395794762345");
Line Found : user_pref("CT3298573.serviceLayer_services_appsMetadata_lastUpdate", "1395794762536");
Line Found : user_pref("CT3298573.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1395794762244");
Line Found : user_pref("CT3298573.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1395794760697");
Line Found : user_pref("CT3298573.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1395794762569");
Line Found : user_pref("CT3298573.serviceLayer_services_login_10.16.70.5_lastUpdate", "1395794765233");
Line Found : user_pref("CT3298573.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1395794762301");
Line Found : user_pref("CT3298573.serviceLayer_services_searchAPI_lastUpdate", "1395794760269");
Line Found : user_pref("CT3298573.serviceLayer_services_serviceMap_lastUpdate", "1395794759671");
Line Found : user_pref("CT3298573.serviceLayer_services_toolbarContextMenu_lastUpdate", "1395794762352");
Line Found : user_pref("CT3298573.serviceLayer_services_toolbarSettings_lastUpdate", "1395794760275");
Line Found : user_pref("CT3298573.serviceLayer_services_translation_lastUpdate", "1395794765196");
Line Found : user_pref("CT3298573.settingsINI", true);
Line Found : user_pref("CT3298573.shouldFirstTimeDialog", "false");
Line Found : user_pref("CT3298573.showToolbarPermission", "false");
Line Found : user_pref("CT3298573.smartbar.CTID", "CT3298573");
Line Found : user_pref("CT3298573.smartbar.Uninstall", "0");
Line Found : user_pref("CT3298573.smartbar.homepage", "true");
Line Found : user_pref("CT3298573.smartbar.toolbarName", "MixiDJ V37 ");
Line Found : user_pref("CT3298573.startPage", "true");
Line Found : user_pref("CT3298573.toolbarBornServerTime", "26-3-2014");
Line Found : user_pref("CT3298573.toolbarCurrentServerTime", "26-3-2014");
Line Found : user_pref("CT3298573.toolbarLoginClientTime", "Tue Mar 25 2014 18:46:05 GMT-0600 (Central America Standard Time)");
Line Found : user_pref("CT3298573.versionFromInstaller", "10.16.70.5");
Line Found : user_pref("CT3298573.xpeMode", "0");
Line Found : user_pref("CT3298573_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1395794862890,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13");
Line Found : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Found : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Found : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Found : user_pref("Smartbar.keywordURLSelectedCTID", "CT3298573");
Line Found : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3324416&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP363FBEFA-DC6A-47CE-8FA4-BD050817BE99");
Line Found : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Found : user_pref("browser.search.defaultthis.engineName", "MixiDJ V37 Customized Web Search");
Line Found : user_pref("browser.search.order.1", "Mysearchdial");
Line Found : user_pref("browser.search.selectedEngine", "Conduit Search");
Line Found : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13&UP=SP363FBEFA-DC6A-47CE-8FA4-BD050817BE99&SSPV=");
Line Found : user_pref("extensions.irmysearch.aflt", "MSD3");
Line Found : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDyBt[...]
Line Found : user_pref("extensions.irmysearch.cr", "1609908754");
Line Found : user_pref("extensions.irmysearch.instlRef", "MSD3");
Line Found : user_pref("extensions.mysearchdial.AL", 2);
Line Found : user_pref("extensions.mysearchdial.aflt", "MSD3");
Line Found : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Found : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDy[...]
Line Found : user_pref("extensions.mysearchdial.cntry", "US");
Line Found : user_pref("extensions.mysearchdial.cr", "1609908754");
Line Found : user_pref("extensions.mysearchdial.dfltLng", "");
Line Found : user_pref("extensions.mysearchdial.dfltSrch", true);
Line Found : user_pref("extensions.mysearchdial.dnsErr", true);
Line Found : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Line Found : user_pref("extensions.mysearchdial.dpk_blck", "true");
Line Found : user_pref("extensions.mysearchdial.dpk_prompt", "true");
Line Found : user_pref("extensions.mysearchdial.excTlbr", false);
Line Found : user_pref("extensions.mysearchdial.hdrMd5", "FF69C527495E03EDD7D63E5BFE70DE7A");
Line Found : user_pref("extensions.mysearchdial.hmpg", true);
Line Found : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1[...]
Line Found : user_pref("extensions.mysearchdial.id", "00266CECEC0F760F");
Line Found : user_pref("extensions.mysearchdial.instlDay", "16131");
Line Found : user_pref("extensions.mysearchdial.instlRef", "MSD3");
Line Found : user_pref("extensions.mysearchdial.lastB", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13");
Line Found : user_pref("extensions.mysearchdial.lastVrsnTs", "");
Line Found : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1[...]
Line Found : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"94\",\"lastVrsn\":\"94\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Line Found : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Found : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Found : user_pref("extensions.mysearchdial.sg", "{smplGrp}");
Line Found : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Found : user_pref("extensions.mysearchdial.tlbrId", "base");
Line Found : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAt[...]
Line Found : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
Line Found : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
Line Found : user_pref("extensions.mysearchdial_i.hmpg", true);
Line Found : user_pref("extensions.mysearchdial_i.newTab", false);
Line Found : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Found : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.015:10:31");
Line Found : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&SearchSource=2&CUI=UN36775804722603499&UM=2&q=");
Line Found : user_pref("plugin.state.npconduitfirefoxplugin", 0);
Line Found : user_pref("smartbar.addressBarOwnerCTID", "CT3298573");
Line Found : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3298573&octid=CT3298573&SearchSource[...]
Line Found : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&SearchSource=2&CUI=UN36775804722603499&UM=2&q=");
Line Found : user_pref("smartbar.defaultSearchOwnerCTID", "CT3298573");
Line Found : user_pref("smartbar.homePageOwnerCTID", "CT3298573");
Line Found : user_pref("smartbar.machineId", "I+PWL7FJJIPFOMYC/WN/CR/U0OQDDLPJHTITUAVDNKZW672TAGHIQTGFV9LX5JLWHCNVD+KNBBYRMGHWUBKE2A");
Line Found : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13");
Line Found : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Found : user_pref("sweetim.toolbar.SearchBoxLogo", "");
Line Found : user_pref("sweetim.toolbar.SearchBoxText", "");
Line Found : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Line Found : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Found : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Found : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Found : user_pref("sweetim.toolbar.defaultProvider", "");
Line Found : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Found : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Found : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Found : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Found : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Found : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Found : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Found : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Found : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Found : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Found : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Found : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Found : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Found : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Found : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Found : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Found : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Found : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Found : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Found : user_pref("sweetim.toolbar.mode.debug", "false");
Line Found : user_pref("sweetim.toolbar.newtab.created", "false");
Line Found : user_pref("sweetim.toolbar.newtab.enable", "false");
Line Found : user_pref("sweetim.toolbar.newtab.url", "hxxp://home.sweetim.com/?src=97&barid=$toolbar_id;&crg=$cargo;&ptr=100");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "MixiDJ V37 Customized Web Search");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=3&q={searchTerms}");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "MixiDJ V37 Customized Web Search");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Found : user_pref("sweetim.toolbar.rc.url", "hxxp://tbsrv1.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;&flavour=$flavr;");
Line Found : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Found : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Found : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Found : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Found : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Found : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Found : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Found : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Found : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Found : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Found : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Found : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Found : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Found : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Found : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Found : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Found : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Found : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Found : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Found : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Found : user_pref("sweetim.toolbar.urls.afteruninstall", "hxxp://www.sweetim.com/uninstallbar.asp?barid=$toolbar_id;");
Line Found : user_pref("sweetim.toolbar.urls.contactus", "hxxp://www.sweetim.com/help_contact.asp");
Line Found : user_pref("sweetim.toolbar.urls.homepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={30441AD2-15D9-11E3-BC21-00266CECEC0F}");
Line Found : user_pref("sweetim.toolbar.urls.privacy", "hxxp://www.sweetim.com/eula.html#privacy");
Line Found : user_pref("sweetim.toolbar.urls.searchpage", "hxxp://search.sweetim.com/search.asp?barid=$toolbar_id;");
Line Found : user_pref("sweetim.toolbar.urls.uninstall", "hxxp://lp.sweetim.com/SweetPacksBundleUninstaller/");
Line Found : user_pref("sweetim.toolbar.version", "1.14.0.1");
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDyBtAtGzytCtCtCtGyEtB0DtB0C0CtByEtCtCtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytCzz0Fzyzy0FtG0FyCyCyDtG0DyDtB0AtG0DtA0B0FtGyByEyDzyzy0B0E0DzytAtB0C2Q&cr=1609908754&ir=
Found [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDyBtAtGzytCtCtCtGyEtB0DtB0C0CtByEtCtCtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytCzz0Fzyzy0FtG0FyCyCyDtG0DyDtB0AtG0DtA0B0FtGyByEyDzyzy0B0E0DzytAtB0C2Q&cr=1609908754&ir=
Found [Homepage] : hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDyBtAtGzytCtCtCtGyEtB0DtB0C0CtByEtCtCtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytCzz0Fzyzy0FtG0FyCyCyDtG0DyDtB0AtG0DtA0B0FtGyByEyDzyzy0B0E0DzytAtB0C2Q&cr=1609908754&ir=
Found [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
 
[ File : C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Found [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
 
*************************
 
AdwCleaner[R0].txt - [44225 octets] - [15/06/2014 10:59:47]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [44286 octets] ##########
 
 
 
# AdwCleaner v3.212 - Report created 15/06/2014 at 11:04:28
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Roc - ROC-PC
# Running from : C:\Users\Roc\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\TheBflixUpdater
Folder Deleted : C:\Program Files (x86)\BearShare Applications
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\Uniblue
Folder Deleted : C:\Program Files\Uninstaller
Folder Deleted : C:\Users\Guest\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\Guest\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\Guest\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Roc\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Roc\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Roc\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Roc\AppData\Roaming\SendSpace
Folder Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\Smartbar
Folder Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\staged\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\staged\ffxtlbr@mysearchdial.com
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcpfkccckpeeghiklnhienllljccglb
File Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\firefox@browsefox.com.xpi
File Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\Extensions\OneClickDownloader@OneClickDownloader.com.xpi
File Deleted : C:\END
File Deleted : C:\Users\Guest\Desktop\My Video Downloads.lnk
File Deleted : C:\Users\Guest\Desktop\SPEEDbit Video Downloader.lnk
File Deleted : C:\Users\Roc\AppData\LocalLow\SkwConfig.bin
File Deleted : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
File Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\searchplugins\conduit-search.xml
File Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js
File Deleted : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\user.js
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Deleted : C:\windows\System32\Tasks\Driver Booster Update
File Deleted : C:\windows\Tasks\MySearchDial.job
File Deleted : C:\windows\System32\Tasks\MySearchDial
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ppdjnkblmcjfnlogjjhpigpdgpcgdpll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Launcher.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BrowseFox_Setup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BundleSweetIMSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_enditall (1)_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_enditall (1)_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_enditall_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_enditall_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_nokia-multimedia-player_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_nokia-multimedia-player_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{756C097C-6BDB-45DE-A8F1-83E01AB86BA4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4C4F1F4-3074-4CB6-9FB8-0A64273166F0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{74322BF9-DF26-493F-B0DA-6D2FC5E6429E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\BrowseFox
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F4E33CE5-A7AB-4F68-A7E7-F0AA84EF2D9E}
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : HKLM\Software\Classes\Installer\Features\5EC33E4FBA7A86F47A7E0FAA48FED2E9
Key Deleted : HKLM\Software\Classes\Installer\Products\5EC33E4FBA7A86F47A7E0FAA48FED2E9
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Mozilla Firefox v29.0.1 (en-US)
 
[ File : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]
 
Line Deleted : user_pref("browser.search.defaultenginename", "Mysearchdial");
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N[...]
 
[ File : C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\prefs.js ]
 
Line Deleted : user_pref("CT3298573.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3298573.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.asx\"}");
Line Deleted : user_pref("CT3298573.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298573.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298573.FF19Solved", "true");
Line Deleted : user_pref("CT3298573.FirstTime", "true");
Line Deleted : user_pref("CT3298573.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3298573.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3298573.SF_JUST_INSTALLED", "%CC%C7%D2%D9%CB");
Line Deleted : user_pref("CT3298573.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Deleted : user_pref("CT3298573.SF_STATUS", "%CB%D4%C7%C8%D2%CB%CA");
Line Deleted : user_pref("CT3298573.SF_STATUS.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT3298573.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&SearchSource=2&CUI=UN36775804722603499&UM=2&q=");
Line Deleted : user_pref("CT3298573.TopHitsConfig.enc", "ew0KICAgICJzcHJpdGVVcmwiOiAiaHR0cDovL3N0b3JhZ2UuY29uZHVpdC5jb20vcHMvVG9wSGl0c0dlbmVyaWNBcHAvY29uZmlncy9VUy1VSy1EYW5jZS1Sb2NrLVJhcC9zcHJpdGUucG5nIiwNCiAgICAiaX[...]
Line Deleted : user_pref("CT3298573.UserID", "UN36775804722603499");
Line Deleted : user_pref("CT3298573.YTbyClickFavorites.enc", "W10=");
Line Deleted : user_pref("CT3298573.YTbyClickRecent.enc", "W10=");
Line Deleted : user_pref("CT3298573.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3298573.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3298573.cbfirsttime", "%DA%FB%EB%A6%D3%E7%F8%A6%B8%BB%A6%B8%B6%B7%BA%A6%B7%BE%C0%BA%BC%C0%B8%BA%A6%CD%D3%DA%B3%B6%BC%B6%B6%A6%AE%C9%EB%F4%FA%F8%E7%F2%A6%C7%F3%EB%F8%EF%E9%E7%A6%D9%FA%E7%F[...]
Line Deleted : user_pref("CT3298573.cbfirsttime.enc", "VHVlIE1hciAyNSAyMDE0IDE4OjQ2OjI0IEdNVC0wNjAwIChDZW50cmFsIEFtZXJpY2EgU3RhbmRhcmQgVGltZSk=");
Line Deleted : user_pref("CT3298573.countryCode", "US");
Line Deleted : user_pref("CT3298573.defaultSearch", "true");
Line Deleted : user_pref("CT3298573.embeddedsData", "[{\"appId\":\"130110228602769889\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3298573.enableAlerts", "true");
Line Deleted : user_pref("CT3298573.enableSearchFromAddressBar", "true");
Line Deleted : user_pref("CT3298573.enlargeSearchBox", "{\"enabled\":true,\"maxWidth\":1000,\"minWidth\":250,\"width\":500}");
Line Deleted : user_pref("CT3298573.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3298573.fixPageNotFoundError", "true");
Line Deleted : user_pref("CT3298573.fixPageNotFoundErrorByUser", "true");
Line Deleted : user_pref("CT3298573.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3298573.fixUrls", true);
Line Deleted : user_pref("CT3298573.fullUserID", "UN36775804722603499.IN.20130801095458");
Line Deleted : user_pref("CT3298573.installDate", "01/08/2013 09:54:58");
Line Deleted : user_pref("CT3298573.installId", "cid128_49");
Line Deleted : user_pref("CT3298573.installSessionId", "{49B29CBA-30C3-440A-A94D-4D5E73381EF2}");
Line Deleted : user_pref("CT3298573.installSp", "true");
Line Deleted : user_pref("CT3298573.installType", "conduitnsisintegration");
Line Deleted : user_pref("CT3298573.installUsage", "2014-03-26T02:46:01.2061289+03:00");
Line Deleted : user_pref("CT3298573.installUsageEarly", "2014-03-26T02:45:59.6928998+03:00");
Line Deleted : user_pref("CT3298573.installerVersion", "1.5.4.4");
Line Deleted : user_pref("CT3298573.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3298573.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298573.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3298573.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3298573.keyword", "true");
Line Deleted : user_pref("CT3298573.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT3298573&octid=CT3298573&ISID=ISID_ID&SearchSource=15&CUI=UN36775804722603499&SSPV=&[...]
Line Deleted : user_pref("CT3298573.lastVersion", "10.16.70.5");
Line Deleted : user_pref("CT3298573.mam_gk_appStateReportTime", "%B7%B9%BF%BB%BD%BF%BA%BD%BD%B7%B9%BF%B9");
Line Deleted : user_pref("CT3298573.mam_gk_appStateReportTime.enc", "MTM5NTc5NDc3MTM5Mw==");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Chango", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Chango.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Clarity_Active", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Clarity_Active.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_CouponBuddy", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Discover_Apps", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Discover_Apps.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Easytobook", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Easytobook.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Easytobook_targeted", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Find-a-Pro", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_Find-a-Pro.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_JobsMiner", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_JobsMiner.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_PriceGong", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appState_WindowShopper", "%F5%F4");
Line Deleted : user_pref("CT3298573.mam_gk_appState_WindowShopper.enc", "b24=");
Line Deleted : user_pref("CT3298573.mam_gk_appsConfig.enc", "eyJBcHBzQ29uZmlndXJhdGlvbiI6W3siaWQiOiJDbGFyaXR5X0FjdGl2ZSIsInVybCI6Imh0dHA6Ly9zdG9yYWdlLmNvbmR1aXQuY29tL21hbS8zcmRwYXJ0eWFwcHMvY2xhcml0eVJheS9jcl9hY3Rpdm[...]
Line Deleted : user_pref("CT3298573.mam_gk_appsDefaultEnabled", "%FA%F8%FB%EB");
Line Deleted : user_pref("CT3298573.mam_gk_appsDefaultEnabled.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3298573.mam_gk_currentVersion", "%B7%B4%B7%B9%B4%B6%B4%B7%BD");
Line Deleted : user_pref("CT3298573.mam_gk_currentVersion.enc", "MS4xMy4wLjE3");
Line Deleted : user_pref("CT3298573.mam_gk_existingUsersRecoveryDone", "%B7");
Line Deleted : user_pref("CT3298573.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT3298573.mam_gk_first_time", "%B7");
Line Deleted : user_pref("CT3298573.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3298573.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3298573.mam_gk_lastLoginTime", "%B7%B9%BF%BB%BD%BF%BA%BD%BD%B7%BD%B8%BA");
Line Deleted : user_pref("CT3298573.mam_gk_lastLoginTime.enc", "MTM5NTc5NDc3MTcyNA==");
Line Deleted : user_pref("CT3298573.mam_gk_localization.enc", "eyJkaWFsb2dPSyI6eyJUZXh0IjoiT0sifSwiZG1ib3gxIjp7IlRleHQiOiJEZWFsXHJcbm9mIHRoZSBkYXkifSwiZG1ib3gyIjp7IlRleHQiOiJGcmVlXHJcblNoaXBtZW50In0sImRtYnVsbGV0MSI6[...]
Line Deleted : user_pref("CT3298573.mam_gk_new_welcome_experience", "%B7");
Line Deleted : user_pref("CT3298573.mam_gk_new_welcome_experience.enc", "MQ==");
Line Deleted : user_pref("CT3298573.mam_gk_pgUnloadedOnce", "%FA%F8%FB%EB");
Line Deleted : user_pref("CT3298573.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3298573.mam_gk_settings1.13.0.17", "ā%A8%D9%FA%E7%FA%FB%F9%A8%C0%A8%F9%FB%E9%E9%EB%EB%EA%EB%EA%A8%B2%A8%CA%E7%FA%E7%A8%C0ā%A8%E9%FB%F8%F8%EB%F4%FA%CA%E7%FA%EB%A8%C0%A8%B8%B6%B7%[...]
Line Deleted : user_pref("CT3298573.mam_gk_settings1.13.0.17.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImN1cnJlbnREYXRlIjoiMjAxNDAzMjYiLCJpbnRlcnZhbCI6MjQwLCJzdGFtcCI6IjEwNDNfMCIsIlJUSyI6Ikg0c0lBQUFBQUFBRUFPeTl[...]
Line Deleted : user_pref("CT3298573.mam_gk_showWelcomeGadget", "%EC%E7%F2%F9%EB");
Line Deleted : user_pref("CT3298573.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3298573.mam_gk_stamp", "%B7%B6%BA%B9%E5%B6");
Line Deleted : user_pref("CT3298573.mam_gk_stamp.enc", "MTA0M18w");
Line Deleted : user_pref("CT3298573.mam_gk_userBornDate", "%D4%B5%C7");
Line Deleted : user_pref("CT3298573.mam_gk_userBornDate.enc", "Ti9B");
Line Deleted : user_pref("CT3298573.mam_gk_userId", "%E9%B8%BC%BD%EA%E7%EA%E8%B3%E8%B8%BC%B9%B3%BA%BC%B9%B8%B3%E8%BC%E7%E7%B3%BB%EA%B7%E7%B9%B8%BE%B7%B6%EA%B7%BA");
Line Deleted : user_pref("CT3298573.mam_gk_userId.enc", "YzI2N2RhZGItYjI2My00NjMyLWI2YWEtNWQxYTMyODEwZDE0");
Line Deleted : user_pref("CT3298573.mam_gk_user_approval_interacted", "%B7");
Line Deleted : user_pref("CT3298573.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT3298573.mam_gk_welcomeDialogMode", "%B7");
Line Deleted : user_pref("CT3298573.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT3298573.migrateAppsAndComponents", true);
Line Deleted : user_pref("CT3298573.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.mysearchdial.com%2F%3Fchnl%3Dprtk\",\"EB_MAIN_FRAME_TITLE\":\"My%20Search%20Dial\",\"EB_[...]
Line Deleted : user_pref("CT3298573.openThankYouPage", "false");
Line Deleted : user_pref("CT3298573.openUninstallPage", "true");
Line Deleted : user_pref("CT3298573.originalHomepage", "about:home");
Line Deleted : user_pref("CT3298573.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3298573.originalSearchEngine", "");
Line Deleted : user_pref("CT3298573.originalSearchEngineName", "");
Line Deleted : user_pref("CT3298573.rematchagent-matkot-user-id", "%A8%B7%B9%BF%BB%BD%BF%B7%B7%BF%BB%BB%BE%BA%BC%B8%B8%B9%BA%BB%BC%A8");
Line Deleted : user_pref("CT3298573.rematchagent-matkot-user-id.enc", "IjEzOTU3OTExOTU1ODQ2MjIzNDU2Ig==");
Line Deleted : user_pref("CT3298573.rematchagent-periodic-reports", "ā%A8%F6%EF%F4%ED%E5%B6%A8%C0%E1%B7%B9%BF%BB%BD%BF%BA%BD%BE%B9%BC%BB%BE%B2%B7%BA%BA%B6%B6%B6%B6%B6%E3ă");
Line Deleted : user_pref("CT3298573.rematchagent-periodic-reports.enc", "eyJwaW5nXzAiOlsxMzk1Nzk0NzgzNjU4LDE0NDAwMDAwXX0=");
Line Deleted : user_pref("CT3298573.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3298573.search.searchAppId", "130110228602769889");
Line Deleted : user_pref("CT3298573.search.searchCount", "0");
Line Deleted : user_pref("CT3298573.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3298573.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3298573.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3298573.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3298573.searchRevert", "false");
Line Deleted : user_pref("CT3298573.searchSuggestEnabledByUser", "true");
Line Deleted : user_pref("CT3298573.searchUserMode", "2");
Line Deleted : user_pref("CT3298573.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298573.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298573.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"3\"}");
Line Deleted : user_pref("CT3298573.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3298573\"}");
Line Deleted : user_pref("CT3298573.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://MixiDJV37.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3298573.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MixiDJ V37\"}");
Line Deleted : user_pref("CT3298573.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3298573.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3298573.serviceLayer_services_Configuration_lastUpdate", "1395794760265");
Line Deleted : user_pref("CT3298573.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1395794762345");
Line Deleted : user_pref("CT3298573.serviceLayer_services_appsMetadata_lastUpdate", "1395794762536");
Line Deleted : user_pref("CT3298573.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1395794762244");
Line Deleted : user_pref("CT3298573.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1395794760697");
Line Deleted : user_pref("CT3298573.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1395794762569");
Line Deleted : user_pref("CT3298573.serviceLayer_services_login_10.16.70.5_lastUpdate", "1395794765233");
Line Deleted : user_pref("CT3298573.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1395794762301");
Line Deleted : user_pref("CT3298573.serviceLayer_services_searchAPI_lastUpdate", "1395794760269");
Line Deleted : user_pref("CT3298573.serviceLayer_services_serviceMap_lastUpdate", "1395794759671");
Line Deleted : user_pref("CT3298573.serviceLayer_services_toolbarContextMenu_lastUpdate", "1395794762352");
Line Deleted : user_pref("CT3298573.serviceLayer_services_toolbarSettings_lastUpdate", "1395794760275");
Line Deleted : user_pref("CT3298573.serviceLayer_services_translation_lastUpdate", "1395794765196");
Line Deleted : user_pref("CT3298573.settingsINI", true);
Line Deleted : user_pref("CT3298573.shouldFirstTimeDialog", "false");
Line Deleted : user_pref("CT3298573.showToolbarPermission", "false");
Line Deleted : user_pref("CT3298573.smartbar.CTID", "CT3298573");
Line Deleted : user_pref("CT3298573.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3298573.smartbar.homepage", "true");
Line Deleted : user_pref("CT3298573.smartbar.toolbarName", "MixiDJ V37 ");
Line Deleted : user_pref("CT3298573.startPage", "true");
Line Deleted : user_pref("CT3298573.toolbarBornServerTime", "26-3-2014");
Line Deleted : user_pref("CT3298573.toolbarCurrentServerTime", "26-3-2014");
Line Deleted : user_pref("CT3298573.toolbarLoginClientTime", "Tue Mar 25 2014 18:46:05 GMT-0600 (Central America Standard Time)");
Line Deleted : user_pref("CT3298573.versionFromInstaller", "10.16.70.5");
Line Deleted : user_pref("CT3298573.xpeMode", "0");
Line Deleted : user_pref("CT3298573_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1395794862890,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3298573");
Line Deleted : user_pref("browser.newtab.url", "hxxp://search.conduit.com/?gd=&ctid=CT3324416&octid=EB_ORIGINAL_CTID&ISID=ISID_ID&SearchSource=69&CUI=&SSPV=&Lay=1&UM=2&UP=SP363FBEFA-DC6A-47CE-8FA4-BD050817BE99");
Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V37 Customized Web Search");
Line Deleted : user_pref("browser.search.order.1", "Mysearchdial");
Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13&UP=SP363FBEFA-DC6A-47CE-8FA4-BD050817BE99&SSPV=");
Line Deleted : user_pref("extensions.irmysearch.aflt", "MSD3");
Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDyBt[...]
Line Deleted : user_pref("extensions.irmysearch.cr", "1609908754");
Line Deleted : user_pref("extensions.irmysearch.instlRef", "MSD3");
Line Deleted : user_pref("extensions.mysearchdial.AL", 2);
Line Deleted : user_pref("extensions.mysearchdial.aflt", "MSD3");
Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDy[...]
Line Deleted : user_pref("extensions.mysearchdial.cntry", "US");
Line Deleted : user_pref("extensions.mysearchdial.cr", "1609908754");
Line Deleted : user_pref("extensions.mysearchdial.dfltLng", "");
Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true);
Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true);
Line Deleted : user_pref("extensions.mysearchdial.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,603719297,4288797614,3754950497,426401714,3046281807,752626116,1657571787,3224935090,2597085128,18285[...]
Line Deleted : user_pref("extensions.mysearchdial.dpk_blck", "true");
Line Deleted : user_pref("extensions.mysearchdial.dpk_prompt", "true");
Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false);
Line Deleted : user_pref("extensions.mysearchdial.hdrMd5", "FF69C527495E03EDD7D63E5BFE70DE7A");
Line Deleted : user_pref("extensions.mysearchdial.hmpg", true);
Line Deleted : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1[...]
Line Deleted : user_pref("extensions.mysearchdial.id", "00266CECEC0F760F");
Line Deleted : user_pref("extensions.mysearchdial.instlDay", "16131");
Line Deleted : user_pref("extensions.mysearchdial.instlRef", "MSD3");
Line Deleted : user_pref("extensions.mysearchdial.lastB", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13");
Line Deleted : user_pref("extensions.mysearchdial.lastVrsnTs", "");
Line Deleted : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1[...]
Line Deleted : user_pref("extensions.mysearchdial.pnu_base", "{\"newVrsn\":\"94\",\"lastVrsn\":\"94\",\"vrsnLoad\":\"\",\"showMsg\":\"false\",\"showSilent\":\"false\",\"msgTs\":0,\"lstMsgTs\":\"0\"}");
Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.sg", "{smplGrp}");
Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base");
Line Deleted : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAt[...]
Line Deleted : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0");
Line Deleted : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0");
Line Deleted : user_pref("extensions.mysearchdial_i.hmpg", true);
Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false);
Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.015:10:31");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&SearchSource=2&CUI=UN36775804722603499&UM=2&q=");
Line Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3298573");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3298573&octid=CT3298573&SearchSource[...]
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&SearchSource=2&CUI=UN36775804722603499&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3298573");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3298573");
Line Deleted : user_pref("smartbar.machineId", "I+PWL7FJJIPFOMYC/WN/CR/U0OQDDLPJHTITUAVDNKZW672TAGHIQTGFV9LX5JLWHCNVD+KNBBYRMGHWUBKE2A");
Line Deleted : user_pref("smartbar.originalHomepage", "hxxp://search.conduit.com/?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=13");
Line Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.SearchBoxLogo", "");
Line Deleted : user_pref("sweetim.toolbar.SearchBoxText", "");
Line Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
Line Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
Line Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.defaultProvider", "");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=$cargo;");
Line Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
Line Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp");
Line Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530");
Line Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.*.google.es/.*|.*.youtube.com/.*|.*.yahoo.com/.*|.[...]
Line Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
Line Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
Line Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
Line Deleted : user_pref("sweetim.toolbar.mode.debug", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.created", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.newtab.url", "hxxp://home.sweetim.com/?src=97&barid=$toolbar_id;&crg=$cargo;&ptr=100");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "MixiDJ V37 Customized Web Search");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298573&CUI=UN36775804722603499&UM=2&SearchSource=3&q={searchTerms}");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "MixiDJ V37 Customized Web Search");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://tbsrv1.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;&flavour=$flavr;");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.callback", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.sweetim.com.*");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
Line Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
Line Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"hxxp://*google.*\" param=\"q=\" /><EXTERNAL_SEARCH engine=\"hxxp://search.yahoo.com/*\" param=\"[...]
Line Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false");
Line Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
Line Deleted : user_pref("sweetim.toolbar.urls.afteruninstall", "hxxp://www.sweetim.com/uninstallbar.asp?barid=$toolbar_id;");
Line Deleted : user_pref("sweetim.toolbar.urls.contactus", "hxxp://www.sweetim.com/help_contact.asp");
Line Deleted : user_pref("sweetim.toolbar.urls.homepage", "hxxp://start.sweetpacks.com/?src=10&st=12&crg=3.5000006.10042&barid={30441AD2-15D9-11E3-BC21-00266CECEC0F}");
Line Deleted : user_pref("sweetim.toolbar.urls.privacy", "hxxp://www.sweetim.com/eula.html#privacy");
Line Deleted : user_pref("sweetim.toolbar.urls.searchpage", "hxxp://search.sweetim.com/search.asp?barid=$toolbar_id;");
Line Deleted : user_pref("sweetim.toolbar.urls.uninstall", "hxxp://lp.sweetim.com/SweetPacksBundleUninstaller/");
Line Deleted : user_pref("sweetim.toolbar.version", "1.14.0.1");
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDyBtAtGzytCtCtCtGyEtB0DtB0C0CtByEtCtCtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytCzz0Fzyzy0FtG0FyCyCyDtG0DyDtB0AtG0DtA0B0FtGyByEyDzyzy0B0E0DzytAtB0C2Q&cr=1609908754&ir=
Deleted [Startup_urls] : hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDyBtAtGzytCtCtCtGyEtB0DtB0C0CtByEtCtCtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytCzz0Fzyzy0FtG0FyCyCyDtG0DyDtB0AtG0DtA0B0FtGyByEyDzyzy0B0E0DzytAtB0C2Q&cr=1609908754&ir=
Deleted [Homepage] : hxxp://start.mysearchdial.com/?f=1&a=MSD3&cd=2XzuyEtN2Y1L1QzutDtDtByCyC0C0E0C0E0CtD0FyByCtD0FtN0D0Tzu0SyBzytBtN1L2XzutBtFtCyBtFtDtFtCtN1L1Czu0M0S0DtAtN1L1G1B1V1N2Y1L1Qzu2StByC0E0B0A0A0CyCtG0Azy0CtCtG0AtDyBtAtGzytCtCtCtGyEtB0DtB0C0CtByEtCtCtCtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBzytCzz0Fzyzy0FtG0FyCyCyDtG0DyDtB0AtG0DtA0B0FtGyByEyDzyzy0B0E0DzytAtB0C2Q&cr=1609908754&ir=
Deleted [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
 
[ File : C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : ogccgbmabaphcakpiclgcnmcnimhokcj
 
*************************
 
AdwCleaner[R0].txt - [44435 octets] - [15/06/2014 10:59:47]
AdwCleaner[S0].txt - [44851 octets] - [15/06/2014 11:04:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [44912 octets] ##########
 
 
 
 
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 6/17/2014
Scan Time: 2:48:32 AM
Logfile: mb.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.17.01
Rootkit Database: v2014.06.02.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Roc
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 335918
Time Elapsed: 36 min, 39 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by Roc (administrator) on ROC-PC on 17-06-2014 11:39:59
Running from C:\Users\Roc\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Bongiovi Acoustics) C:\Program Files\Bongiovi Acoustics\Digital Power Station\Digital Power Station.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\HEM\wmime.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
() C:\Program Files\Notepad2\Notepad2.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-05-17] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2927888 2012-05-10] (Synaptics Incorporated)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-06] (AVAST Software)
HKLM-x32\...\Run: [wmime] => C:\Program Files (x86)\HEM\wmime.exe [970240 2013-09-23] ()
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295072 2013-01-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [RazerGameBooster] => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2013-11-22] (Razer Inc.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-2109263369-3482990966-500902494-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-06-05] (Google Inc.)
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Power Station.lnk
ShortcutTarget: Digital Power Station.lnk -> C:\Program Files\Bongiovi Acoustics\Digital Power Station\Digital Power Station.exe (Bongiovi Acoustics)
BootExecute: autocheck autochk * ?????????????
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=avast&hsimp=yhs-001&type={partner_id}&p={searchTerms}
SearchScopes: HKCU - {10A5C051-B386-4DCD-8E47-4FD4DB86437D} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie11
SearchScopes: HKCU - {8EA729B0-D668-49E8-9E1D-B506E20D30BA} URL = http://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKCU - {E10E541F-A538-4625-B41A-9D169047E9A1} URL = http://delicious.com/search?p={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
 
FireFox:
========
FF ProfilePath: C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Roc\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @raidcall.kr/RCplugin - C:\Users\Roc\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Webzen.com/NPBrowserExt - C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @TrianglePlayer - C:\Users\Roc\AppData\Roaming\TrianglePlayer\NPTrianglePlayer.dll ()
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Roc\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: Adblock Plus - C:\Users\Roc\AppData\Roaming\Mozilla\Firefox\Profiles\6iabpulo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-30]
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-09-29]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-18]
FF HKLM-x32\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2013-12-30]
FF HKCU\...\Firefox\Extensions: [{8D150B8F-EFE8-45a3-A4A3-053020F48FAC}] - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\
FF Extension: Wondershare Video Converter Ultimate - C:\Program Files (x86)\Wondershare\Video Converter Ultimate\SVRFirefoxExt\ []
 
Chrome: 
=======
CHR HomePage: hxxp://yahoo.com/
CHR StartupUrls: "hxxp://youtube.com/", "hxxp://us.yhs4.search.yahoo.com/?hspart=avast&hsimp=yhs-001&type={partner_id}"
CHR NewTab: "chrome-extension://dpjamkmjmigaoobjbekmfgabipmfilij/empty_ntp.html"
CHR DefaultSearchKeyword: yahoo.com
CHR DefaultSearchProvider: Yahoo!
CHR DefaultNewTabURL: 
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Adblock Plus) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-03-30]
CHR Extension: (Empty New Tab Page) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpjamkmjmigaoobjbekmfgabipmfilij [2014-03-30]
CHR Extension: (LoL Stream Browser) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2014-03-30]
CHR Extension: (AdBlock) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-30]
CHR Extension: (avast! Online Security) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-30]
CHR Extension: (RealDownloader) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-03-29]
CHR Extension: (Skype Click to Call) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-29]
CHR Extension: (Downloads) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngbcgifdaopbfflfhbcfeomijfbbcadi [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25]
CHR Extension: (PDF Viewer) - C:\Users\Roc\AppData\Local\Google\Chrome\User Data\Default\Extensions\oemmndcbldboiebfnladdacbdfmadadm [2014-03-30]
CHR HKLM-x32\...\Chrome\Extension: [faklkmlkcleeoibffcbligohmkciloif] - C:\Program Files (x86)\PutLockerDownloader\PutLockerDownloader10.crx [2014-03-30]
CHR HKLM-x32\...\Chrome\Extension: [gidgkgdncfdcifhejcblapmlfjggmico] - C:\ProgramData\Bcool\gidgkgdncfdcifhejcblapmlfjggmico.crx [2014-03-30]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2012-11-29]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM-x32\...\Chrome\Extension: [ngoiabglmnijabkfknliolcbjfcmbmdl] - C:\ProgramData\FreePriceAlerts\Chrome\FreePriceAlerts.crx [2014-04-11]
 
==================== Services (Whitelisted) =================
 
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-01-24] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-05-04] (AVAST Software)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-05] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-05] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
S2 libusbd; C:\Windows\SysWOW64\libusbd-nt.exe [18944 2005-03-09] (http://libusb-win32.sourceforge.net) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2175264 2014-06-14] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-11-14] (NETGEAR)
S4 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe [123320 2011-07-19] (Symantec Corporation)
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [4865496 2011-08-08] (INCA Internet Co., Ltd.) [File not signed]
S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-11-11] (Overwolf Ltd)
S2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ccSvcHst.exe [126392 2011-07-19] (Symantec Corporation)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76888 2014-01-16] ()
S2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 TipCtrl; C:\Program Files (x86)\uTIPu\TipCtrl.exe [314504 2009-02-03] (Utipu inc.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 xsherlock; C:\windows\SysWOW64\xsherlock.xem [666720 2012-11-11] (Wellbia.com Co., Ltd.) [File not signed]
S4 Intel® Capability Licensing Service Interface; "C:\Program Files\Intel\iCLS Client\HeciServer.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
S0 amdkmafd; C:\Windows\System32\DRIVERS\amdkmafd.sys [21600 2013-03-14] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-04] ()
R1 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [21136 2012-10-23] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-15] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-04] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2012-06-16] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [113424 2013-12-05] (BlueStack Systems)
S3 dfmirage; C:\Windows\System32\DRIVERS\dfmirage.sys [36432 2008-03-26] (DemoForge, LLC)
R3 digitalpower; C:\Windows\System32\drivers\digitalpower.sys [29016 2013-06-12] (Bongiovi Acoustics)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-06-12] (Qualcomm Atheros Co., Ltd.)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2012-06-16] ()
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-17] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-06-12] (Intel Corporation)
S3 MWAC; \??\C:\windows\system32\drivers\ [0 ] () [File not signed]
S3 MWAC; \??\C:\windows\SysWOW64\drivers\ [0 ] () [File not signed]
R2 NPF; C:\windows\system32\drivers\npf.sys [35344 2014-03-10] (CACE Technologies, Inc.)
S3 NPPTNT2; C:\windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3073752 2014-06-12] (Realtek Semiconductor Corporation                           )
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 SmbDrv; C:\Windows\System32\DRIVERS\Smb_driver.sys [21264 2011-12-23] (Synaptics Incorporated)
R3 SmbDrvIntel; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [26896 2012-05-10] (Synaptics Incorporated)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2013-11-24] () [File not signed]
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R1 TsLwWfF; C:\Windows\System32\DRIVERS\TsLwWfF.sys [29384 2013-07-26] (TamoSoft)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
R3 vmkbd2; C:\windows\system32\drivers\VMkbd.sys [32848 2013-10-18] (VMware, Inc.)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DIRECTIO; \??\C:\Program Files\PerformanceTest\DirectIo64.sys [X]
S3 EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 GPADriver; \??\C:\Users\Roc\AppData\Local\Temp\gpadrv.sys [X]
S3 MFE_RR; \??\C:\Users\Roc\AppData\Local\Temp\mfe_rr.sys [X]
S3 shy; \??\C:\AeriaGames\Shaiya\avital\shaiya64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\Roc\Downloads\RealTemp_370\WinRing0x64.sys [X]
S3 X6va009; \??\C:\windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va010; \??\C:\windows\SysWOW64\Drivers\X6va010 [X]
S3 X6va012; \??\C:\windows\SysWOW64\Drivers\X6va012 [X]
S3 xhunter1; \??\C:\windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-17 11:39 - 2014-06-17 11:40 - 00030389 _____ () C:\Users\Roc\Desktop\FRST.txt
2014-06-17 11:39 - 2014-06-17 11:39 - 00000000 ____D () C:\Users\Roc\Desktop\FRST-OlderVersion
2014-06-17 11:26 - 2014-06-17 11:26 - 00005437 _____ () C:\Users\Roc\Desktop\JRT.txt
2014-06-17 04:18 - 2014-06-17 04:18 - 00001076 _____ () C:\mb.txt
2014-06-15 11:43 - 2014-06-15 11:44 - 00020683 _____ () C:\Users\Roc\Downloads\acii_wireless_360_fix_by_khemitude.rar
2014-06-15 11:21 - 2014-06-17 11:37 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-15 11:20 - 2014-06-15 11:20 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-15 11:20 - 2014-06-15 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-15 11:19 - 2014-06-15 11:20 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-15 11:19 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-06-15 11:18 - 2014-06-15 11:19 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Roc\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-15 11:09 - 2014-06-15 11:09 - 00003354 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-15 11:01 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll
2014-06-15 10:59 - 2014-06-15 11:05 - 00000000 ____D () C:\AdwCleaner
2014-06-15 10:26 - 2014-06-15 10:26 - 00000000 ____D () C:\Users\Roc\Downloads\PNG Versions(128x128)
2014-06-15 10:26 - 2014-06-15 10:26 - 00000000 ____D () C:\Users\Roc\Downloads\GIF Versions(65x65)
2014-06-15 10:14 - 2014-06-15 10:15 - 01976262 _____ () C:\Users\Roc\Downloads\avatars.zip
2014-06-15 10:05 - 2014-06-15 10:27 - 00000000 ___RD () C:\Users\Roc\Desktop\Computer Junk
2014-06-15 09:55 - 2014-06-15 10:39 - 00000000 ___RD () C:\Users\Roc\Desktop\Game Images
2014-06-15 09:45 - 2014-06-15 09:45 - 01016261 _____ (Thisisu) C:\Users\Roc\Desktop\JRT.exe
2014-06-15 09:44 - 2014-06-15 09:45 - 01333465 _____ () C:\Users\Roc\Desktop\AdwCleaner.exe
2014-06-14 20:59 - 2014-06-14 20:59 - 00000072 _____ () C:\Users\Roc\Desktop\Games to DL
2014-06-14 17:35 - 2014-06-14 17:36 - 00000000 ____D () C:\Program Files\Recuva
2014-06-14 17:35 - 2014-06-14 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-06-14 17:29 - 2014-06-14 17:29 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\ProductData
2014-06-14 17:28 - 2014-06-14 17:29 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-14 17:28 - 2014-06-14 17:28 - 00002882 _____ () C:\windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-06-14 17:28 - 2014-06-14 17:28 - 00001263 _____ () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-06-14 16:43 - 2014-06-14 16:43 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-06-13 20:19 - 2014-06-17 11:39 - 02081280 _____ (Farbar) C:\Users\Roc\Desktop\FRST64.exe
2014-06-13 19:25 - 2014-06-13 19:25 - 00000000 ____D () C:\ProgramData\Brother
2014-06-12 15:04 - 2014-06-12 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Game Profiler
2014-06-12 15:04 - 2014-06-12 15:04 - 00000000 ____D () C:\Program Files (x86)\PowerUp Software
2014-06-12 15:04 - 2009-07-13 21:16 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\vers87a8.rra
2014-06-12 15:04 - 2009-07-13 21:16 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsoc87c7.rra
2014-06-12 15:04 - 2009-07-13 21:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shfo8798.rra
2014-06-12 15:04 - 2009-07-13 21:14 - 00126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\advp8789.rra
2014-06-12 14:52 - 2014-06-12 14:53 - 00000000 ____D () C:\Users\Roc\Desktop\XPadder
2014-06-12 12:35 - 2008-04-13 19:11 - 00619008 _____ (Microsoft Corporation) C:\windows\SysWOW64\dx7vb.dll
2014-06-12 12:35 - 2008-01-13 19:59 - 00036864 _____ () C:\windows\SysWOW64\dxinputdll.dll
2014-06-12 12:14 - 2014-06-12 12:14 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\PowerUp Software
2014-06-12 12:14 - 2014-06-12 12:14 - 00000000 ____D () C:\ProgramData\PowerUp Software
2014-06-12 12:13 - 2014-06-16 22:03 - 00119296 _____ () C:\windows\SysWOW64\zlib.dll
2014-06-12 12:13 - 2013-12-31 15:11 - 01227264 _____ (Microsoft Corporation) C:\windows\SysWOW64\dx8vb.dll
2014-06-12 12:13 - 2009-07-13 21:16 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\vers32b8.rra
2014-06-12 12:13 - 2009-07-13 21:16 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsoc347c.rra
2014-06-12 12:13 - 2009-07-13 21:16 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\shfo2b96.rra
2014-06-12 12:13 - 2009-07-13 21:14 - 00126464 _____ (Microsoft Corporation) C:\windows\SysWOW64\advp2a8d.rra
2014-06-12 12:13 - 2008-01-13 17:36 - 00091632 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsofile.dll
2014-06-12 12:13 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\windows\SysWOW64\capicom.dll
2014-06-12 12:13 - 2003-01-26 14:41 - 00040960 _____ (vbAccelerator) C:\windows\SysWOW64\SSubTmr6.dll
2014-06-12 12:13 - 2002-08-09 12:18 - 00045056 ____N (Microsoft) C:\windows\SysWOW64\NTSVC.ocx
2014-06-12 12:13 - 2001-04-05 07:43 - 00094208 ___RS (Microsoft Corporation) C:\windows\SysWOW64\msstkprp.dll
2014-06-12 12:13 - 2000-04-03 21:52 - 00164144 _____ (Microsoft Corporation) C:\windows\SysWOW64\comct232.ocx
2014-06-12 12:13 - 1999-05-17 14:55 - 00057344 ____N () C:\windows\SysWOW64\ADsSecurity.dll
2014-06-12 12:13 - 1998-06-18 01:00 - 00089360 _____ (Microsoft Corporation) C:\windows\SysWOW64\VB5DB.DLL
2014-06-12 11:12 - 2014-06-12 11:12 - 00000000 ____D () C:\Users\Roc\Desktop\extra files
2014-06-12 07:54 - 2014-06-12 07:54 - 00000287 _____ () C:\Users\Roc\Dad
2014-06-12 07:46 - 2014-06-15 11:09 - 00003216 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-12 06:43 - 2014-06-15 13:53 - 00003332 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-12 00:48 - 2014-06-12 00:48 - 09889352 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RsCRIcon.dll
2014-06-12 00:48 - 2014-06-12 00:48 - 00271064 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUStor.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2014-06-12 00:47 - 2014-06-12 00:47 - 00128200 _____ (Qualcomm Atheros Co., Ltd.) C:\windows\system32\Drivers\L1C62x64.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 00100312 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-12 00:44 - 2014-06-12 00:44 - 03073752 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-06-12 00:41 - 2014-06-12 00:41 - 00003210 _____ () C:\windows\System32\Tasks\Driver Booster Scan
2014-06-12 00:41 - 2014-06-12 00:41 - 00002850 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Roc)
2014-06-12 00:41 - 2014-06-12 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-11 23:43 - 2014-06-14 15:52 - 00000314 _____ () C:\Users\Roc\Desktop\RootkitRemover_20140611_234302.log
2014-06-11 22:45 - 2014-06-11 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPU Temp
2014-06-11 22:45 - 2014-06-11 22:45 - 00000000 ____D () C:\Program Files (x86)\GPU Temp
2014-06-11 21:52 - 2014-06-15 11:06 - 00001208 _____ () C:\windows\PFRO.log
2014-06-11 21:50 - 2014-06-11 21:50 - 00000150 _____ () C:\windows\wininit.ini
2014-06-11 19:39 - 2014-06-11 19:39 - 00003162 _____ () C:\windows\System32\Tasks\SmartDefrag3_Startup
2014-06-11 19:39 - 2014-06-11 19:39 - 00003160 _____ () C:\windows\System32\Tasks\SmartDefrag3_Update
2014-06-11 19:39 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\windows\system32\IObitSmartDefragExtension.dll
2014-06-11 19:39 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\windows\system32\SmartDefragBootTime.exe
2014-06-11 19:38 - 2013-12-24 10:40 - 00021184 _____ (IObit) C:\windows\system32\Drivers\SmartDefragDriver.sys
2014-06-11 19:37 - 2014-06-14 17:27 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\IObit
2014-06-11 19:37 - 2014-06-11 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-06-11 19:21 - 2014-06-11 19:21 - 00000000 ____D () C:\Program Files (x86)\Raxco
2014-06-11 19:19 - 2014-06-11 21:50 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-11 19:19 - 2014-06-11 19:19 - 00001402 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-11 19:19 - 2014-06-11 19:19 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-11 19:19 - 2014-06-11 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-11 19:19 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\windows\system32\sdnclean64.exe
2014-06-11 19:18 - 2014-06-11 19:21 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-11 18:57 - 2014-06-11 21:03 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-11 18:56 - 2014-06-15 09:51 - 00000000 ____D () C:\Users\Roc\Desktop\mbar
2014-06-11 18:56 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-06-11 15:43 - 2014-06-11 15:43 - 00000077 _____ () C:\Users\Roc\Allegiance
2014-06-10 17:21 - 2014-06-10 17:21 - 00001890 _____ () C:\Users\Roc\GTA IV BS
2014-06-10 13:46 - 2014-06-10 13:46 - 00001084 _____ () C:\Users\Guest\Desktop\FreeArc.lnk
2014-06-10 13:46 - 2014-06-10 13:46 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\FreeArc
2014-06-10 13:45 - 2014-06-10 13:46 - 00000000 ____D () C:\Program Files (x86)\FreeArc
2014-06-10 13:45 - 2014-06-10 13:45 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeArc
2014-06-10 13:45 - 2014-06-10 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeArc
2014-06-10 06:20 - 2014-06-10 07:57 - 00000000 ____D () C:\Program Files (x86)\Arab-GB
2014-06-08 08:31 - 2014-06-08 08:40 - 00000000 ____D () C:\R.G. Catalyst
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\New Technology Studio
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Local\New Technology Studio
2014-06-08 06:07 - 2014-06-08 06:07 - 00000000 ____D () C:\Users\Roc\AppData\Local\Mato_Technologies
2014-06-08 03:29 - 2012-05-15 07:13 - 00144896 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll
2014-06-08 03:29 - 2012-05-15 07:13 - 00020992 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2014-06-08 03:29 - 2012-05-15 06:20 - 00104448 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll
2014-06-08 03:29 - 2012-05-15 06:20 - 00017920 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2014-06-08 03:28 - 2014-06-16 22:07 - 00003050 _____ () C:\windows\setupact.log
2014-06-08 03:28 - 2014-06-08 03:28 - 00000000 _____ () C:\windows\setuperr.log
2014-06-08 03:07 - 2014-06-08 03:07 - 00000000 ____D () C:\Users\Roc\Downloads\Microsoft Word 2010 + Crack {LCD}
2014-06-08 03:00 - 2014-06-08 03:00 - 00004030 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-08 03:00 - 2014-06-08 03:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 03:00 - 2014-05-07 15:02 - 00098216 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2014-06-08 03:00 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2014-06-08 03:00 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2014-06-08 03:00 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2014-06-07 11:25 - 2014-06-07 11:25 - 00000000 ____D () C:\Games
2014-06-07 11:06 - 2014-06-07 11:06 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-06-07 10:55 - 2014-06-07 10:55 - 00000000 ___SH () C:\Users\Roc\AppData\Local\LumaEmu
2014-06-07 10:55 - 2014-06-07 10:55 - 00000000 ____D () C:\ProgramData\LumaEmu_SteamCloud
2014-06-06 16:20 - 2014-06-06 16:20 - 00000000 ____D () C:\Users\Roc\AppData\Local\Rockstar Games
2014-06-05 10:15 - 2014-06-06 06:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
2014-06-02 01:05 - 2014-06-15 09:50 - 00000000 ____D () C:\Users\Roc\Downloads\Mods
2014-06-02 01:03 - 2014-06-07 10:35 - 00000000 ____D () C:\Users\Roc\Downloads\MP3 and Other bleep
2014-05-31 08:27 - 2014-05-31 08:27 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-05-31 08:21 - 2014-05-31 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-05-31 08:21 - 2014-05-31 08:21 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-05-29 19:28 - 2014-05-29 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-05-29 19:25 - 2014-05-29 19:29 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Riot Games
2014-05-29 06:41 - 2014-06-07 11:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Tunngle
2014-05-29 06:41 - 2014-06-07 11:12 - 00000000 ____D () C:\ProgramData\Tunngle
2014-05-29 06:41 - 2014-05-29 06:42 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Roc\Documents\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-05-29 06:41 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\windows\system32\Drivers\tap0901t.sys
2014-05-29 06:03 - 2014-05-29 06:03 - 00000850 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight II.lnk
2014-05-29 06:00 - 2014-05-29 06:23 - 00000000 ____D () C:\Program Files (x86)\Torchlight II
2014-05-26 08:47 - 2014-06-02 09:38 - 00000144 _____ () C:\Users\Roc\Temp Services
2014-05-25 17:27 - 2014-06-08 09:20 - 00000000 ____D () C:\Users\Roc\Documents\Telltale Games
2014-05-25 17:27 - 2014-05-25 17:27 - 00000000 ____D () C:\ProgramData\REVOLT
2014-05-24 21:19 - 2014-05-24 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-05-24 21:11 - 2014-06-14 13:19 - 00000000 ____D () C:\Program Files (x86)\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-05-18 20:25 - 2014-05-18 20:25 - 00000294 _____ () C:\Users\Roc\refining
 
==================== One Month Modified Files and Folders =======
 
2014-06-17 11:40 - 2014-06-17 11:39 - 00030389 _____ () C:\Users\Roc\Desktop\FRST.txt
2014-06-17 11:40 - 2013-02-13 04:25 - 00000000 ____D () C:\FRST
2014-06-17 11:40 - 2012-06-05 21:05 - 00000000 ____D () C:\Users\Roc\AppData\Local\Temp
2014-06-17 11:39 - 2014-06-17 11:39 - 00000000 ____D () C:\Users\Roc\Desktop\FRST-OlderVersion
2014-06-17 11:39 - 2014-06-13 20:19 - 02081280 _____ (Farbar) C:\Users\Roc\Desktop\FRST64.exe
2014-06-17 11:38 - 2013-07-29 13:01 - 00024168 _____ () C:\Users\Roc\AppData\Roaming\Notepad2.ini
2014-06-17 11:37 - 2014-06-15 11:21 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 11:26 - 2014-06-17 11:26 - 00005437 _____ () C:\Users\Roc\Desktop\JRT.txt
2014-06-17 11:22 - 2012-06-05 21:44 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 10:57 - 2013-11-26 02:58 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-06-17 06:23 - 2012-06-05 21:09 - 01225624 _____ () C:\windows\WindowsUpdate.log
2014-06-17 04:22 - 2012-09-17 04:37 - 00000894 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore1cd94c07f095136.job
2014-06-17 04:18 - 2014-06-17 04:18 - 00001076 _____ () C:\mb.txt
2014-06-17 04:17 - 2013-03-13 06:56 - 00003642 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore1cd94c07f095136
2014-06-17 04:17 - 2012-06-05 21:44 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 02:31 - 2013-11-23 05:01 - 00000000 ____D () C:\ProgramData\hem
2014-06-16 22:11 - 2009-07-13 22:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-16 22:11 - 2009-07-13 22:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 22:08 - 2009-07-13 23:13 - 00798842 _____ () C:\windows\system32\PerfStringBackup.INI
2014-06-16 22:07 - 2014-06-08 03:28 - 00003050 _____ () C:\windows\setupact.log
2014-06-16 22:03 - 2014-06-12 12:13 - 00119296 _____ () C:\windows\SysWOW64\zlib.dll
2014-06-16 22:03 - 2013-11-24 04:50 - 00000000 ____D () C:\ProgramData\VMware
2014-06-16 22:03 - 2013-11-20 14:05 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-06-16 22:03 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-06-16 17:11 - 2013-12-25 17:42 - 00003910 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{F2C8E097-E7CB-489D-BD91-6E2373E427CB}
2014-06-16 02:00 - 2012-06-07 06:44 - 00000000 ____D () C:\Users\Roc\AppData\Local\Adobe
2014-06-15 21:21 - 2014-05-12 19:04 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\WildTangent
2014-06-15 21:21 - 2012-06-05 21:40 - 00000000 ____D () C:\ProgramData\WildTangent
2014-06-15 19:56 - 2012-09-08 06:00 - 00000000 ____D () C:\Users\Roc\AppData\Local\CrashDumps
2014-06-15 13:53 - 2014-06-12 06:43 - 00003332 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-15 13:53 - 2013-11-29 10:51 - 00003194 _____ () C:\windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-15 11:44 - 2014-06-15 11:43 - 00020683 _____ () C:\Users\Roc\Downloads\acii_wireless_360_fix_by_khemitude.rar
2014-06-15 11:20 - 2014-06-15 11:20 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-15 11:20 - 2014-06-15 11:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-15 11:20 - 2014-06-15 11:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-15 11:20 - 2012-11-14 15:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-15 11:19 - 2014-06-15 11:18 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Roc\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-15 11:09 - 2014-06-15 11:09 - 00003354 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-15 11:09 - 2014-06-12 07:46 - 00003216 _____ () C:\windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2109263369-3482990966-500902494-1000
2014-06-15 11:06 - 2014-06-11 21:52 - 00001208 _____ () C:\windows\PFRO.log
2014-06-15 11:05 - 2014-06-15 10:59 - 00000000 ____D () C:\AdwCleaner
2014-06-15 11:04 - 2012-09-24 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-15 11:04 - 2012-06-09 01:23 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\SoftGrid Client
2014-06-15 10:39 - 2014-06-15 09:55 - 00000000 ___RD () C:\Users\Roc\Desktop\Game Images
2014-06-15 10:29 - 2012-06-22 14:07 - 00000000 ___RD () C:\Users\Roc\Desktop\Utilities
2014-06-15 10:27 - 2014-06-15 10:05 - 00000000 ___RD () C:\Users\Roc\Desktop\Computer Junk
2014-06-15 10:26 - 2014-06-15 10:26 - 00000000 ____D () C:\Users\Roc\Downloads\PNG Versions(128x128)
2014-06-15 10:26 - 2014-06-15 10:26 - 00000000 ____D () C:\Users\Roc\Downloads\GIF Versions(65x65)
2014-06-15 10:15 - 2014-06-15 10:14 - 01976262 _____ () C:\Users\Roc\Downloads\avatars.zip
2014-06-15 09:53 - 2012-06-22 17:40 - 00000000 ____D () C:\Users\Roc\AppData\Local\Jaksta_Technologies_Pty_L
2014-06-15 09:53 - 2012-06-22 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Applian Technologies
2014-06-15 09:51 - 2014-06-11 18:56 - 00000000 ____D () C:\Users\Roc\Desktop\mbar
2014-06-15 09:50 - 2014-06-02 01:05 - 00000000 ____D () C:\Users\Roc\Downloads\Mods
2014-06-15 09:45 - 2014-06-15 09:45 - 01016261 _____ (Thisisu) C:\Users\Roc\Desktop\JRT.exe
2014-06-15 09:45 - 2014-06-15 09:44 - 01333465 _____ () C:\Users\Roc\Desktop\AdwCleaner.exe
2014-06-14 20:59 - 2014-06-14 20:59 - 00000072 _____ () C:\Users\Roc\Desktop\Games to DL
2014-06-14 18:00 - 2013-12-08 05:03 - 00000000 ____D () C:\Program Files\PeerBlock
2014-06-14 18:00 - 2012-06-05 20:28 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\uTorrent
2014-06-14 17:44 - 2012-06-20 12:04 - 00000000 ____D () C:\Just Cause 2
2014-06-14 17:36 - 2014-06-14 17:35 - 00000000 ____D () C:\Program Files\Recuva
2014-06-14 17:35 - 2014-06-14 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2014-06-14 17:31 - 2013-09-17 16:51 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Guild Wars 2
2014-06-14 17:29 - 2014-06-14 17:29 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\ProductData
2014-06-14 17:29 - 2014-06-14 17:28 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-14 17:29 - 2012-06-06 23:54 - 00000000 ____D () C:\ProgramData\IObit
2014-06-14 17:28 - 2014-06-14 17:28 - 00002882 _____ () C:\windows\System32\Tasks\Uninstaller_SkipUac_Administrator
2014-06-14 17:28 - 2014-06-14 17:28 - 00001263 _____ () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2014-06-14 17:28 - 2012-06-06 23:54 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-14 17:27 - 2014-06-11 19:37 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\IObit
2014-06-14 16:43 - 2014-06-14 16:43 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2014-06-14 15:52 - 2014-06-11 23:43 - 00000314 _____ () C:\Users\Roc\Desktop\RootkitRemover_20140611_234302.log
2014-06-14 13:19 - 2014-05-24 21:11 - 00000000 ____D () C:\Program Files (x86)\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-06-13 19:25 - 2014-06-13 19:25 - 00000000 ____D () C:\ProgramData\Brother
2014-06-12 15:04 - 2014-06-12 15:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pinnacle Game Profiler
2014-06-12 15:04 - 2014-06-12 15:04 - 00000000 ____D () C:\Program Files (x86)\PowerUp Software
2014-06-12 14:53 - 2014-06-12 14:52 - 00000000 ____D () C:\Users\Roc\Desktop\XPadder
2014-06-12 12:14 - 2014-06-12 12:14 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\PowerUp Software
2014-06-12 12:14 - 2014-06-12 12:14 - 00000000 ____D () C:\ProgramData\PowerUp Software
2014-06-12 12:12 - 2011-10-30 20:30 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-06-12 11:12 - 2014-06-12 11:12 - 00000000 ____D () C:\Users\Roc\Desktop\extra files
2014-06-12 08:11 - 2012-06-06 18:24 - 00000000 ____D () C:\Users\Roc\AppData\Local\PMB Files
2014-06-12 08:11 - 2012-06-06 18:24 - 00000000 ____D () C:\ProgramData\PMB Files
2014-06-12 07:54 - 2014-06-12 07:54 - 00000287 _____ () C:\Users\Roc\Dad
2014-06-12 07:54 - 2012-06-05 21:05 - 00000000 ____D () C:\Users\Roc
2014-06-12 00:48 - 2014-06-12 00:48 - 09889352 _____ (Realtek Semiconductor Corp.) C:\windows\SysWOW64\RsCRIcon.dll
2014-06-12 00:48 - 2014-06-12 00:48 - 00271064 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RtsUStor.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 01795952 _____ (Microsoft Corporation) C:\windows\system32\WdfCoInstaller01011.dll
2014-06-12 00:47 - 2014-06-12 00:47 - 00128200 _____ (Qualcomm Atheros Co., Ltd.) C:\windows\system32\Drivers\L1C62x64.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 00100312 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2014-06-12 00:47 - 2014-06-12 00:47 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-06-12 00:44 - 2014-06-12 00:44 - 03073752 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-06-12 00:41 - 2014-06-12 00:41 - 00003210 _____ () C:\windows\System32\Tasks\Driver Booster Scan
2014-06-12 00:41 - 2014-06-12 00:41 - 00002850 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Roc)
2014-06-12 00:41 - 2014-06-12 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-11 22:45 - 2014-06-11 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GPU Temp
2014-06-11 22:45 - 2014-06-11 22:45 - 00000000 ____D () C:\Program Files (x86)\GPU Temp
2014-06-11 21:50 - 2014-06-11 21:50 - 00000150 _____ () C:\windows\wininit.ini
2014-06-11 21:50 - 2014-06-11 19:19 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-11 21:03 - 2014-06-11 18:57 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-06-11 19:39 - 2014-06-11 19:39 - 00003162 _____ () C:\windows\System32\Tasks\SmartDefrag3_Startup
2014-06-11 19:39 - 2014-06-11 19:39 - 00003160 _____ () C:\windows\System32\Tasks\SmartDefrag3_Update
2014-06-11 19:37 - 2014-06-11 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3
2014-06-11 19:21 - 2014-06-11 19:21 - 00000000 ____D () C:\Program Files (x86)\Raxco
2014-06-11 19:21 - 2014-06-11 19:18 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-06-11 19:19 - 2014-06-11 19:19 - 00001402 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-06-11 19:19 - 2014-06-11 19:19 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-06-11 19:19 - 2014-06-11 19:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-06-11 15:43 - 2014-06-11 15:43 - 00000077 _____ () C:\Users\Roc\Allegiance
2014-06-10 17:21 - 2014-06-10 17:21 - 00001890 _____ () C:\Users\Roc\GTA IV BS
2014-06-10 13:46 - 2014-06-10 13:46 - 00001084 _____ () C:\Users\Guest\Desktop\FreeArc.lnk
2014-06-10 13:46 - 2014-06-10 13:46 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\FreeArc
2014-06-10 13:46 - 2014-06-10 13:45 - 00000000 ____D () C:\Program Files (x86)\FreeArc
2014-06-10 13:45 - 2014-06-10 13:45 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeArc
2014-06-10 13:45 - 2014-06-10 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeArc
2014-06-10 07:57 - 2014-06-10 06:20 - 00000000 ____D () C:\Program Files (x86)\Arab-GB
2014-06-08 09:20 - 2014-05-25 17:27 - 00000000 ____D () C:\Users\Roc\Documents\Telltale Games
2014-06-08 08:40 - 2014-06-08 08:31 - 00000000 ____D () C:\R.G. Catalyst
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\New Technology Studio
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV
2014-06-08 06:12 - 2014-06-08 06:12 - 00000000 ____D () C:\Users\Roc\AppData\Local\New Technology Studio
2014-06-08 06:07 - 2014-06-08 06:07 - 00000000 ____D () C:\Users\Roc\AppData\Local\Mato_Technologies
2014-06-08 05:30 - 2012-11-09 13:53 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-08 03:29 - 2012-06-11 23:17 - 00000000 ____D () C:\ProgramData\Intel
2014-06-08 03:29 - 2012-06-05 21:09 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-06-08 03:28 - 2014-06-08 03:28 - 00000000 _____ () C:\windows\setuperr.log
2014-06-08 03:07 - 2014-06-08 03:07 - 00000000 ____D () C:\Users\Roc\Downloads\Microsoft Word 2010 + Crack {LCD}
2014-06-08 03:02 - 2012-06-07 06:22 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\SystemRequirementsLab
2014-06-08 03:02 - 2012-06-07 06:22 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-06-08 03:01 - 2013-11-24 05:05 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-08 03:00 - 2014-06-08 03:00 - 00004030 _____ () C:\windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-08 03:00 - 2014-06-08 03:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 03:00 - 2013-07-11 15:54 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-07 11:25 - 2014-06-07 11:25 - 00000000 ____D () C:\Games
2014-06-07 11:12 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Tunngle
2014-06-07 11:12 - 2014-05-29 06:41 - 00000000 ____D () C:\ProgramData\Tunngle
2014-06-07 11:06 - 2014-06-07 11:06 - 00000000 _____ () C:\windows\SysWOW64\Access.dat
2014-06-07 10:55 - 2014-06-07 10:55 - 00000000 ___SH () C:\Users\Roc\AppData\Local\LumaEmu
2014-06-07 10:55 - 2014-06-07 10:55 - 00000000 ____D () C:\ProgramData\LumaEmu_SteamCloud
2014-06-07 10:51 - 2014-01-16 03:44 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-07 10:35 - 2014-06-02 01:03 - 00000000 ____D () C:\Users\Roc\Downloads\MP3 and Other bleep
2014-06-06 16:20 - 2014-06-06 16:20 - 00000000 ____D () C:\Users\Roc\AppData\Local\Rockstar Games
2014-06-06 06:15 - 2014-06-05 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Games
2014-06-02 09:38 - 2014-05-26 08:47 - 00000144 _____ () C:\Users\Roc\Temp Services
2014-05-31 19:55 - 2012-06-06 23:18 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Skype
2014-05-31 08:27 - 2014-05-31 08:27 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-05-31 08:21 - 2014-05-31 08:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2014-05-31 08:21 - 2014-05-31 08:21 - 00000000 ____D () C:\Program Files\Microsoft Xbox 360 Accessories
2014-05-30 05:56 - 2012-06-25 18:38 - 00000023 _____ () C:\windows\BlendSettings.ini
2014-05-29 19:29 - 2014-05-29 19:25 - 00000000 ____D () C:\Users\Roc\AppData\Roaming\Riot Games
2014-05-29 19:28 - 2014-05-29 19:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-05-29 07:10 - 2012-06-05 20:09 - 00059208 _____ () C:\Users\Roc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-29 06:45 - 2009-07-13 22:45 - 04939336 _____ () C:\windows\system32\FNTCACHE.DAT
2014-05-29 06:42 - 2014-05-29 06:41 - 00000000 ____D () C:\Program Files (x86)\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Roc\Documents\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\Users\Public\Documents\Tunngle
2014-05-29 06:41 - 2014-05-29 06:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-05-29 06:23 - 2014-05-29 06:00 - 00000000 ____D () C:\Program Files (x86)\Torchlight II
2014-05-29 06:03 - 2014-05-29 06:03 - 00000850 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Torchlight II.lnk
2014-05-29 03:08 - 2012-09-27 09:54 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-25 17:27 - 2014-05-25 17:27 - 00000000 ____D () C:\ProgramData\REVOLT
2014-05-24 21:19 - 2014-05-24 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto San Andreas + MultiPlayer [0.3e]
2014-05-24 21:19 - 2012-06-06 18:32 - 00000000 ____D () C:\windows\SysWOW64\directx
2014-05-24 14:07 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\system32\NDF
2014-05-19 23:53 - 2013-12-08 05:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeerBlock
2014-05-18 20:25 - 2014-05-18 20:25 - 00000294 _____ () C:\Users\Roc\refining
 
Files to move or delete:
====================
C:\Users\Roc\AppData\Roaming\CamLayout.ini
C:\Users\Roc\AppData\Roaming\CamShapes.ini
C:\Users\Roc\jagex_cl_runescape_LIVE.dat
C:\Users\Roc\random.dat
 
 
Some content of TEMP:
====================
C:\Users\Roc\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Roc\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-08 03:35
 
==================== End Of Log ============================


#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:02 PM

Posted 18 June 2014 - 02:40 AM

What's with Step #3?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 rodricuz14

rodricuz14
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 18 June 2014 - 06:24 PM

Junkare Removal? What do you mean about step 3?



#10 rodricuz14

rodricuz14
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:02 PM

Posted 18 June 2014 - 10:49 PM

Problem Fixed. You may close down this thread thank you for the help 007 and to the mod who reopened it! :3



#11 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,035 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:09:02 PM

Posted 19 June 2014 - 11:12 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users