Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

infected with zeroaccess and zbot it keeps returning and can not even run rogue


  • This topic is locked This topic is locked
29 replies to this topic

#1 frankp747

frankp747

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:01:09 PM

Posted 10 July 2014 - 04:37 PM

Laptop is infected with zeroaccess and zbot i can not run roguekiller now, i ran it before and it worked before but for some reason it has mutated or has gotten crafty computer is running very very slow...continuously get this web page is not available and must refresh page which are running very slow i also have a question i used my usb stick on a different pc could that one have gotten infected with this same virus it seems to be running slow as well Laptop Specs.. Toshiba satellite C655D AMD E-350 Processor 1.60 GHz 3.00 GB 64-bit os Sincerely , frankp747 windows 7 home premium.. service pack 1

BC AdBot (Login to Remove)

 


m

#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:09 PM

Posted 10 July 2014 - 06:18 PM

:welcome:
 
Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:01:09 PM

Posted 11 July 2014 - 03:10 AM

Hello, JSntgRvr Below i have posted the FRST.txt Additional.txt and Shortcut.txt below , frankp747

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Halmr2 (administrator) on IRENESCOMPUTER on 11-07-2014 03:54:14
Running from C:\Users\Halmr2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Safer-Networking Ltd.) C:\Spybot - Search & Destroy\TeaTimer.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588456 2010-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-06] (Apple Inc.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [2015136 2011-05-27] (Affinegy, Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3904140959-3754442933-390101978-1001\...\Run: [SpybotSD TeaTimer] => C:\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
ShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP22&ocid=UP22DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {22E5305A-D3EA-4C5E-A994-F55251800629} URL = http://www.mysearchresults.com/search?&c=2641&t=03&q={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: No Name - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -  No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Halmr2\AppData\Roaming\Mozilla\Firefox\Profiles\hdbgbxgn.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Halmr2\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\IPSFFPlgn [2011-09-22]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2 [2013-11-05]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-10-26]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: google.com.ph
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-05]
CHR Extension: (Google Drive) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-11]
CHR Extension: (Google Search) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-11]
CHR Extension: (Google Wallet) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-06-11]
CHR Extension: (Gmail) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-11]
CHR HKCU\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\Halmr2\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx [2012-06-11]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKLM-x32\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\Halmr2\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx [2011-05-23]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [562592 2011-05-27] (Affinegy, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.) [File not signed]
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 SBSDWSCService; E:\Spybot - Search & Destroy\SDWinSec.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-06-17] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\IPSDefs\20130712.001\IDSvia64.sys [513184 2013-06-14] (Symantec Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-04-23] (Qualcomm Atheros Co., Ltd.)
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [92888 2014-07-09] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130714.004\ENG64.SYS [126040 2013-06-28] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\Definitions\VirusDefs\20130714.004\EX64.SYS [2098776 2013-06-28] (Symantec Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3073752 2014-04-23] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1207020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1207020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1207020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1207020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2011-09-23] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NISx64\1207020.003\Ironx64.SYS [171128 2011-01-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1207020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29696 2014-07-10] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 ccEvtMgr; 
U2 ccSetMgr; 
U3 navapsvc; 
U3 SAVRT; 
U1 SAVRTPEL; 
U4 TlntSvr; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-11 03:54 - 2014-07-11 03:55 - 00023685 _____ () C:\Users\Halmr2\Desktop\FRST.txt
2014-07-11 03:53 - 2014-07-11 03:54 - 00000000 ____D () C:\FRST
2014-07-11 03:22 - 2014-07-11 03:23 - 02084864 _____ (Farbar) C:\Users\Halmr2\Desktop\FRST64.exe
2014-07-11 03:12 - 2014-07-11 03:14 - 00000000 ____D () C:\Users\Halmr2\Desktop\desktop flies
2014-07-11 03:10 - 2014-07-11 03:10 - 00000000 ____H () C:\ProgramData\cm-lock
2014-07-10 17:10 - 2014-07-10 17:14 - 00398683 _____ () C:\Users\Halmr2\Downloads\RogueKillerX64.exe
2014-07-10 15:34 - 2014-07-10 15:34 - 00002046 _____ () C:\Users\Halmr2\Desktop\SUPERAntiSpyware Scan Log - 07-10-2014 - 15-31-13.log
2014-07-10 14:07 - 2014-07-10 14:07 - 00000000 ____D () C:\SUPERDelete
2014-07-10 13:40 - 2014-07-10 13:40 - 00001904 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-10 13:40 - 2014-07-10 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-10 13:40 - 2014-07-10 13:40 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-10 13:31 - 2014-07-10 16:22 - 11185664 _____ (SurfRight B.V.) C:\Users\Halmr2\Downloads\HitmanPro_x64.exe
2014-07-09 21:50 - 2014-07-10 13:39 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-09 18:52 - 2014-07-09 19:00 - 00000000 ____D () C:\Users\Halmr2\Desktop\slam
2014-07-09 18:02 - 2014-07-11 02:53 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-09 18:02 - 2014-07-09 19:01 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-09 18:02 - 2014-07-09 18:02 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-09 18:02 - 2014-07-09 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-09 18:02 - 2014-07-09 18:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-09 18:02 - 2014-05-12 07:35 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-09 18:02 - 2014-05-12 07:35 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-09 17:20 - 2014-07-09 18:01 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Halmr2\Downloads\mbam-setup.exe
2014-07-09 17:11 - 2014-07-10 17:14 - 00002442 _____ () C:\Users\Halmr2\Desktop\Rkill.txt
2014-07-09 17:00 - 2014-07-09 17:08 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Halmr2\Downloads\explorer.exe.exe
2014-07-09 12:47 - 2014-07-09 12:47 - 00003392 _____ () C:\Users\Halmr2\Desktop\RKreport_DEL_07092014_124537.log
2014-07-09 12:15 - 2014-07-09 12:15 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-07-09 10:43 - 2014-07-09 10:43 - 00029160 _____ () C:\ComboFix.txt
2014-07-09 10:29 - 2014-07-09 10:29 - 00000000 _____ () C:\windows\SysWOW64\sho4AAB.tmp
2014-07-09 10:00 - 2011-06-26 02:45 - 00256000 _____ () C:\windows\PEV.exe
2014-07-09 10:00 - 2010-11-07 13:20 - 00208896 _____ () C:\windows\MBR.exe
2014-07-09 10:00 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00098816 _____ () C:\windows\sed.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00080412 _____ () C:\windows\grep.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00068096 _____ () C:\windows\zip.exe
2014-07-09 09:59 - 2014-07-09 10:43 - 00000000 ____D () C:\Qoobox
2014-07-09 09:57 - 2014-07-09 10:37 - 00000000 ____D () C:\windows\erdnt
2014-07-09 09:43 - 2014-07-09 09:50 - 05216105 ____R (Swearware) C:\Users\Halmr2\Desktop\ComboFix.exe
2014-07-09 09:20 - 2014-07-10 15:49 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00269080 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-06-12 11:13 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-12 11:13 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-12 11:13 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-12 11:13 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-12 11:13 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-12 11:13 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-12 11:13 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-12 11:13 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-12 11:13 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-12 11:13 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-12 11:13 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-12 11:13 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-12 11:13 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-12 11:13 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-12 11:13 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-12 11:13 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-12 11:13 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-12 11:13 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-12 11:13 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 11:13 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-12 11:13 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-12 11:13 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-12 11:13 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-12 11:13 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-12 11:13 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-12 11:13 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-12 11:13 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-12 11:13 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-12 11:13 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-12 11:13 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-12 11:13 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-12 11:13 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-12 11:13 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-12 11:13 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-12 11:13 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-12 11:13 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-12 11:13 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 11:13 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-12 11:13 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-12 11:13 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-12 11:13 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-12 11:13 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-12 11:13 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-12 11:13 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-12 11:13 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-12 11:13 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-12 11:13 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-12 11:13 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-12 11:13 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-12 11:13 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-12 11:13 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-12 11:13 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-12 10:21 - 2014-07-11 03:10 - 00001736 _____ () C:\windows\setupact.log
2014-06-12 10:21 - 2014-07-10 15:38 - 00003878 _____ () C:\windows\PFRO.log
2014-06-12 10:21 - 2014-06-12 10:21 - 00000000 _____ () C:\windows\setuperr.log
2014-06-12 10:21 - 2014-06-12 10:21 - 00000000 _____ () C:\asc_rdflag
2014-06-12 09:07 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-12 09:07 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-12 09:06 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-12 09:06 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-12 09:06 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-12 09:06 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 09:00 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-12 09:00 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 09:00 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-12 09:00 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-12 09:00 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-12 09:00 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-12 09:00 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-12 09:00 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-12 09:00 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-12 09:00 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
 
==================== One Month Modified Files and Folders =======
 
2014-07-11 03:55 - 2014-07-11 03:54 - 00023685 _____ () C:\Users\Halmr2\Desktop\FRST.txt
2014-07-11 03:54 - 2014-07-11 03:53 - 00000000 ____D () C:\FRST
2014-07-11 03:45 - 2012-03-30 23:41 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 03:27 - 2009-07-14 00:45 - 00024944 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-11 03:27 - 2009-07-14 00:45 - 00024944 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 03:23 - 2014-07-11 03:22 - 02084864 _____ (Farbar) C:\Users\Halmr2\Desktop\FRST64.exe
2014-07-11 03:15 - 2011-07-12 13:49 - 01824771 _____ () C:\windows\WindowsUpdate.log
2014-07-11 03:14 - 2014-07-11 03:12 - 00000000 ____D () C:\Users\Halmr2\Desktop\desktop flies
2014-07-11 03:10 - 2014-07-11 03:10 - 00000000 ____H () C:\ProgramData\cm-lock
2014-07-11 03:10 - 2014-06-12 10:21 - 00001736 _____ () C:\windows\setupact.log
2014-07-11 03:10 - 2011-07-12 14:23 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-11 03:10 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-11 02:58 - 2013-11-05 17:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-11 02:57 - 2013-11-12 15:39 - 00000000 ____D () C:\Users\CJAY
2014-07-11 02:57 - 2012-04-30 06:14 - 00000000 ____D () C:\Users\Mcx1-HALMR2-PC
2014-07-11 02:53 - 2014-07-09 18:02 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 20:04 - 2011-07-12 14:23 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-10 17:14 - 2014-07-10 17:10 - 00398683 _____ () C:\Users\Halmr2\Downloads\RogueKillerX64.exe
2014-07-10 17:14 - 2014-07-09 17:11 - 00002442 _____ () C:\Users\Halmr2\Desktop\Rkill.txt
2014-07-10 16:22 - 2014-07-10 13:31 - 11185664 _____ (SurfRight B.V.) C:\Users\Halmr2\Downloads\HitmanPro_x64.exe
2014-07-10 15:49 - 2014-07-09 09:20 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys
2014-07-10 15:38 - 2014-06-12 10:21 - 00003878 _____ () C:\windows\PFRO.log
2014-07-10 15:34 - 2014-07-10 15:34 - 00002046 _____ () C:\Users\Halmr2\Desktop\SUPERAntiSpyware Scan Log - 07-10-2014 - 15-31-13.log
2014-07-10 14:55 - 2012-03-30 23:41 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 14:54 - 2012-03-30 23:40 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 14:54 - 2011-10-21 18:14 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 14:07 - 2014-07-10 14:07 - 00000000 ____D () C:\SUPERDelete
2014-07-10 14:07 - 2014-04-22 12:59 - 00000000 ____D () C:\Users\Halmr2\AppData\Roaming\IObit
2014-07-10 13:40 - 2014-07-10 13:40 - 00001904 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-10 13:40 - 2014-07-10 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-10 13:40 - 2014-07-10 13:40 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-10 13:39 - 2014-07-09 21:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-10 13:21 - 2009-07-14 01:13 - 00800796 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-09 19:01 - 2014-07-09 18:02 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-09 19:00 - 2014-07-09 18:52 - 00000000 ____D () C:\Users\Halmr2\Desktop\slam
2014-07-09 18:02 - 2014-07-09 18:02 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-09 18:02 - 2014-07-09 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-09 18:02 - 2014-07-09 18:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-09 18:02 - 2013-12-05 16:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-09 18:01 - 2014-07-09 17:20 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Halmr2\Downloads\mbam-setup.exe
2014-07-09 17:08 - 2014-07-09 17:00 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Halmr2\Downloads\explorer.exe.exe
2014-07-09 14:59 - 2011-07-12 14:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-09 14:08 - 2014-05-06 10:22 - 00000000 ____D () C:\Users\Halmr2\Desktop\Contractual Agrrement 1
2014-07-09 13:38 - 2011-07-12 14:23 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-09 13:35 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-09 13:33 - 2014-05-08 14:54 - 00000000 ____D () C:\Users\Halmr2\AppData\Roaming\WildTangent
2014-07-09 13:33 - 2014-05-08 14:54 - 00000000 ____D () C:\ProgramData\WildTangent
2014-07-09 13:33 - 2014-05-08 14:54 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-07-09 13:32 - 2014-05-08 14:38 - 00000000 ____D () C:\ProgramData\Big Fish
2014-07-09 13:32 - 2014-05-08 14:07 - 00000000 ____D () C:\BigFishCache
2014-07-09 12:47 - 2014-07-09 12:47 - 00003392 _____ () C:\Users\Halmr2\Desktop\RKreport_DEL_07092014_124537.log
2014-07-09 12:15 - 2014-07-09 12:15 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-07-09 11:15 - 2014-03-14 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-09 11:15 - 2013-12-05 05:30 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-09 10:43 - 2014-07-09 10:43 - 00029160 _____ () C:\ComboFix.txt
2014-07-09 10:43 - 2014-07-09 09:59 - 00000000 ____D () C:\Qoobox
2014-07-09 10:43 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-07-09 10:37 - 2014-07-09 09:57 - 00000000 ____D () C:\windows\erdnt
2014-07-09 10:31 - 2009-07-13 22:34 - 00000215 _____ () C:\windows\system.ini
2014-07-09 10:29 - 2014-07-09 10:29 - 00000000 _____ () C:\windows\SysWOW64\sho4AAB.tmp
2014-07-09 10:29 - 2009-07-13 22:34 - 78118912 _____ () C:\windows\system32\config\software.bak
2014-07-09 10:29 - 2009-07-13 22:34 - 17301504 _____ () C:\windows\system32\config\system.bak
2014-07-09 10:29 - 2009-07-13 22:34 - 05767168 _____ () C:\windows\system32\config\default.bak
2014-07-09 10:29 - 2009-07-13 22:34 - 00098304 _____ () C:\windows\system32\config\sam.bak
2014-07-09 10:29 - 2009-07-13 22:34 - 00028672 _____ () C:\windows\system32\config\security.bak
2014-07-09 10:28 - 2014-05-23 05:44 - 44040192 _____ () C:\windows\system32\config\components.bak
2014-07-09 09:50 - 2014-07-09 09:43 - 05216105 ____R (Swearware) C:\Users\Halmr2\Desktop\ComboFix.exe
2014-07-09 09:18 - 2013-11-15 05:58 - 00000000 ____D () C:\Users\Halmr2\Desktop\FULL spyware antivurus rootkit FLIES
2014-07-02 12:27 - 2013-11-08 17:27 - 00000000 ____D () C:\Users\Halmr2\AppData\Roaming\uTorrent
2014-06-29 10:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-06-29 10:22 - 2014-05-27 08:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 12:59 - 2011-07-12 14:23 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 12:59 - 2011-07-12 14:23 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 14:22 - 2013-10-15 05:17 - 00000000 ____D () C:\Users\Halmr2\AppData\Roaming\vlc
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00269080 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-06-12 10:30 - 2013-11-08 19:23 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-12 10:21 - 2014-06-12 10:21 - 00000000 _____ () C:\windows\setuperr.log
2014-06-12 10:21 - 2014-06-12 10:21 - 00000000 _____ () C:\asc_rdflag
2014-06-12 10:15 - 2013-11-06 13:09 - 00000000 ____D () C:\windows\system32\MRT
2014-06-12 10:05 - 2013-11-11 09:02 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-12 10:03 - 2014-05-01 12:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-12 09:05 - 2011-09-22 23:39 - 00000000 ____D () C:\Users\Halmr2
2014-06-12 08:44 - 2013-11-06 22:33 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
 
Some content of TEMP:
====================
C:\Users\Halmr2\AppData\Local\Temp\HitmanPro.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-09 07:37
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-07-2014
Ran by Halmr2 at 2014-07-11 03:56:32
Running from C:\Users\Halmr2\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.3.2.30260 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81008.0920 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.06.0000 - AMD) Hidden
Apple Application Support (HKLM-x32\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 4.4.0.0 - Auslogics Labs Pty Ltd)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Belkin Setup and Router Monitor (HKLM-x32\...\Belkin Setup and Router Monitor_is1) (Version:  - )
Best Buy pc app (Version: 3.0.0.0 - Best Buy) Hidden
CameraHelperMsi (x32 Version: 13.50.854.0 - Logitech) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Citrix ICA Client (HKLM-x32\...\Citrix ICA Client) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)
Content Manager Assistant for PlayStation® (HKLM-x32\...\{BE841724-78F0-44D6-B6C4-C3D53708293B}) (Version: 1.10.4086.63 - Sony Computer Entertainment Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.0.34 - DivX, LLC)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPSON Stylus NX400 Series Printer Uninstall (HKLM\...\EPSON Stylus NX400 Series) (Version:  - SEIKO EPSON Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ETDWare PS/2-X64 8.0.8.0_R01 (HKLM\...\Elantech) (Version: 8.0.8.0 - ELAN Microelectronic Corp.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FINAL FANTASY XI (HKLM-x32\...\InstallShield_{678F6475-D227-432A-94FF-806178A34520}) (Version: 1.04.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XI (x32 Version: 1.04.0 - SQUARE ENIX CO., LTD.) Hidden
FINAL FANTASY XI: Chains of Promathia (HKLM-x32\...\InstallShield_{3C0619B4-4A2C-4244-8077-488E420DF907}) (Version: 1.22.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XI: Chains of Promathia (x32 Version: 1.22.0 - SQUARE ENIX CO., LTD.) Hidden
FINAL FANTASY XI: Rise of the Zilart (HKLM-x32\...\InstallShield_{6FC76C41-8C1D-4B43-85E7-0BAA2002F1BE}) (Version: 1.13.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XI: Rise of the Zilart (x32 Version: 1.13.0 - SQUARE ENIX CO., LTD.) Hidden
FINAL FANTASY XI: Treasures of Aht Urhgan (HKLM-x32\...\InstallShield_{A606C6FF-12E7-40BE-B777-D8F360FF00CD}) (Version: 1.30.0 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XI: Treasures of Aht Urhgan (x32 Version: 1.30.0 - SQUARE ENIX CO., LTD.) Hidden
FINAL FANTASY XI: Wings of the Goddess (HKLM-x32\...\InstallShield_{5B037ED7-0755-48D4-9554-808E5AF50F17}) (Version: 1.40.1 - SQUARE ENIX CO., LTD.)
FINAL FANTASY XI: Wings of the Goddess (x32 Version: 1.40.1 - SQUARE ENIX CO., LTD.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.220 - SurfRight B.V.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
Logitech Vid HD (HKLM-x32\...\Logitech Vid) (Version: 7.2 (7248) - Logitech Inc..)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.0 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.50.862.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.50.859.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.50.861.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Go (HKLM-x32\...\{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}) (Version: 2.1.392 - Sony)
Media Go Video Playback Engine 1.88.107.12050 (HKLM-x32\...\{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}) (Version: 1.88.107.12050 - Sony)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Rise Of Nations (HKLM-x32\...\RiseOfNations 1.0) (Version:  - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 29.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 en-US)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
PlayOnline Viewer & Tetra Master (HKLM-x32\...\InstallShield_{47004155-7376-403E-89E9-4C9F44AAF0D0}) (Version: 1.18.00 - SQUARE ENIX CO., LTD.)
PlayOnline Viewer & Tetra Master (x32 Version: 1.18.00 - SQUARE ENIX CO., LTD.) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation®Network Downloader (HKLM-x32\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation®Store (HKLM-x32\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.12.6.14870 - Sony Computer Entertainment Inc.)
QuickTime (HKLM-x32\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30124 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Star Trek Online (HKLM-x32\...\Star Trek Online) (Version:  - Cryptic Studios)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1042 - SUPERAntiSpyware.com)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}) (Version: 2.2.6775 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.08.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.14 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.16.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.07 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.22.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.22.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.22.64 - TOSHIBA Corporation) Hidden
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
WIDI Recognition System Standard 4.1 (remove only) (HKLM-x32\...\WIDI Recognition System Standard 4.1) (Version:  - )
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinZip 15.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C3}) (Version: 15.5.9579 - WinZip Computing, S.L. )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
 
==================== Restore Points  =========================
 
29-05-2014 12:22:59 Installed TOSHIBA Service Station
02-06-2014 13:00:52 Restore Operation
12-06-2014 14:00:31 Windows Update
12-06-2014 18:10:45 Windows Update
29-06-2014 14:30:26 Scheduled Checkpoint
09-07-2014 11:45:11 Scheduled Checkpoint
09-07-2014 14:00:50 Windows Update
09-07-2014 17:36:30 Removed Google Earth Plug-in.
09-07-2014 18:12:23 Revo Uninstaller's restore point - Norton Internet Security
10-07-2014 02:07:25 Checkpoint by HitmanPro
10-07-2014 20:24:46 Checkpoint by HitmanPro
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2014-07-09 10:31 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {295A6E98-9A87-4740-BDCA-54DF42E4CF4E} - System32\Tasks\Symantec\Norton Error Analyzer 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe
Task: {4108D33C-5E73-43DF-B808-30AE17DF3F72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {74556966-F226-4D9C-AC95-6DE1F432A8FB} - System32\Tasks\Symantec\Norton Error Processor 18.7.2.3 => C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe
Task: {94658EF1-089F-4BCD-BCDB-FF779D723DB4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-12] (Google Inc.)
Task: {A72059BA-C7CC-49D4-B3E9-22D40AC4910B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-12] (Google Inc.)
Task: {B154FDD0-EDDC-4F25-B157-5A35C603C12C} - System32\Tasks\Driver Booster SkipUAC (Halmr2) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {BE6BB8D6-12D2-4C4A-B791-FB688E2AE255} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: {FF4EEDBC-8865-4224-8CFE-7152033026FF} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-HALMR2-PC => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-08 15:34 - 2013-10-08 15:34 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2011-09-30 18:39 - 2011-05-29 04:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2010-04-07 19:07 - 2010-04-07 19:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 16:26 - 2009-11-03 16:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2011-03-29 22:48 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 22:08 - 2009-03-12 22:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2011-07-28 19:08 - 2011-07-28 19:08 - 01259376 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2011-11-11 20:07 - 2011-11-11 20:07 - 00265240 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
2011-08-12 18:19 - 2011-08-12 18:19 - 00680984 _____ () C:\Program Files (x86)\Common Files\Logishrd\LQCVFX\COCIManager.exe
2013-10-08 15:34 - 2013-10-08 15:34 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2010-02-05 20:44 - 2010-02-05 20:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2011-07-28 19:09 - 2011-07-28 19:09 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2011-03-02 05:14 - 2011-03-02 05:14 - 02143576 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll
2011-03-02 05:14 - 2011-03-02 05:14 - 07954776 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll
2011-03-02 05:15 - 2011-03-02 05:15 - 00340824 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll
2011-03-02 05:15 - 2011-03-02 05:15 - 00027480 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll
2011-03-02 05:15 - 2011-03-02 05:15 - 00126808 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-07-23 21:10 - 2012-07-23 21:10 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
2014-06-20 12:58 - 2014-06-05 09:58 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-20 12:58 - 2014-06-05 09:58 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-20 12:58 - 2014-06-05 09:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-20 12:58 - 2014-06-05 09:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-20 12:58 - 2014-06-05 09:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:B1FBBD09
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
Name: BHDrvx64
Description: BHDrvx64
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: BHDrvx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Symantec Iron Driver
Description: Symantec Iron Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: SymIRON
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft Virtual WiFi Miniport Adapter
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/11/2014 03:10:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/11/2014 02:52:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/10/2014 03:39:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/10/2014 01:14:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 04:10:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved
 
Error: (07/09/2014 04:00:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 02:52:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 02:26:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 01:44:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 00:50:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (07/11/2014 03:11:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
BHDrvx64
SymIRON
 
Error: (07/11/2014 03:10:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error: 
%%2
 
Error: (07/11/2014 03:10:25 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (07/11/2014 02:52:25 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
BHDrvx64
SymIRON
 
Error: (07/11/2014 02:52:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error: 
%%2
 
Error: (07/11/2014 02:51:49 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\windows\system32\Rtlihvs.dll
Error Code: 126
 
Error: (07/11/2014 02:51:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:05:29 PM on ‎7/‎10/‎2014 was unexpected.
 
Error: (07/10/2014 03:49:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (07/10/2014 03:39:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
BHDrvx64
SymIRON
 
Error: (07/10/2014 03:39:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SBSD Security Center Service service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (07/11/2014 03:10:54 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/11/2014 02:52:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/10/2014 03:39:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/10/2014 01:14:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 04:10:49 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved
 
Error: (07/09/2014 04:00:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 02:52:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 02:26:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 01:44:45 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/09/2014 00:50:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-07-09 10:25:15.514
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-07-09 10:25:14.827
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-12 23:35:15.200
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Halmr2\AppData\Local\Temp\Rar$EX47.360\SysInfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2012-07-12 23:35:15.151
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Halmr2\AppData\Local\Temp\Rar$EX47.360\SysInfo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 54%
Total physical RAM: 2662.87 MB
Available physical RAM: 1207.51 MB
Total Pagefile: 5323.91 MB
Available Pagefile: 3350.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: (TI106147W0C) (Fixed) (Total:285.29 GB) (Free:45.73 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 2B538AD9)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11 GB) - (Type=17)
 
==================== End Of Log ============================

 

 

 

 

Users shortcut scan result (x64) Version: 11-07-2014
Ran by Halmr2 at 2014-07-11 03:58:58
Running from C:\Users\Halmr2\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Toshiba Book Place.lnk -> C:\Program Files (x86)\Toshiba\Toshiba Book Place\KNFB.Reader.exe (K-NFB Reading Technology)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk -> C:\Program Files (x86)\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk -> C:\Windows\Installer\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}\AppleSoftwareUpdateIco.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Content Manager Assistant for PlayStation®.lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\opera.exe (Opera Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk -> C:\Program Files (x86)\Windows Live\Mail\wlmail.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk -> C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 15.5.lnk -> C:\Program Files (x86)\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Mesh.lnk -> C:\Program Files (x86)\Windows Live\Mesh\WLSync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live\Windows Live Writer.lnk -> C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriter.exe (Microsoft Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trickster Online\Uninstall.lnk -> C:\Ntreev USA\Trickster Online\uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Toshiba Book Place.lnk -> C:\Program Files (x86)\Toshiba\Toshiba Book Place\KNFB.Reader.exe (K-NFB Reading Technology)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\TOSHIBA Bulletin Board.lnk -> C:\Program Files\TOSHIBA\BulletinBoard\TosBulletinBoard.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\TOSHIBA ReelTime.lnk -> C:\Program Files\TOSHIBA\ReelTime\TosReelTime.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Accessibility.lnk -> C:\Program Files\TOSHIBA\Utilities\TACSPROP.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\HDD SSD Alert Help.lnk -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\SSDAlert1.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\HDD SSD Alert.lnk -> C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSSDAlert.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\HWSetup.lnk -> C:\Program Files\TOSHIBA\Utilities\HWSetup.exe (TOSHIBA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\PC Diagnostic Tool.lnk -> C:\Program Files (x86)\Toshiba\PCDiag\PCDiag.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Restart Flash Cards.lnk -> C:\Program Files\TOSHIBA\FlashCards\TfcRst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Service Station.lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Settings for Flash Cards.lnk -> C:\Program Files\TOSHIBA\FlashCards\TfcConf\TfcConf.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\TOSHIBA Assist.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Assist\TInTouch.exe (TOSHIBA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Zooming Utility Help.lnk -> C:\Program Files\TOSHIBA\SmoothView\SmoothView.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Zooming Utility.lnk -> C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\TOSHIBA Media Controller\TOSHIBA Media Controller Help.lnk -> C:\Program Files\TOSHIBA\Media Controller\Help\ToshibaMediaController.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\TOSHIBA Media Controller\TOSHIBA Media Controller.lnk -> C:\Program Files\TOSHIBA\Media Controller\MediaController.exe (Toshiba Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\CD&DVD Applications\Disc Creator Help.lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\CD&DVD Applications\Disc Creator.lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\CD&DVD Applications\DVD-RAM Utility.lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\TosRamUtil.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -> C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\File Shredder.lnk -> C:\Spybot - Search & Destroy\SDShred.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Spybot - Search & Destroy.lnk -> C:\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Tutorial.lnk -> C:\Spybot - Search & Destroy\Help\English.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Uninstall Spybot-S&D.lnk -> C:\Spybot - Search & Destroy\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Update Spybot-S&D.lnk -> C:\Spybot - Search & Destroy\SDUpdate.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony\Media Go\Media Go.lnk -> C:\Program Files (x86)\Sony\Media Go\MediaGo.exe (Sony Network Entertainment International LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager\Purchase Security Task Manager Now!.lnk -> C:\Program Files (x86)\Security Task Manager\Purchase Security Task Manager Now!.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager\Security Task Manager.lnk -> C:\Program Files (x86)\Security Task Manager\TaskMan.exe (Neuber Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager\Spy Protector.lnk -> C:\Program Files (x86)\Security Task Manager\SpyProtector.exe (Neuber Software - www.neuber.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager\Uninstall.lnk -> C:\Program Files (x86)\Security Task Manager\uninstal.exe (Neuber Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\About QuickTime.lnk -> C:\Windows\Installer\{C9E14402-3631-4182-B377-6B0DFB1C0339}\RichText.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\PictureViewer.lnk -> C:\Windows\Installer\{C9E14402-3631-4182-B377-6B0DFB1C0339}\PictureViewer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\QuickTime Player.lnk -> C:\Windows\Installer\{C9E14402-3631-4182-B377-6B0DFB1C0339}\QTPlayer.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline\PlayOnline.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\PlayOnlineViewer\pol.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline\Tetra Master\Tetra Master Config.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\TetraMaster\TetraMasterConfig.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline\Tetra Master\Tetra Master.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\TetraMaster\polboot.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline\PlayOnline Viewer\PlayOnline Viewer Config.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\PlayOnlineViewer\polcfg\polcfg.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline\FINAL FANTASY XI\FINAL FANTASY XI Config.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\FINAL FANTASY XI\ToolsUS\FINAL FANTASY XI Config.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayOnline\FINAL FANTASY XI\FINAL FANTASY XI.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\FINAL FANTASY XI\polboot.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Toshiba\Recovery Media Creator Help.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Recovery Media Creator\help\Help.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Toshiba\Recovery Media Creator.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Recovery Media Creator\TRMCLcher.exe (Toshiba Information Equipment(Hangzhou)Co.,LTD)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Toshiba\Toshiba Application Installer.lnk -> C:\Program Files\TOSHIBA\TOSAPINS\Install.exe (Toshiba)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Toshiba\Toshiba Registration.lnk -> C:\Program Files (x86)\Toshiba\ToshibaRegistration\TaisRegistration.exe (Toshiba America Information Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\My Toshiba\User's Guide.lnk -> C:\Program Files (x86)\Toshiba\Documentation\userguide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Rise Of Nations\Rise Of Nations Readme.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\Readme.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Rise Of Nations\Rise Of Nations.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe (Big Huge Games, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Vid HD.lnk -> C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Webcam Software.lnk -> C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\HitmanPro.lnk -> C:\Program Files\HitmanPro\HitmanPro.exe (SurfRight B.V.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN\FileASSASSIN.lnk -> E:\FileASSASSIN\FileASSASSIN.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileASSASSIN\Uninstall.lnk -> E:\FileASSASSIN\uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan Settings.lnk -> C:\Windows\twain_32\escndv\escfg.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan.lnk -> C:\Windows\twain_32\escndv\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Player.lnk -> C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once\Corel Label@Once.lnk -> C:\Program Files (x86)\Corel\Label@Once\CDLabel.exe (Corel Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix ICA Client\Citrix Program Neighborhood.lnk -> C:\Program Files (x86)\Citrix\ICA Client\pn.exe (Citrix Systems, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belkin\Belkin Router Monitor.lnk -> C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe (Affinegy, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk -> C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\DiskDefrag\Auslogics DiskDefrag.lnk -> C:\Program Files (x86)\Auslogics\DiskDefrag\DiskDefrag.exe (Auslogics)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\AMD Catalyst Control Center.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\Links\Desktop.lnk -> C:\Users\Halmr2\Desktop ()
Shortcut: C:\Users\CJAY\Links\Downloads.lnk -> C:\Users\Halmr2\Downloads ()
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Toshiba Book Place.lnk -> C:\Program Files (x86)\Toshiba\Toshiba Book Place\KNFB.Reader.exe (K-NFB Reading Technology)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\TOSHIBA Bulletin Board.lnk -> C:\Program Files\TOSHIBA\BulletinBoard\TosBulletinBoard.exe (TOSHIBA Corporation)
Shortcut: C:\Users\CJAY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\Links\Data Safe.lnk -> C:\Users\Halmr2\Documents\Data Safe.avgfv ()
Shortcut: C:\Users\Halmr2\Links\Desktop.lnk -> C:\Users\Halmr2\Desktop ()
Shortcut: C:\Users\Halmr2\Links\Documents.lnk -> C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Libraries\Documents.library-ms ()
Shortcut: C:\Users\Halmr2\Links\Downloads.lnk -> C:\Users\Halmr2\Downloads ()
Shortcut: C:\Users\Halmr2\Documents\Data Safe - Shortcut.lnk -> C:\Users\Halmr2\Documents\Data Safe.avgfv ()
Shortcut: C:\Users\Halmr2\Documents\Data Safe.lnk -> C:\Users\Halmr2\Documents\Data Safe.avgfv ()
Shortcut: C:\Users\Halmr2\Documents\DivX Plus Player.lnk -> C:\Program Files (x86)\DivX\DivX Plus Player\DivX Plus Player.exe ()
Shortcut: C:\Users\Halmr2\Documents\Opera.lnk -> C:\Program Files (x86)\Opera\opera.exe (Opera Software)
Shortcut: C:\Users\Halmr2\Documents\QuickTime Player.lnk -> C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe (Apple Inc.)
Shortcut: C:\Users\Halmr2\Documents\PSVITA\FOLDERS\PSVITA\Media Go.lnk -> C:\Program Files (x86)\Sony\Media Go\MediaGo.exe (Sony Network Entertainment International LLC)
Shortcut: C:\Users\Halmr2\Documents\PSVITA\FOLDERS\Presets\DivX Movies.lnk -> C:\Users\Halmr2\Videos\DivX Movies ()
Shortcut: C:\Users\Halmr2\Documents\PSVITA\FOLDERS\Presets\Easy Media Player.lnk -> C:\Program Files (x86)\Easy Media Player\emp.exe ()
Shortcut: C:\Users\Halmr2\Documents\PSVITA\FOLDERS\Presets\EPSON Scan.lnk -> C:\Windows\twain_32\escndv\escndv.exe (SEIKO EPSON CORP.)
Shortcut: C:\Users\Halmr2\Documents\PSVITA\FOLDERS\Presets\Logitech Vid HD.lnk -> C:\Program Files (x86)\Logitech\Vid HD\Vid.exe (Logitech Inc.)
Shortcut: C:\Users\Halmr2\Documents\PSVITA\FOLDERS\Presets\Logitech Webcam Software  .lnk -> C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe ()
Shortcut: C:\Users\Halmr2\Documents\PSVITA\FOLDERS\Presets\The Elder Scrolls Construction Set.lnk -> C:\Program Files (x86)\Bethesda Softworks\Morrowind\TES Construction Set.exe (No File)
Shortcut: C:\Users\Halmr2\Desktop\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Halmr2\Desktop\SUPERAntiSpyware Free Edition.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Halmr2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files (x86)\WinRAR\Rar.txt ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files (x86)\WinRAR\WinRAR.exe ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIDI Recognition System Standard 4.1\Home Page.lnk -> C:\Program Files (x86)\WIDI 4.1 Std\Home Page.url ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIDI Recognition System Standard 4.1\License.lnk -> C:\Program Files (x86)\WIDI 4.1 Std\License.txt ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIDI Recognition System Standard 4.1\Readme File.lnk -> C:\Program Files (x86)\WIDI 4.1 Std\Readme.txt (No File)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIDI Recognition System Standard 4.1\Sample Folder.lnk -> C:\Program Files (x86)\WIDI 4.1 Std\Samples ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIDI Recognition System Standard 4.1\Uninstall WIDI 4.1 Std.lnk -> C:\Program Files (x86)\WIDI 4.1 Std\Uninstall.exe ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIDI Recognition System Standard 4.1\WIDI 4.1 Std Help.lnk -> C:\Program Files (x86)\WIDI 4.1 Std\widi4.chm ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WIDI Recognition System Standard 4.1\WIDI 4.1 Std.lnk -> C:\Program Files (x86)\WIDI 4.1 Std\widi.exe (WIDISOFT)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe (VS Revo Group Ltd.)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks\Star Trek Legacy\Readme.txt.lnk -> C:\Program Files (x86)\Bethesda Softworks\Star Trek Legacy\Readme.txt ()
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Halmr2\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Halmr2\AppData\Local\Microsoft\Windows\GameExplorer\{F56B9C10-26F6-495A-A175-96CF68CDC3F4}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\PlayOnlineViewer\pol.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\Users\Halmr2\AppData\Local\Microsoft\Windows\GameExplorer\{C32D2FCA-D85C-4D55-BDBD-4B634B99B43E}\PlayTasks\0\Play.lnk -> C:\Users\Halmr2\Desktop\HALFLIFE 2\HALFLIFE 2\hl2.exe ()
Shortcut: C:\Users\Halmr2\AppData\Local\Microsoft\Windows\GameExplorer\{8671749E-2CDF-41B6-A14A-8DEE8A76FB9F}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe (Big Huge Games, Inc.)
Shortcut: C:\Users\Halmr2\AppData\Local\Microsoft\Windows\GameExplorer\{54512B43-030C-4F3B-AD70-FE20602B3217}\PlayTasks\0\Play.lnk -> C:\Users\Halmr2\Desktop\HALFLIFE2 EPISODE 2\HALFLIFE 2 EPISODE 2\hl2.exe ()
Shortcut: C:\Users\Halmr2\AppData\Local\Microsoft\Windows\GameExplorer\{06CDCCB5-63BA-4B3F-AECE-DABE82F57598}\PlayTasks\0\Play.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\TetraMaster\polboot.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\Users\Mcx1-HALMR2-PC\Desktop\FINAL FANTASY XI.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\FINAL FANTASY XI\polboot.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\Users\Mcx1-HALMR2-PC\Desktop\PlayOnline.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\PlayOnlineViewer\pol.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\Users\Public\Games\Cryptic Studios\FINAL FANTASY XI.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\FINAL FANTASY XI\polboot.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\Users\Public\Games\Cryptic Studios\PlayOnline.lnk -> C:\Program Files (x86)\PlayOnline\SquareEnix\PlayOnlineViewer\pol.exe (SQUARE ENIX CO., LTD.)
Shortcut: C:\Users\Public\Games\Cryptic Studios\Rise Of Nations.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\rise.exe (Big Huge Games, Inc.)
Shortcut: C:\Users\Public\Games\Cryptic Studios\Star Trek Online.lnk -> C:\Users\Public\Games\Cryptic Studios\Star Trek Online.exe ()
Shortcut: C:\Users\Public\Desktop\Adobe Reader XI.lnk -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\AVG 2014.lnk -> C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Public\Desktop\HitmanPro.lnk -> C:\Program Files\HitmanPro\HitmanPro.exe (SurfRight B.V.)
Shortcut: C:\Users\Public\Desktop\Logitech Webcam Software  .lnk -> C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe ()
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Public\Desktop\WinZip.lnk -> C:\Program Files (x86)\WinZip\WINZIP32.EXE (WinZip Computing, S.L.)
Shortcut: C:\Users\Public\Desktop\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
 
 
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Flash Cards Help.lnk -> C:\Windows\hh.exe (Microsoft Corporation) -> "C:\Program Files\TOSHIBA\FlashCards\Help\TFC.chm"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware) ->  /register
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager\Help.lnk -> C:\Program Files (x86)\Security Task Manager\Setup.exe (Neuber Software) -> -redirect taskman chm
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager\Manual.lnk -> C:\Program Files (x86)\Security Task Manager\Setup.exe (Neuber Software) -> -redirect manual pdf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime\Uninstall QuickTime.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {C9E14402-3631-4182-B377-6B0DFB1C0339} /qf
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Excel Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Excel Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Word Starter 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Word Starter 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Clip Organizer.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Clip Organizer 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office 2010 Upload Center.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office 2010 Upload Center 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Picture Manager.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Picture Manager 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)\Microsoft Office 2010 Tools\Microsoft Office Starter To-Go Device Manager 2010.lnk -> C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE (Microsoft Corporation) -> "Microsoft Office Starter To-Go Device Manager 2010 9014006604090000"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games\Rise Of Nations\Uninstall Rise Of Nations.lnk -> C:\Program Files (x86)\Microsoft Games\Rise of Nations\UNINSTAL.EXE (Microsoft Corporation) -> /runtemp
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro\Remove HitmanPro 3.7.lnk -> C:\Program Files\HitmanPro\HitmanPro.exe (SurfRight B.V.) -> /uninstall
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus NX400 Series\Buy Ink.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_IARNEGA.EXE (SEIKO EPSON CORPORATION) -> /T "MENU" /D "EPSON Stylus NX400 Series" /M "Stylus NX400" /A
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus NX400 Series\Driver Update.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_GUPA30.EXE (SEIKO EPSON CORPORATION) -> /P "EPSON Stylus NX400 Series" /D C:\windows\system32\spool\DRIVERS\x64\3\E_IVIFEGA.VIF
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus NX400 Series\EPSON Printer Software Uninstall.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_IINSEGA.EXE (SEIKO EPSON CORPORATION) -> /R /APD /P:"EPSON Stylus NX400 Series"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus NX400 Series\Online Support.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\windows\system32\spool\DRIVERS\x64\3\E_IGEPEGA.DLL,GE_OpenELINK "Stylus NX400" 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ENFUNS Updater\ENFUNS Updater Uninstall.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{626713B4-F070-4605-9DF6-31783A5AEAAE}\setup.exe" -l0x9
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Check for Updates.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Codec Settings.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=decoder
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\DivX Plus Converter.lnk -> C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe (DivX, Inc.) -> SW_SHOWNORMAL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus\Register.lnk -> C:\Program Files (x86)\DivX\DivX Control Panel\DivXControlPanelLauncher.exe (DivX, Inc.) -> /start=registration
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center\Help.lnk -> C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe (ATI Technologies Inc.) -> Start Help -help
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Best Buy pc app\Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft) -> "C:\ProgramData\Best Buy pc app\Best Buy pc app.application"
ShortcutWithArgument: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Audio).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:AD
ShortcutWithArgument: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Data).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:DD
ShortcutWithArgument: C:\Users\CJAY\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Image).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:ITD
ShortcutWithArgument: C:\Users\CJAY\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Audio).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:AD
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Data).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:DD
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Image).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:ITD
ShortcutWithArgument: C:\Users\Halmr2\Documents\DivX Plus Converter.lnk -> C:\Program Files (x86)\DivX\DivX Plus Converter\DivXConverterLauncher.exe (DivX, Inc.) -> SW_SHOWNORMAL
ShortcutWithArgument: C:\Users\Halmr2\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> -no-sandbox
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Yahoo!\Messenger\Shortcut\norman candelore.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) ->  ymsgr:sendim?curley1238
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) -> -hunter
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ->  -extoff
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\SendTo\Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.) -> /sendto:
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Audio).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:AD
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Data).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:DD
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Image).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:ITD
ShortcutWithArgument: C:\Users\Halmr2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk -> C:\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited) -> /advancedmode
ShortcutWithArgument: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Audio).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:AD
ShortcutWithArgument: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Data).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:DD
ShortcutWithArgument: C:\Users\Mcx1-HALMR2-PC\AppData\Roaming\Microsoft\Windows\SendTo\TOSHIBA Disc Creator(Image).lnk -> C:\Program Files (x86)\Toshiba\TOSHIBA Disc Creator\ToDisc.exe (TOSHIBA Corporation) -> /SendTo:ITD
 
 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts\SimCity™ Societies Destinations\Check for updates.url -> hxxp://simcity.ea.com/update/scs_update.php
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\DiskDefrag\Auslogics DiskDefrag on the Web.url -> hxxp://www.auslogics.com/en/software/disk-defrag
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics\DiskDefrag\Check Your PC Performance.url -> hxxp://www.auslogics.com/en/cpages/free-system-scan/?source=smenu&reason=disk-defrag
InternetURL: C:\Users\CJAY\Favorites\WildTangent Games\WildTangent Games.url -> hxxp://toshiba.wildgames.com/?mc=iefav&dp=toshibaus
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Deals and Offers.url -> hxxp://us.toshiba.com/adps/deals-and-offers
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Explore Toshiba.url -> hxxp://us.toshiba.com/
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Find Us on Twitter, Facebook, and YouTube.url -> hxxp://us.toshiba.com/social-media
InternetURL: C:\Users\CJAY\Favorites\Toshiba\QuickBooks® Online Banking.url -> hxxp://www.quickbooksdirect.com/tshboffer1
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Shop Toshiba.url -> hxxp://www.toshibadirect.com/
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Toshiba App Place.url -> hxxp://apps.toshiba.com/
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Toshiba Book Place.url -> hxxp://www.toshibabookplace.com/
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Toshiba Corporate Social Responsibility.url -> hxxp://us.toshiba.com/green
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Toshiba Laptop Forums.url -> hxxp://laptopforums.toshiba.com/
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Toshiba Online Backup.url -> hxxp://us.toshiba.com/online-backup
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Toshiba Product Registration.url -> hxxp://toshibaproductregistration.com/
InternetURL: C:\Users\CJAY\Favorites\Toshiba\Toshiba Support.url -> hxxp://pcsupport.toshiba.com/
InternetURL: C:\Users\CJAY\Favorites\Skype\Skype.url -> hxxp://www.skype.com/go/ToshibaTAIS
InternetURL: C:\Users\CJAY\Favorites\Links for United States\GobiernoUSA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\CJAY\Favorites\Links for United States\USA.gov.url -> hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\CJAY\Favorites\Links\Toshiba App Place.url -> hxxp://apps.toshiba.com/ie8webslice
InternetURL: C:\Users\CJAY\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
InternetURL: C:\Users\CJAY\Favorites\Links\WildTangent Games.url -> hxxp://www.wildtangent.com/webslice?dp=toshibaus
InternetURL: C:\Users\CJAY\Favorites\Internet Security\Your Security Center.url -> hxxp://us.toshiba.com/computers/research-center/for-home/cybercrime-news-by-norton
InternetURL: C:\Users\CJAY\Favorites\eMusic\eMusic.url -> hxxp://www.emusic.com/Toshiba
InternetURL: C:\Users\CJAY\Favorites\Amazon.com\Amazon MP3 – Millions of Music Downloads.url -> hxxp://www.amazon.com/b/?node=163856011&tag=tais2-bookmark-mp3-20
InternetURL: C:\Users\CJAY\Favorites\Amazon.com\Amazon Video On Demand Movies & TV.url -> hxxp://www.amazon.com/b/?node=16261631&tag=tais2-bookmark-vod-20
InternetURL: C:\Users\CJAY\Favorites\Amazon.com\Shop at Amazon.com.url -> hxxp://www.amazon.com/?tag=tais2-desktop-20
InternetURL: C:\Users\Halmr2\Favorites\Links\Web Slice Gallery.url -> hxxp://go.microsoft.com/fwlink/?LinkId=121315
 
==================== End of log =============================


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:09 PM

Posted 11 July 2014 - 10:58 AM

I see no serious issues in that report.

 

Download the Norton removal tool from here. Run the application to remove any remnant of the program.

 

Download the enclosed file. [attachment=152257:fixlist.txt]

 

Save it in the same location FRST is saved. Run FRST, except that this time around click on the Fix button and wait.

 

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.
 
What makes you believe the computer is infected?
 

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:01:09 PM

Posted 11 July 2014 - 11:36 AM

I will run the programs you have instructed me to run  the reason i think it is infected is everything is running slow and when i ran rogue killer it showed zeroacccess and in several different files when i rebooted and ran it again it appeared again in different location and finally i ran combofix and ran superanti spuerant said i had zbot virus that it deleted , i will begin to run the steps you gave me and post them back as fast as possiblei thank you for all you can do and assist me in, Frank



#6 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:01:09 PM

Posted 11 July 2014 - 12:00 PM

Here is the frst and firstlog i have pasted them below, Sincerely Frankp747

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-07-2014
Ran by Halmr2 (administrator) on IRENESCOMPUTER on 11-07-2014 12:52:46
Running from C:\Users\Halmr2\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Affinegy, Inc.) C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Safer-Networking Ltd.) C:\Spybot - Search & Destroy\TeaTimer.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Sony Computer Entertainment Inc.) C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588456 2010-11-11] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2011-07-06] (Apple Inc.)
HKLM-x32\...\Run: [InstaLAN] => C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe [2015136 2011-05-27] (Affinegy, Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1259376 2011-07-28] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [205336 2011-11-11] (Logitech Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKU\S-1-5-21-3904140959-3754442933-390101978-1001\...\Run: [SpybotSD TeaTimer] => C:\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3904140959-3754442933-390101978-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Content Manager Assistant for PlayStation®.lnk
ShortcutTarget: Content Manager Assistant for PlayStation®.lnk -> C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe (Sony Computer Entertainment Inc.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=UP22&ocid=UP22DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.toshiba.com/
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {22E5305A-D3EA-4C5E-A994-F55251800629} URL = http://www.mysearchresults.com/search?&c=2641&t=03&q={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: No Name - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -  No File
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\Halmr2\AppData\Roaming\Mozilla\Firefox\Profiles\hdbgbxgn.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Halmr2\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011-10-26]
 
Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: google.com.ph
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-05]
CHR Extension: (Google Drive) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-11]
CHR Extension: (Google Search) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-11]
CHR Extension: (Google Wallet) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2012-06-11]
CHR Extension: (Gmail) - C:\Users\Halmr2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-11]
CHR HKCU\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\Halmr2\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx [2012-06-11]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-05-23]
CHR HKLM-x32\...\Chrome\Extension: [oajgghejjpgkmpgbchgjieahoefimdle] - C:\Users\Halmr2\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx [2011-05-23]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 AffinegyService; C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe [562592 2011-05-27] (Affinegy, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-10-08] (Advanced Micro Devices, Inc.) [File not signed]
S2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S2 SBSDWSCService; E:\Spybot - Search & Destroy\SDWinSec.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [128200 2014-04-23] (Qualcomm Atheros Co., Ltd.)
S3 mbamchameleon; C:\windows\system32\drivers\mbamchameleon.sys [92888 2014-07-09] (Malwarebytes Corporation)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [3073752 2014-04-23] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
U3 TrueSight; C:\Windows\SysWOW64\drivers\TrueSight.sys [29696 2014-07-10] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 ccEvtMgr; 
U2 ccSetMgr; 
U3 navapsvc; 
U3 SAVRT; 
U1 SAVRTPEL; 
U4 TlntSvr; 
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-11 12:52 - 2014-07-11 12:53 - 00021138 _____ () C:\Users\Halmr2\Desktop\FRST.txt
2014-07-11 12:46 - 2014-07-11 12:46 - 00000000 ____H () C:\ProgramData\cm-lock
2014-07-11 12:38 - 2014-07-11 12:38 - 00000471 _____ () C:\Users\Halmr2\Desktop\TODAY.txt
2014-07-11 12:37 - 2014-07-11 12:37 - 00000043 _____ () C:\Users\Halmr2\Desktop\fixlist.txt
2014-07-11 12:29 - 2014-07-11 12:30 - 00869456 _____ () C:\Users\Halmr2\Downloads\Norton_Removal_Tool.exe
2014-07-11 04:14 - 2014-07-11 04:14 - 00000000 ____D () C:\Users\Halmr2\Desktop\BLEEPING COMPUTER FIX DATA
2014-07-11 03:53 - 2014-07-11 12:52 - 00000000 ____D () C:\FRST
2014-07-11 03:22 - 2014-07-11 03:23 - 02084864 _____ (Farbar) C:\Users\Halmr2\Desktop\FRST64.exe
2014-07-11 03:12 - 2014-07-11 04:16 - 00000000 ____D () C:\Users\Halmr2\Desktop\desktop flies
2014-07-10 17:10 - 2014-07-10 17:14 - 00398683 _____ () C:\Users\Halmr2\Downloads\RogueKillerX64.exe
2014-07-10 14:07 - 2014-07-10 14:07 - 00000000 ____D () C:\SUPERDelete
2014-07-10 13:40 - 2014-07-10 13:40 - 00001904 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-10 13:40 - 2014-07-10 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-10 13:40 - 2014-07-10 13:40 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-10 13:31 - 2014-07-10 16:22 - 11185664 _____ (SurfRight B.V.) C:\Users\Halmr2\Downloads\HitmanPro_x64.exe
2014-07-09 21:50 - 2014-07-10 13:39 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-09 18:52 - 2014-07-09 19:00 - 00000000 ____D () C:\Users\Halmr2\Desktop\slam
2014-07-09 18:02 - 2014-07-11 02:53 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-09 18:02 - 2014-07-09 19:01 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-09 18:02 - 2014-07-09 18:02 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-09 18:02 - 2014-07-09 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-09 18:02 - 2014-07-09 18:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-09 18:02 - 2014-05-12 07:35 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-09 18:02 - 2014-05-12 07:35 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-09 17:20 - 2014-07-09 18:01 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Halmr2\Downloads\mbam-setup.exe
2014-07-09 17:00 - 2014-07-09 17:08 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Halmr2\Downloads\explorer.exe.exe
2014-07-09 12:15 - 2014-07-09 12:15 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-07-09 10:43 - 2014-07-09 10:43 - 00029160 _____ () C:\ComboFix.txt
2014-07-09 10:29 - 2014-07-09 10:29 - 00000000 _____ () C:\windows\SysWOW64\sho4AAB.tmp
2014-07-09 10:00 - 2011-06-26 02:45 - 00256000 _____ () C:\windows\PEV.exe
2014-07-09 10:00 - 2010-11-07 13:20 - 00208896 _____ () C:\windows\MBR.exe
2014-07-09 10:00 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00098816 _____ () C:\windows\sed.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00080412 _____ () C:\windows\grep.exe
2014-07-09 10:00 - 2000-08-30 20:00 - 00068096 _____ () C:\windows\zip.exe
2014-07-09 09:59 - 2014-07-09 10:43 - 00000000 ____D () C:\Qoobox
2014-07-09 09:57 - 2014-07-09 10:37 - 00000000 ____D () C:\windows\erdnt
2014-07-09 09:43 - 2014-07-09 09:50 - 05216105 ____R (Swearware) C:\Users\Halmr2\Desktop\ComboFix.exe
2014-07-09 09:20 - 2014-07-10 15:49 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00269080 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-06-12 11:13 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-12 11:13 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-12 11:13 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-06-12 11:13 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-12 11:13 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-06-12 11:13 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-12 11:13 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-06-12 11:13 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-12 11:13 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-12 11:13 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-06-12 11:13 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-06-12 11:13 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-06-12 11:13 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-06-12 11:13 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-12 11:13 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-12 11:13 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-12 11:13 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-12 11:13 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-12 11:13 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 11:13 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-12 11:13 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-12 11:13 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-06-12 11:13 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-12 11:13 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-12 11:13 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-06-12 11:13 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-12 11:13 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-12 11:13 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-12 11:13 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-12 11:13 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-06-12 11:13 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-12 11:13 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-06-12 11:13 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-06-12 11:13 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-06-12 11:13 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-12 11:13 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-12 11:13 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 11:13 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-12 11:13 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-12 11:13 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-12 11:13 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-12 11:13 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-12 11:13 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-12 11:13 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-06-12 11:13 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-12 11:13 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-12 11:13 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-12 11:13 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-12 11:13 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-12 11:13 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-12 11:13 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-06-12 11:13 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-06-12 10:21 - 2014-07-11 12:46 - 00010906 _____ () C:\windows\PFRO.log
2014-06-12 10:21 - 2014-07-11 12:46 - 00001960 _____ () C:\windows\setupact.log
2014-06-12 10:21 - 2014-06-12 10:21 - 00000000 _____ () C:\windows\setuperr.log
2014-06-12 10:21 - 2014-06-12 10:21 - 00000000 _____ () C:\asc_rdflag
2014-06-12 09:07 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2014-06-12 09:07 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2014-06-12 09:06 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll
2014-06-12 09:06 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll
2014-06-12 09:06 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-12 09:06 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 09:00 - 2014-05-08 05:32 - 03178496 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-12 09:00 - 2014-05-08 05:32 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-12 09:00 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2014-06-12 09:00 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-12 09:00 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2014-06-12 09:00 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2014-06-12 09:00 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2014-06-12 09:00 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-12 09:00 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2014-06-12 09:00 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
 
==================== One Month Modified Files and Folders =======
 
2014-07-11 12:53 - 2014-07-11 12:52 - 00021138 _____ () C:\Users\Halmr2\Desktop\FRST.txt
2014-07-11 12:52 - 2014-07-11 03:53 - 00000000 ____D () C:\FRST
2014-07-11 12:48 - 2011-07-12 14:23 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-11 12:46 - 2014-07-11 12:46 - 00000000 ____H () C:\ProgramData\cm-lock
2014-07-11 12:46 - 2014-06-12 10:21 - 00010906 _____ () C:\windows\PFRO.log
2014-07-11 12:46 - 2014-06-12 10:21 - 00001960 _____ () C:\windows\setupact.log
2014-07-11 12:46 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-11 12:45 - 2012-03-30 23:41 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-11 12:44 - 2011-07-12 13:49 - 01840670 _____ () C:\windows\WindowsUpdate.log
2014-07-11 12:43 - 2011-07-12 14:18 - 00000000 ____D () C:\ProgramData\Norton
2014-07-11 12:43 - 2011-07-12 14:18 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-11 12:39 - 2013-11-05 17:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-11 12:38 - 2014-07-11 12:38 - 00000471 _____ () C:\Users\Halmr2\Desktop\TODAY.txt
2014-07-11 12:37 - 2014-07-11 12:37 - 00000043 _____ () C:\Users\Halmr2\Desktop\fixlist.txt
2014-07-11 12:30 - 2014-07-11 12:29 - 00869456 _____ () C:\Users\Halmr2\Downloads\Norton_Removal_Tool.exe
2014-07-11 12:04 - 2011-07-12 14:23 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-11 11:54 - 2009-07-14 00:45 - 00024944 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-11 11:54 - 2009-07-14 00:45 - 00024944 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-11 05:17 - 2009-07-14 01:13 - 00800796 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-11 04:16 - 2014-07-11 03:12 - 00000000 ____D () C:\Users\Halmr2\Desktop\desktop flies
2014-07-11 04:14 - 2014-07-11 04:14 - 00000000 ____D () C:\Users\Halmr2\Desktop\BLEEPING COMPUTER FIX DATA
2014-07-11 03:23 - 2014-07-11 03:22 - 02084864 _____ (Farbar) C:\Users\Halmr2\Desktop\FRST64.exe
2014-07-11 02:57 - 2013-11-12 15:39 - 00000000 ____D () C:\Users\CJAY
2014-07-11 02:57 - 2012-04-30 06:14 - 00000000 ____D () C:\Users\Mcx1-HALMR2-PC
2014-07-11 02:53 - 2014-07-09 18:02 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 17:14 - 2014-07-10 17:10 - 00398683 _____ () C:\Users\Halmr2\Downloads\RogueKillerX64.exe
2014-07-10 16:22 - 2014-07-10 13:31 - 11185664 _____ (SurfRight B.V.) C:\Users\Halmr2\Downloads\HitmanPro_x64.exe
2014-07-10 15:49 - 2014-07-09 09:20 - 00029696 _____ () C:\windows\SysWOW64\Drivers\TrueSight.sys
2014-07-10 14:55 - 2012-03-30 23:41 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-10 14:54 - 2012-03-30 23:40 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-10 14:54 - 2011-10-21 18:14 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-10 14:07 - 2014-07-10 14:07 - 00000000 ____D () C:\SUPERDelete
2014-07-10 14:07 - 2014-04-22 12:59 - 00000000 ____D () C:\Users\Halmr2\AppData\Roaming\IObit
2014-07-10 13:40 - 2014-07-10 13:40 - 00001904 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-07-10 13:40 - 2014-07-10 13:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-07-10 13:40 - 2014-07-10 13:40 - 00000000 ____D () C:\Program Files\HitmanPro
2014-07-10 13:39 - 2014-07-09 21:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-07-09 19:01 - 2014-07-09 18:02 - 00092888 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-09 19:00 - 2014-07-09 18:52 - 00000000 ____D () C:\Users\Halmr2\Desktop\slam
2014-07-09 18:02 - 2014-07-09 18:02 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-09 18:02 - 2014-07-09 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-09 18:02 - 2014-07-09 18:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-09 18:02 - 2013-12-05 16:54 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-09 18:01 - 2014-07-09 17:20 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Halmr2\Downloads\mbam-setup.exe
2014-07-09 17:08 - 2014-07-09 17:00 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Halmr2\Downloads\explorer.exe.exe
2014-07-09 14:08 - 2014-05-06 10:22 - 00000000 ____D () C:\Users\Halmr2\Desktop\Contractual Agrrement 1
2014-07-09 13:38 - 2011-07-12 14:23 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-09 13:35 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-09 13:33 - 2014-05-08 14:54 - 00000000 ____D () C:\Users\Halmr2\AppData\Roaming\WildTangent
2014-07-09 13:33 - 2014-05-08 14:54 - 00000000 ____D () C:\ProgramData\WildTangent
2014-07-09 13:33 - 2014-05-08 14:54 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-07-09 13:32 - 2014-05-08 14:38 - 00000000 ____D () C:\ProgramData\Big Fish
2014-07-09 13:32 - 2014-05-08 14:07 - 00000000 ____D () C:\BigFishCache
2014-07-09 12:15 - 2014-07-09 12:15 - 00000000 ____D () C:\windows\Tasks\ImCleanDisabled
2014-07-09 11:15 - 2014-03-14 01:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-09 11:15 - 2013-12-05 05:30 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-09 10:43 - 2014-07-09 10:43 - 00029160 _____ () C:\ComboFix.txt
2014-07-09 10:43 - 2014-07-09 09:59 - 00000000 ____D () C:\Qoobox
2014-07-09 10:43 - 2009-07-13 23:20 - 00000000 __RHD () C:\Users\Default
2014-07-09 10:37 - 2014-07-09 09:57 - 00000000 ____D () C:\windows\erdnt
2014-07-09 10:31 - 2009-07-13 22:34 - 00000215 _____ () C:\windows\system.ini
2014-07-09 10:29 - 2014-07-09 10:29 - 00000000 _____ () C:\windows\SysWOW64\sho4AAB.tmp
2014-07-09 10:29 - 2009-07-13 22:34 - 78118912 _____ () C:\windows\system32\config\software.bak
2014-07-09 10:29 - 2009-07-13 22:34 - 17301504 _____ () C:\windows\system32\config\system.bak
2014-07-09 10:29 - 2009-07-13 22:34 - 05767168 _____ () C:\windows\system32\config\default.bak
2014-07-09 10:29 - 2009-07-13 22:34 - 00098304 _____ () C:\windows\system32\config\sam.bak
2014-07-09 10:29 - 2009-07-13 22:34 - 00028672 _____ () C:\windows\system32\config\security.bak
2014-07-09 10:28 - 2014-05-23 05:44 - 44040192 _____ () C:\windows\system32\config\components.bak
2014-07-09 09:50 - 2014-07-09 09:43 - 05216105 ____R (Swearware) C:\Users\Halmr2\Desktop\ComboFix.exe
2014-07-09 09:18 - 2013-11-15 05:58 - 00000000 ____D () C:\Users\Halmr2\Desktop\FULL spyware antivurus rootkit FLIES
2014-07-02 12:27 - 2013-11-08 17:27 - 00000000 ____D () C:\Users\Halmr2\AppData\Roaming\uTorrent
2014-06-29 10:34 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache
2014-06-29 10:22 - 2014-05-27 08:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 12:59 - 2011-07-12 14:23 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-22 12:59 - 2011-07-12 14:23 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-20 14:22 - 2013-10-15 05:17 - 00000000 ____D () C:\Users\Halmr2\AppData\Roaming\vlc
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00269080 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgtdia.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-06-12 10:30 - 2013-11-08 19:23 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-06-12 10:21 - 2014-06-12 10:21 - 00000000 _____ () C:\windows\setuperr.log
2014-06-12 10:21 - 2014-06-12 10:21 - 00000000 _____ () C:\asc_rdflag
2014-06-12 10:15 - 2013-11-06 13:09 - 00000000 ____D () C:\windows\system32\MRT
2014-06-12 10:05 - 2013-11-11 09:02 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-06-12 10:03 - 2014-05-01 12:16 - 00000000 ___SD () C:\windows\system32\CompatTel
2014-06-12 09:05 - 2011-09-22 23:39 - 00000000 ____D () C:\Users\Halmr2
2014-06-12 08:44 - 2013-11-06 22:33 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
 
Some content of TEMP:
====================
C:\Users\Halmr2\AppData\Local\Temp\HitmanPro.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-09 07:37
 
==================== End Of Log ============================
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-07-2014
Ran by Halmr2 at 2014-07-11 12:55:28 Run:1
Running from C:\Users\Halmr2\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
C:\windows\SysWOW64\sho4AAB.tmp
End
*****************
 
C:\windows\SysWOW64\sho4AAB.tmp => Moved successfully.
 
==== End of Fixlog ====


#7 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:09 PM

Posted 11 July 2014 - 04:11 PM

Lets run a few program to remove any crapware from your computer.

 

Please remove Spybot Search and destroy. It wont protect your computer, but it will interfere with our tools.
 
Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.  Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

5350-113-187993.png

  • Then click on Change parameters in TDSSKiller.
  • Another window will appear.
  • Check all boxes then click OK.
  • Click the Start Scan button.

19695967.jpg

  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

67776163.jpg

  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.

Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
62117367.jpg
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

Download AdwCleaner from here or from here. Save the file to the desktop.

NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
 
Close all open windows and browsers.

  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.

You will see the following console:
 
AdwScan.jpg?

  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

adwcleaner_delete_restart.jpg

  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

 

Launch, update and scan the computer with Malwarebytes Antimalware

  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click on Quanrantee All,.
  • When disinfection is completed, a dialog will open and you may be prompted to Restart.(See Extra Note)
  • Upon restart, launch Malwarebytes Antimalware and select History.
  • Double click on the last scan done, then on Copy to Clipboard.
  • Right click on your next reply and select Paste.
  • Submit your reply.

Extra Note:
 
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:09 PM

Posted 13 July 2014 - 05:40 PM

Attaching logs.


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:09 PM

Posted 13 July 2014 - 05:44 PM

All logs seem clear.
 
Lets remove the tools we've used during the cleaning your machine and their quarantine.

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg
  • Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply

 

How is the computer doing?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#10 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:01:09 PM

Posted 14 July 2014 - 12:40 AM

Hi JSntgRvr it seems to be running way way better then before thanks again , i see that i get google is running with no sandbox  i will have to keep watching it and i did use the usb drive to send the report from another laptop would that laptop have any issues from the previously infected laptopit is running slow and i get  the webpage error , Sincerely FrankP



#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:09 PM

Posted 14 July 2014 - 09:55 AM

If you want we can check the other laptop.

 

On the other laptop, 

 
Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt and Shortcut.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another two logs (Addition.txt and Shortcut.txt). Please attach these to your reply.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:01:09 PM

Posted 14 July 2014 - 02:08 PM

Hi JSntgRvr Below are the Fabar logs all three First.txt, Additional.txt and shortcut.txt , Sincerely, Thank You again for all the help ,Frankp747

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-07-2014 01

Ran by Demo (administrator) on TOSHIBA on 15-07-2014 02:54:10
Running from C:\Users\Demo\Desktop
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Logixoft) C:\ProgramData\rvlkl\rvlkl.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcfgex.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-12] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] ()
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6883840 2012-09-07] (Pegatron Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-27] (Intel Corporation)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5179408 2014-06-17] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1552949541-214845929-2206156295-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6564120 2014-06-22] (SUPERAntiSpyware)
HKU\S-1-5-21-1552949541-214845929-2206156295-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
ShortcutTarget: rvlkl.lnk -> C:\ProgramData\rvlkl\rvlkl.exe (Logixoft)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATPJS
SearchScopes: HKLM - {B688E4F4-2169-400E-AE44-F33B9CF08476} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATPJS
SearchScopes: HKLM - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATPJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {B688E4F4-2169-400E-AE44-F33B9CF08476} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATPJS
SearchScopes: HKLM-x32 - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATPJS
SearchScopes: HKCU - {B688E4F4-2169-400E-AE44-F33B9CF08476} URL = 
SearchScopes: HKCU - {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = http://search.yahoo.com/search?p={searchTerms}&fr=mkg028
SearchScopes: HKCU - {F4ED0519-C584-4DDA-BE93-FA0B93D040F6} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATPJS
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{02AF2210-218D-4CE4-971F-5EA4DF473F7A}: [NameServer]8.8.8.8
 
FireFox:
========
FF ProfilePath: C:\Users\Demo\AppData\Roaming\Mozilla\Firefox\Profiles\pb0j2syr.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
Chrome: 
=======
CHR DefaultSearchKeyword: google.com.ph
CHR Extension: (Google Docs) - C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-15]
CHR Extension: (Google Drive) - C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-15]
CHR Extension: (YouTube) - C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-15]
CHR Extension: (Google Search) - C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-15]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd [2014-07-15]
CHR Extension: (Google Wallet) - C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-15]
CHR Extension: (Gmail) - C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-15]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx [2014-04-21]
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-06-17] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3241488 2014-06-27] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-06-17] (AVG Technologies CZ, s.r.o.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-25] (WildTangent)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-14] () [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-28] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-26] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-06] (IObit)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72512 2013-12-09] (IObit)
R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214488 2012-08-11] (TOSHIBA CORPORATION)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [274712 2014-05-14] (AVG Technologies CZ, s.r.o.)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HssDRV6; C:\Windows\system32\DRIVERS\hssdrv6.sys [44744 2014-03-25] (AnchorFree Inc.)
R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-12] (PEGATRON)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [28416 2008-04-16] (Research In Motion Limited)
S3 RTL8192Ce; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-04-21] (Realtek Semiconductor Corporation                           )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-04-21] (Realtek Semiconductor Corporation                           )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-03-25] (Anchorfree Inc.)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [131520 2012-08-11] (TOSHIBA CORPORATION)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-08-01] (Windows ® Win 7 DDK provider)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-07-15 02:54 - 2014-07-15 02:54 - 00017883 _____ () C:\Users\Demo\Desktop\FRST.txt
2014-07-15 02:53 - 2014-07-15 02:54 - 00000000 ____D () C:\FRST
2014-07-15 02:44 - 2014-07-15 02:50 - 02086912 _____ (Farbar) C:\Users\Demo\Desktop\FRST64.exe
2014-07-14 22:53 - 2014-07-14 22:56 - 44802501 _____ () C:\Users\Demo\Downloads\Candy Crush Saga v1.19.0 - SUPER MOD.apk
2014-07-14 10:27 - 2014-07-14 10:27 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-07-14 10:27 - 2014-07-14 10:27 - 00000000 ____D () C:\Program Files\Realtek
2014-07-14 10:26 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2014-07-14 10:26 - 2014-05-14 16:00 - 01099203 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2014-07-14 10:26 - 2014-05-12 20:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoRes64.dat
2014-07-14 10:26 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2014-07-14 10:26 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2014-07-14 10:26 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2014-07-14 10:26 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2014-07-14 10:26 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2014-07-14 10:26 - 2014-04-17 17:42 - 01168472 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO5064.dll
2014-07-14 10:26 - 2014-04-17 17:42 - 01136728 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO4064.dll
2014-07-14 10:26 - 2014-04-10 12:20 - 01934424 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek264.dll
2014-07-14 10:26 - 2014-04-10 12:19 - 28343384 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioVnA64.dll
2014-07-14 10:26 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioRealtek64.dll
2014-07-14 10:26 - 2014-04-10 12:19 - 03959384 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioVnN64.dll
2014-07-14 10:26 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\windows\system32\WavesGUILib64.dll
2014-07-14 10:26 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioEQ64.dll
2014-07-14 10:26 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPOShell64.dll
2014-07-14 10:26 - 2014-04-10 12:19 - 00900696 _____ (Waves Audio Ltd.) C:\windows\SysWOW64\MaxxAudioAPOShell.dll
2014-07-14 10:26 - 2014-04-09 16:39 - 00942384 _____ (Nahimic Inc) C:\windows\system32\NAHIMICAPOSettingsIPC.dll
2014-07-14 10:26 - 2014-04-09 16:38 - 05751048 _____ (Nahimic Inc) C:\windows\system32\NAHIMICAPOlfx.dll
2014-07-14 10:26 - 2014-03-19 19:19 - 00956504 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVoiceAPO2064.dll
2014-07-14 10:26 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2014-07-14 10:26 - 2014-03-05 05:11 - 01048824 _____ (SRS Labs, Inc.) C:\windows\system32\slcnt64.dll
2014-07-14 10:26 - 2014-03-05 05:11 - 00889592 _____ (DTS, Inc.) C:\windows\system32\sl3apo64.dll
2014-07-14 10:26 - 2014-03-05 05:11 - 00724728 _____ (DTS, Inc.) C:\windows\system32\sltech64.dll
2014-07-14 10:26 - 2014-03-05 05:11 - 00246008 _____ (TODO: <Company name>) C:\windows\system32\slprp64.dll
2014-07-14 10:26 - 2014-02-06 11:28 - 05804772 _____ () C:\windows\system32\Drivers\rtvienna.dat
2014-07-14 10:26 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxSpeechAPO64.dll
2014-07-14 10:26 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2014-07-14 10:26 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\windows\system32\SFSS_APO.dll
2014-07-14 10:26 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxVolumeSDAPO.dll
2014-07-14 10:26 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO30.dll
2014-07-14 10:26 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\windows\system32\tossaeapo64.dll
2014-07-14 10:26 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\windows\system32\toseaeapo64.dll
2014-07-14 10:26 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\windows\system32\tosasfapo64.dll
2014-07-14 10:26 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\windows\system32\MISS_APO.dll
2014-07-14 10:26 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\windows\system32\R4EEP64A.dll
2014-07-14 10:26 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\windows\system32\R4EED64A.dll
2014-07-14 10:26 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\windows\system32\R4EEL64A.dll
2014-07-14 10:26 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\windows\system32\R4EEA64A.dll
2014-07-14 10:26 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\windows\system32\R4EEG64A.dll
2014-07-14 10:26 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\windows\system32\tadefxapo264.dll
2014-07-14 10:26 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\windows\system32\tepeqapo64.dll
2014-07-14 10:26 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtlCPAPI64.dll
2014-07-14 10:26 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCoLDR64.dll
2014-07-14 10:26 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\windows\system32\SFNHK64.dll
2014-07-14 10:26 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\windows\system32\SFCOM64.dll
2014-07-14 10:26 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\windows\system32\SFAPO64.dll
2014-07-14 10:26 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\windows\system32\KAAPORT64.dll
2014-07-14 10:26 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\windows\system32\tosade.dll
2014-07-14 10:26 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\windows\system32\tadefxapo.dll
2014-07-14 10:26 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEP64A.dll
2014-07-14 10:26 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DHT64.dll
2014-07-14 10:26 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RP3DAA64.dll
2014-07-14 10:26 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEED64A.dll
2014-07-14 10:26 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEL64A.dll
2014-07-14 10:26 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\windows\system32\RTEEG64A.dll
2014-07-14 10:26 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkCfg64.dll
2014-07-14 10:26 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\windows\system32\MaxxAudioAPO20.dll
2014-07-14 10:26 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\windows\SysWOW64\SFCOM.dll
2014-07-14 10:26 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSX64.dll
2014-07-14 10:26 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\windows\system32\SRSTSH64.dll
2014-07-14 10:26 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\windows\system32\SRSHP64.dll
2014-07-14 10:26 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\windows\system32\SRSWOW64.dll
2014-07-14 10:25 - 2014-05-02 11:19 - 00033592 _____ () C:\windows\system32\audioLibVc.dll
2014-07-14 10:25 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\windows\system32\DDPP64A.dll
2014-07-14 10:25 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\windows\system32\DDPD64A.dll
2014-07-14 10:25 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\windows\system32\DDPO64A.dll
2014-07-14 10:25 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\windows\system32\DDPA64.dll
2014-07-14 10:25 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2014-07-14 10:25 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2014-07-14 10:25 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-07-14 10:25 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\windows\system32\DTSU2PLFX64.dll
2014-07-14 10:25 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\windows\system32\DTSU2PGFX64.dll
2014-07-14 10:25 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\windows\system32\DTSU2PREC64.dll
2014-07-14 10:25 - 2013-06-21 11:01 - 00109848 _____ () C:\windows\system32\AcpiServiceVnA64.dll
2014-07-14 10:25 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAR64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\windows\system32\DTSS2SpeakerDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\windows\system32\DTSS2HeadphoneDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\windows\system32\DTSBoostDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\windows\system32\DTSBassEnhancementDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\windows\system32\DTSSymmetryDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\windows\system32\DTSVoiceClarityDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\windows\system32\DTSNeoPCDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\windows\system32\DTSLimiterDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\windows\system32\DTSGainCompensatorDLL64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\windows\system32\DTSLFXAPO64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\windows\system32\DTSGFXAPO64.dll
2014-07-14 10:25 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\windows\system32\DTSGFXAPONS64.dll
2014-07-13 11:17 - 2014-07-13 11:17 - 00001730 _____ () C:\Users\Demo\Documents\boloa.txt
2014-07-13 01:23 - 2014-07-13 01:23 - 00281088 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-13 01:08 - 2014-07-13 01:08 - 00869456 _____ () C:\Users\Demo\Downloads\Norton_Removal_Tool.exe
2014-07-13 00:45 - 2014-07-13 00:47 - 01348263 _____ () C:\Users\Demo\Downloads\AdwCleaner (1).exe
2014-07-12 16:38 - 2014-07-14 11:07 - 377284766 _____ () C:\Users\Demo\Downloads\Bugs Bunny - Lost In Time.exe
2014-07-12 16:31 - 2014-07-13 07:52 - 77027164 _____ () C:\Users\Demo\Downloads\Bugs Bunny - Hillbilly Hare.mpg
2014-07-11 15:50 - 2014-07-11 15:58 - 10293356 _____ () C:\Users\Demo\Desktop\James_Ingram_-_Theres_no_easy_way_Lyrics.mp4
2014-07-11 15:39 - 2014-06-19 10:12 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-11 15:39 - 2014-06-19 10:12 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-11 15:39 - 2014-06-19 10:12 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-07-11 15:39 - 2014-06-19 10:12 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-07-11 15:39 - 2014-06-19 10:12 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-11 15:39 - 2014-06-19 10:11 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-11 15:39 - 2014-06-19 10:11 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-11 15:39 - 2014-06-19 10:11 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-07-11 15:39 - 2014-06-19 10:10 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-11 15:39 - 2014-06-19 10:09 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-11 15:39 - 2014-06-19 08:53 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-11 15:39 - 2014-06-19 08:53 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-11 15:39 - 2014-06-19 08:53 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-11 15:39 - 2014-06-19 08:53 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-11 15:39 - 2014-06-19 08:53 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-11 15:39 - 2014-06-19 08:53 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-11 15:39 - 2014-06-19 08:53 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-11 15:39 - 2014-06-19 08:52 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-07-11 15:39 - 2014-06-19 08:52 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-11 15:38 - 2014-06-19 10:10 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-11 15:38 - 2014-06-19 10:10 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-11 15:38 - 2014-06-19 08:52 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-11 15:38 - 2014-06-19 08:52 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-11 15:38 - 2014-06-19 08:33 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-11 15:38 - 2014-06-19 08:30 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-11 15:38 - 2014-06-19 06:05 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-07-11 12:08 - 2014-05-03 14:34 - 06974808 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2014-07-11 12:08 - 2014-05-03 14:33 - 01824808 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2014-07-11 12:08 - 2014-05-03 12:51 - 01408976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2014-07-11 12:08 - 2014-05-02 06:37 - 01023488 _____ (Microsoft Corporation) C:\windows\system32\localspl.dll
2014-07-11 12:08 - 2014-04-30 06:32 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\Robocopy.exe
2014-07-11 12:08 - 2014-04-30 06:32 - 00106496 _____ (Microsoft Corporation) C:\windows\SysWOW64\Robocopy.exe
2014-07-11 12:08 - 2014-04-24 07:51 - 00566784 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-07-11 12:08 - 2014-04-24 07:51 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-11 12:08 - 2014-04-24 07:38 - 00693760 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-07-11 12:08 - 2014-04-24 07:38 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-11 12:08 - 2014-02-08 12:34 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
2014-07-11 10:57 - 2014-05-30 07:31 - 00452608 _____ (Microsoft Corporation) C:\windows\SysWOW64\SHCore.dll
2014-07-11 10:57 - 2014-05-30 07:03 - 00588288 _____ (Microsoft Corporation) C:\windows\system32\SHCore.dll
2014-07-11 10:57 - 2014-05-30 07:02 - 01281536 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-11 10:57 - 2014-05-30 07:02 - 00439808 _____ (Microsoft Corporation) C:\windows\system32\lsm.dll
2014-07-11 10:20 - 2014-06-03 06:33 - 00265216 _____ (Microsoft Corporation) C:\windows\system32\InkEd.dll
2014-07-11 10:07 - 2014-06-18 07:27 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-11 10:07 - 2014-06-18 07:24 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-11 10:07 - 2014-06-11 12:18 - 04038144 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-11 09:18 - 2014-05-30 06:24 - 00576512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-11 09:14 - 2014-06-06 22:06 - 00596480 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-11 09:14 - 2014-06-06 18:17 - 00497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-11 00:01 - 2014-07-11 00:01 - 00000000 ____D () C:\Users\Demo\Downloads\Let Me In (2011)
2014-07-10 23:46 - 2014-07-11 04:01 - 00000000 ____D () C:\Users\Demo\Downloads\Sabotage.2014.HDRip.XviD-AQOS
2014-07-10 23:15 - 2014-07-10 23:19 - 00000000 ____D () C:\Users\Demo\Downloads\Sabotage.2014.HDRip.XviD.AC3-EVO
2014-07-10 19:45 - 2014-07-10 19:45 - 00000000 ____D () C:\Users\Demo\Downloads\Pocahontas (1995)
2014-07-09 06:49 - 2014-07-09 06:58 - 09222317 _____ () C:\Users\Demo\Desktop\Feeder_Buck_Rogers.mp4
2014-07-09 06:16 - 2014-07-09 06:16 - 1049747105 _____ () C:\Users\Demo\Downloads\[ www.UsaBit.com ] - Heartbreak Ridge 1986 720p BRRip x264-PLAYNOW.mp4
2014-07-09 02:10 - 2014-07-09 02:10 - 00000000 ____D () C:\Users\Demo\AppData\Local\Adobe
2014-07-08 20:39 - 2014-07-08 23:12 - 1093444132 _____ () C:\Users\Demo\Downloads\Maleficent.2014.CAM.XviD.mkv
2014-07-08 14:14 - 2014-07-14 11:07 - 00000000 ____D () C:\Users\Demo\Downloads\Behind Enemy Lines (2001)
2014-07-08 09:01 - 2014-07-11 18:46 - 00000000 ____D () C:\Users\Demo\Downloads\Dawn of the Dead (2004)
2014-07-08 08:51 - 2014-07-08 09:06 - 00000000 ____D () C:\Users\Demo\Downloads\The Beyond 1981 - Lucio Fulci (GRINDHOUSE) DVDrip
2014-07-08 07:51 - 2014-07-08 08:12 - 00000000 ____D () C:\Users\Demo\Downloads\Maleficent 2014 CAM WATERMARK REMOVED x264 Pimp4003
2014-07-08 06:16 - 2014-07-11 18:46 - 00000000 ____D () C:\Users\Demo\Downloads\Peter Pan (1953)
2014-07-07 18:15 - 2014-07-07 18:39 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Demo\Downloads\64bit_Win7_Win8_Win81_R275.exe
2014-07-07 15:12 - 2014-07-07 15:12 - 00000000 ____D () C:\Users\Demo\Downloads\Tangled (2010)
2014-07-07 13:38 - 2014-07-14 18:59 - 00000000 ____D () C:\Users\Demo\Downloads\Bambi (1942)
2014-07-07 13:21 - 2014-07-07 13:21 - 00000000 ____D () C:\Users\Demo\Downloads\The Little Mermaid (1989)
2014-07-07 04:01 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\Beauty and the Beast (1991)
2014-07-07 01:45 - 2014-07-07 01:45 - 00000000 ____D () C:\Users\Demo\Downloads\Ever After - A Cinderella Story (1998) [PROPER] DVDRip WS XviD
2014-07-06 22:51 - 2014-07-06 22:51 - 75112584 _____ () C:\Users\Demo\Downloads\Looney Tunes - Bugs Bunny and Yosemite Sam - Fair-Haired Hare.mpg
2014-07-06 22:40 - 2014-07-06 22:40 - 00000000 ____D () C:\Users\Demo\Downloads\The Looney Looney Looney Bugs Bunny Movie [F-R] (Multi-audio, multi-sub)
2014-07-06 22:38 - 2014-07-13 08:22 - 410289781 _____ () C:\Users\Demo\Downloads\Bugs Bunny & Taz - Time Busters.exe
2014-07-06 21:56 - 2014-07-06 21:56 - 00000000 ____D () C:\Users\Demo\Downloads\SellYourGF - Rough sex for sick cash
2014-07-06 18:22 - 2014-07-06 18:22 - 00000000 ____D () C:\Users\Demo\Downloads\Sanjuro.1962.BDRip.H264.AAC.Gopo
2014-07-06 17:22 - 2014-07-10 20:47 - 00000000 ____D () C:\Users\Demo\Downloads\47 Ronin (2013)
2014-07-06 17:08 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\Cinderella (1950)
2014-07-06 06:22 - 2014-07-07 19:54 - 00000000 ____D () C:\Users\Demo\Downloads\Sleeping Beauty (1959)
2014-07-06 06:06 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\Snow White and the Seven Dwarfs {1937} 720p BRRip x264 - HDMiCRO by Mr, KickASS
2014-07-06 01:34 - 2014-07-06 01:34 - 00000000 ____D () C:\Users\Demo\Downloads\[ www.Speed.Cd ] - Last Night 2011 Dvdrip - PRESTiGE
2014-07-06 00:11 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\The Roommate (2011)
2014-07-05 23:17 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\17 Again (2009)
2014-07-05 21:21 - 2014-07-05 21:21 - 00000000 ____D () C:\Users\Demo\Downloads\Dragon Ball Remastered mp4 Part 3
2014-07-05 21:19 - 2014-07-05 21:19 - 00000000 ____D () C:\Users\Demo\Downloads\Dragon Ball Season 2 Remastered Part 3
2014-07-05 21:19 - 2014-07-05 21:19 - 00000000 ____D () C:\Users\Demo\Downloads\Dragon Ball Remastered mp4 Part 2
2014-07-05 21:17 - 2014-07-05 21:17 - 00000000 ____D () C:\Users\Demo\Downloads\Dragon Ball Remastered mp4 Part 1
2014-07-05 18:04 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\The.Son.of.No.One.DVDRip.XviD - TARGET
2014-07-05 14:39 - 2014-07-07 06:40 - 00000000 ____D () C:\Users\Demo\Desktop\MY PALAWAN PRINCESS, MY QUEEN
2014-07-05 03:31 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\The Lucky One (2012)
2014-07-05 02:47 - 2014-07-05 02:47 - 00000000 ____D () C:\Users\Demo\Downloads\Angst.1983.720p.BluRay.x264-KG [PublicHD]
2014-07-05 00:10 - 2014-07-05 00:10 - 00000000 ____D () C:\Users\Demo\Downloads\Equilibrium.[2002].DVDRIP.DIVX.[ENG]-ToTs
2014-07-05 00:06 - 2014-07-05 00:06 - 00000000 ____D () C:\Users\Demo\Downloads\The.Ten.Commandments.1956.720p.Bluray.x264.anoXmous
2014-07-04 23:43 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\Zemana Antilogger v1.9.3.525 Incl. Keygen-BRD
2014-07-04 22:27 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\Zemana AntiLogger v1.9.3.500 ML Incl Keygen-BRD -[MUMBAI]
2014-07-04 14:26 - 2014-07-04 16:04 - 00000000 ____D () C:\Users\Demo\Downloads\E.T. - The Extra Terrestrial (1982)
2014-07-03 05:08 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\The Ten Commandments (1956)
2014-07-03 05:06 - 2014-07-03 05:25 - 00000000 ____D () C:\Users\Demo\Downloads\Virtual DJ v7.4 PRO + Crack [ChattChitto RG]
2014-07-02 07:22 - 2014-07-02 07:42 - 00000000 ____D () C:\Users\Demo\Downloads\The Crow (1994)
2014-07-02 00:12 - 2014-07-02 00:18 - 277764480 _____ () C:\Users\Demo\Downloads\Black Man.-.Sex in Japan.mpg
2014-07-01 21:55 - 2014-07-01 22:07 - 03464113 ____R () C:\Users\Demo\Downloads\Evaer Video Recorder for SKYPE 1.1.7.29 (32+64 bit) + KEYGEN.rar
2014-07-01 18:57 - 2014-07-01 18:57 - 00000000 ____D () C:\Users\Demo\Downloads\Cassadaga[2011]DVDRip XviD-ETRG
2014-06-29 22:08 - 2014-07-03 05:45 - 00000000 ____D () C:\Users\Demo\Desktop\New Folder 1
2014-06-29 15:55 - 2014-06-29 15:55 - 00000000 ____D () C:\Users\Demo\Downloads\Bugs Bunny and Beep Beep THE MOOVIE
2014-06-29 15:52 - 2014-07-11 18:48 - 00000000 ____D () C:\Users\Demo\Downloads\Enter the Dragon (1973)
2014-06-29 11:22 - 2014-06-29 12:50 - 00000000 ____D () C:\Users\Demo\Downloads\Equilibrium (2002)
2014-06-29 01:20 - 2014-07-04 06:37 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-29 01:19 - 2014-06-29 01:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-29 01:19 - 2014-06-29 01:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-29 01:19 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-06-29 00:51 - 2014-06-29 00:52 - 04881197 _____ () C:\Users\Demo\Downloads\Jackie_Wilson_-_Lonely_Teardrops.mp4
2014-06-29 00:46 - 2014-06-29 00:50 - 05104564 _____ () C:\Users\Demo\Downloads\Jackie_Wilson_-_Thats_Why_I_Love_You_So.mp4
2014-06-29 00:44 - 2014-06-29 00:45 - 05130603 _____ () C:\Users\Demo\Downloads\Jackie_Wilson_Your_Love_Keeps_Lifting_Me_Higher_and_Higher_lyrics.mp4
2014-06-29 00:41 - 2014-06-29 00:44 - 07130506 _____ () C:\Users\Demo\Downloads\Garnet_Mimms_the_Enchanters_Cry_Baby_lyrics.mp4
2014-06-29 00:37 - 2014-06-29 00:42 - 08116440 _____ () C:\Users\Demo\Downloads\Al_Green_You_Ought_to_Be_With_Me_lyrics.mp4
2014-06-29 00:30 - 2014-06-29 00:32 - 04661640 _____ () C:\Users\Demo\Downloads\Argent_-_Liar_Original_Version_1970.mp4
2014-06-29 00:19 - 2014-06-29 00:21 - 08213906 _____ () C:\Users\Demo\Downloads\SideShow_Blue_Magic_.mp4
2014-06-28 17:44 - 2014-06-28 17:45 - 05863892 _____ () C:\Users\Demo\Downloads\Sam_Cooke_I_Lost_Everything_1963.mp4
2014-06-28 17:38 - 2014-06-28 17:40 - 05697472 _____ () C:\Users\Demo\Downloads\Sam_Cooke_Get_Yourself_Another_Fool_1963.mp4
2014-06-28 17:36 - 2014-06-28 17:38 - 04279696 _____ () C:\Users\Demo\Downloads\Sam_Cooke_-_Youre_Always_On_My_Mind.mp4
2014-06-28 17:33 - 2014-06-28 17:33 - 02475724 _____ () C:\Users\Demo\Downloads\Sam_Cooke-Tenderness_Unreleased_Version.mp4
2014-06-28 17:26 - 2014-06-28 17:28 - 05406611 _____ () C:\Users\Demo\Downloads\Sam_Cooke_-_Blue_Moon.mp4
2014-06-28 04:45 - 2014-06-29 23:10 - 00000000 ____D () C:\Users\Demo\Downloads\Sling Blade Exclusive Directors Cut 1996 DvDrip[Eng]-greenbud1969
2014-06-28 04:40 - 2014-06-29 02:51 - 00000000 ____D () C:\Users\Demo\Downloads\Deliverance 1972 DvDrip[Eng]-greenbud1969
2014-06-28 04:34 - 2014-06-28 04:45 - 00000000 ____D () C:\Users\Demo\Downloads\Southern Comfort  1981 HDTVRip 720p - zeberzee
2014-06-27 21:51 - 2014-06-27 21:52 - 06173136 _____ () C:\Users\Demo\Downloads\THE_MARCELS_-_BLUE_MOON_1961.mp4
2014-06-27 17:33 - 2014-06-27 17:35 - 08894374 _____ () C:\Users\Demo\Downloads\BAYAN_KO_AKO_AY_PILIPINO_MEDLEY_BY_RODEL_NAVAL.mp4
2014-06-27 17:22 - 2014-06-27 17:32 - 17260539 _____ () C:\Users\Demo\Downloads\Mr_Lonely_by_Rodel_Naval.mp4
2014-06-27 17:07 - 2014-06-27 17:13 - 17084576 _____ () C:\Users\Demo\Downloads\Ikaw_Pa_Lamang_by_Rodel_Naval.mp4
2014-06-27 16:49 - 2014-06-27 16:52 - 16753522 _____ () C:\Users\Demo\Downloads\Bakit_Kung_Kailan_by_Rodel_Naval.mp4
2014-06-27 16:41 - 2014-06-27 16:43 - 07770705 _____ () C:\Users\Demo\Downloads\Kailan_Kaya_-_Rodel_Naval.mp4
2014-06-27 16:37 - 2014-06-27 16:40 - 08719269 _____ () C:\Users\Demo\Downloads\Bryan_Termulo_-_Kailan_Studio_Recording_HD.mp4
2014-06-27 16:11 - 2014-06-27 16:15 - 15323564 _____ () C:\Users\Demo\Downloads\Nais_Ko_-_Miguel_Vera_with_lyrics_with_English_translation.mp4
2014-06-27 15:58 - 2014-06-27 16:02 - 14733131 _____ () C:\Users\Demo\Downloads\MULI_with_Lyrics_song_by_Rodel_Naval.mp4
2014-06-27 15:03 - 2014-06-27 15:04 - 08245109 _____ () C:\Users\Demo\Downloads\Bukas_na_lang_kita_Mamahalin_-_Lani_Misalucha_OST_-_Tayong_Dalawa_with_filipino_and_english_subs.mp4
2014-06-27 14:35 - 2014-06-27 14:37 - 08248330 _____ () C:\Users\Demo\Desktop\Bukas_Na_Lang_Kita_Mamahalin_-_Lani_Misalucha.mp4
2014-06-27 09:37 - 2014-06-27 09:37 - 00000000 ____D () C:\Users\Demo\Downloads\Bruno_Dumont-Hadewijch-2009
2014-06-27 09:19 - 2014-06-27 09:19 - 00000000 ____D () C:\Users\Demo\Downloads\GGG Angst Vorm Schlucken.DVDRip.XxX
2014-06-26 13:24 - 2014-07-15 02:29 - 00000000 ____D () C:\Users\Demo\Desktop\New folder (2)
2014-06-26 05:22 - 2014-06-27 00:25 - 00000000 ____D () C:\Users\Demo\Downloads\Blue Jasmine (2013) [1080p]
2014-06-26 05:09 - 2014-06-26 05:09 - 00000000 ____D () C:\Users\Demo\Downloads\Last Vegas (2013)
2014-06-26 04:44 - 2014-06-26 04:57 - 00000000 ____D () C:\Users\Demo\Downloads\The.Raid.2.2014.BRRip.480p.x264.AAC-VYTO
2014-06-26 04:43 - 2014-06-26 04:43 - 00000000 ____D () C:\Users\Demo\Downloads\Starship Troopers (1997)
2014-06-26 04:18 - 2014-06-26 04:18 - 00000000 ____D () C:\Users\Demo\Downloads\Starship Troopers Invasion (2012) [1080p]
2014-06-26 03:44 - 2014-06-26 04:26 - 937310212 _____ () C:\Users\Demo\Downloads\Sesame Street Rock n Roll Request Show 1992 vhs hifi st 30 min vgq mpeg2 pal.mpg
2014-06-26 03:36 - 2014-06-26 04:04 - 00000000 ____D () C:\Users\Demo\Downloads\Sesame.Street.The.Best.of.Elmo.2.2010.DVDRiP.XViD-DOCUMENT [NO-RAR] - [ www.torrentday.com ]
2014-06-26 03:27 - 2014-06-26 03:29 - 00000000 ____D () C:\Users\Demo\Downloads\Sesame.Street.Bert.and.Ernies.Great.Adventures.2010.DVDRip.XviD-ReVoTT [NO-RAR] - [ www.torrentday.com ]
2014-06-26 03:27 - 2014-06-26 03:28 - 00000000 ____D () C:\Users\Demo\Downloads\Sesame.Street.2009.11.10.Frankly.Its.A.Habitat.WS.DSR.XviD-FUtV- [ www.TorrentDay.com ]
2014-06-25 16:33 - 2014-06-25 16:33 - 00287312 _____ () C:\windows\Minidump\062514-31796-01.dmp
2014-06-24 19:13 - 2014-06-24 19:51 - 00000000 ____D () C:\Users\Demo\Downloads\The Great Raid (2005)
2014-06-24 14:27 - 2014-06-24 14:28 - 00511782 _____ () C:\Users\Demo\Downloads\Autoruns.zip
2014-06-24 14:21 - 2014-06-24 14:23 - 01327539 _____ (GlarySoft.com ) C:\Users\Demo\Downloads\spesetup.exe
2014-06-24 13:01 - 2014-07-14 10:27 - 00000914 _____ () C:\windows\setupact.log
2014-06-24 13:01 - 2014-06-24 13:01 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-24 13:01 - 2014-06-24 13:01 - 00000000 _____ () C:\windows\setuperr.log
2014-06-24 02:18 - 2014-06-24 02:23 - 04018942 _____ () C:\Users\Demo\Downloads\Frank_Sinatra_Let_it_snow.mp4
2014-06-24 02:12 - 2014-06-24 02:18 - 05333350 _____ () C:\Users\Demo\Downloads\Bing_Crosby_-_Its_Beginning_to_Look_A_Lot_Like_Christmas.mp4
2014-06-24 01:59 - 2014-06-24 02:10 - 13462242 _____ () C:\Users\Demo\Downloads\Someone_Saved_My_Life_Tonight_-_Elton_John_Lyrics_on_screen.mp4
2014-06-24 01:42 - 2014-06-24 01:58 - 08095049 _____ () C:\Users\Demo\Downloads\Frank_Sinatra_-_The_Way_You_Look_Tonight_Lyrics.mp4
2014-06-23 17:50 - 2014-06-23 18:01 - 04377484 _____ () C:\Users\Demo\Downloads\Wonderful_tonight_-_Eric_Clapton (1).mp4
2014-06-23 17:12 - 2014-06-24 15:33 - 00001751 _____ () C:\Users\Demo\Desktop\Wonderful_tonight_-_Eric_Clapton - Shortcut.lnk
2014-06-23 17:10 - 2014-06-23 17:23 - 14350008 _____ () C:\Users\Demo\Downloads\Said_I_Love_You_But_I_Lied_-_Michael_Bolton_-_Lyrics_on_screen.mp4
2014-06-23 17:03 - 2014-06-23 17:10 - 06636904 _____ () C:\Users\Demo\Downloads\If_You_Leave_Me_Now-Chicago-Lyricswmv (1).mp4
2014-06-23 16:52 - 2014-06-23 17:02 - 04383324 _____ () C:\Users\Demo\Downloads\If_You_Leave_Me_Now-Chicago-Lyricswmv (2).mp4
2014-06-23 16:31 - 2014-06-23 16:42 - 08622506 _____ () C:\Users\Demo\Downloads\Chicago_-_Youre_The_Inspiration_Lyrics.mp4
2014-06-23 16:23 - 2014-06-23 16:30 - 03740924 _____ () C:\Users\Demo\Downloads\If_You_Leave_Me_Now-Chicago-Lyricswmv.mp4
2014-06-23 03:26 - 2014-06-23 03:26 - 00000861 _____ () C:\Users\Demo\Desktop\µTorrent.lnk
2014-06-23 03:26 - 2014-06-23 03:26 - 00000841 _____ () C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-23 03:13 - 2014-06-23 03:14 - 01314384 _____ (BitTorrent Inc.) C:\Users\Demo\Downloads\uTorrent(1).exe
2014-06-22 16:49 - 2014-06-23 12:08 - 00000000 ____D () C:\Users\Demo\Downloads\Miracle In Cell No. 7 2013 Blu-Ray 720p x264 AAC Dolby FLiCKSiCK
2014-06-22 08:29 - 2014-07-01 03:29 - 00000000 ____D () C:\Users\Demo\Desktop\pics
2014-06-22 05:29 - 2014-06-22 05:40 - 08809384 _____ () C:\Users\Demo\Downloads\Rock-A-Bye_Baby_-_English_Nursery_Rhyme_With_Full_Lyrics.mp4
2014-06-21 17:15 - 2014-06-21 17:21 - 05268992 _____ () C:\Users\Demo\Downloads\RogueKillerX64 (1).exe
2014-06-21 16:59 - 2014-06-21 17:00 - 01314384 _____ (BitTorrent Inc.) C:\Users\Demo\Downloads\uTorrent.exe
2014-06-21 15:27 - 2014-06-21 15:37 - 03505864 _____ () C:\Users\Demo\Downloads\Wonderful_tonight_-_Eric_Clapton.mp4
2014-06-21 14:37 - 2014-06-21 14:44 - 07257859 _____ () C:\Users\Demo\Downloads\WILL_U_STILL_LOVE_ME_TOMORROW_-THE_SHIRELLES_LYRICS.mp4
2014-06-21 14:32 - 2014-06-21 14:36 - 05083879 _____ () C:\Users\Demo\Downloads\The_Shirelles_-_Baby_its_you_original_1961 (1).mp4
2014-06-21 13:31 - 2014-06-21 13:40 - 10231492 _____ () C:\Users\Demo\Downloads\Chain_of_Love_--_Clay_Walker_lyrics.mp4
2014-06-21 01:59 - 2014-04-03 19:19 - 00328024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
2014-06-21 01:59 - 2014-04-03 11:44 - 00619008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2014-06-21 01:59 - 2014-04-01 06:08 - 00387268 _____ () C:\windows\system32\ApnDatabase.xml
2014-06-21 01:59 - 2014-03-25 07:42 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
2014-06-21 01:59 - 2014-03-25 06:56 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
2014-06-21 01:47 - 2014-05-03 13:47 - 03246592 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2014-06-21 01:47 - 2014-05-03 11:34 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2014-06-21 01:47 - 2014-04-30 06:32 - 01301504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2014-06-21 01:47 - 2014-04-30 06:22 - 01023488 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2014-06-21 01:31 - 2014-04-03 19:22 - 02233176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-06-21 01:30 - 2014-03-07 08:47 - 01419264 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2014-06-21 01:30 - 2014-03-07 08:08 - 01845760 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2014-06-21 00:57 - 2013-11-28 07:02 - 1715023685 ____R () C:\Users\Demo\Documents\Point Blank (1998) FS DVDRip.mp4
2014-06-20 04:15 - 2014-06-20 04:21 - 04816482 _____ () C:\Users\Demo\Downloads\2014-05-18 04.58.16.mov
2014-06-20 02:55 - 2014-06-20 22:47 - 00000000 ____D () C:\Users\Demo\Downloads\Pay It Forward (2000)
2014-06-19 23:09 - 2014-06-19 23:13 - 05268992 _____ () C:\Users\Demo\Downloads\RogueKillerX64.exe
2014-06-19 22:13 - 2014-06-19 22:14 - 01253303 _____ () C:\Users\Demo\Downloads\uTorrent 3.3.2 Version.rar
2014-06-19 17:24 - 2014-07-14 18:59 - 399741727 _____ () C:\Users\Demo\Downloads\Bad.Lieutenant.1992.720p.BluRay.x264-DiMENSiON [PublicHD].mkv
2014-06-19 00:12 - 2014-06-19 00:14 - 01317200 _____ (BitTorrent Inc.) C:\Users\Demo\Downloads\uTorrent (1).exe
2014-06-18 16:07 - 2014-06-18 16:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 12:12 - 2014-06-18 12:23 - 08984119 _____ () C:\Users\Demo\Downloads\Rumor_Has_It_-_Adele_Lyrics.mp4
2014-06-18 11:59 - 2014-06-18 12:04 - 00847354 _____ () C:\Users\Demo\Downloads\Adele_-_Rolling_in_the_Deep.mp4
2014-06-18 11:24 - 2014-06-18 11:45 - 10698055 _____ () C:\Users\Demo\Downloads\One_and_Only_-_Adele_Lyrics.mp4
2014-06-18 10:57 - 2014-06-18 11:12 - 07082041 _____ () C:\Users\Demo\Downloads\Adele_-_Set_Fire_to_the_Rain_Lyrics.mp4
2014-06-18 04:12 - 2014-06-18 06:33 - 00000000 ____D () C:\Users\Demo\Downloads\Repentance.2014.NEW.CAM.XviD.AC3-RARBG
2014-06-18 02:00 - 2014-06-18 02:27 - 24426482 _____ () C:\Users\Demo\Downloads\Lil_Wayne_-_Hustler_Musik_Money_On_My_Mind.mp4
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-06-16 18:40 - 2014-06-16 18:50 - 06971897 _____ () C:\Users\Demo\Downloads\Randy_Santiago_-_Babaero.mp4
2014-06-16 06:58 - 2014-06-16 07:10 - 12335124 _____ () C:\Users\Demo\Downloads\LAWISWIS_KAWAYAN_Samar-Leyte_Folk_Song.mp4
2014-06-16 06:29 - 2014-06-16 06:32 - 00443194 _____ () C:\Users\Demo\Downloads\JOEY_AYALA_AT_ANG_BAGONG_LUMAD_-_MAGKAUGNAY.mp4
2014-06-15 03:21 - 2014-07-07 06:54 - 00000000 ____D () C:\Users\Demo\Desktop\RESORT RESTAURANT  BUSINESS IDEA AND PLANS
 
==================== One Month Modified Files and Folders =======
 
2014-07-15 02:54 - 2014-07-15 02:54 - 00017883 _____ () C:\Users\Demo\Desktop\FRST.txt
2014-07-15 02:54 - 2014-07-15 02:53 - 00000000 ____D () C:\FRST
2014-07-15 02:54 - 2013-11-30 21:51 - 00000000 ____D () C:\Users\Demo\AppData\Roaming\vlc
2014-07-15 02:51 - 2014-02-21 20:10 - 00000910 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-15 02:50 - 2014-07-15 02:44 - 02086912 _____ (Farbar) C:\Users\Demo\Desktop\FRST64.exe
2014-07-15 02:46 - 2013-11-29 09:59 - 00003918 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{9F8F74BB-58DD-4195-9B1D-D0FF0717FA4B}
2014-07-15 02:41 - 2014-04-18 20:09 - 00000000 ____D () C:\Users\Demo\Desktop\Irene Patache Palawan
2014-07-15 02:33 - 2014-06-03 02:35 - 00000000 ____D () C:\Users\Demo\Desktop\GAME SOUND TRACKS
2014-07-15 02:29 - 2014-06-26 13:24 - 00000000 ____D () C:\Users\Demo\Desktop\New folder (2)
2014-07-15 02:29 - 2014-04-18 20:09 - 00000000 ____D () C:\Users\Demo\Desktop\Irene Patache Palawan Queen
2014-07-15 02:02 - 2012-07-26 16:12 - 00000000 ____D () C:\windows\system32\sru
2014-07-15 02:00 - 2014-04-12 20:12 - 00000524 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task ff56ebf7-89b4-4164-afd1-3aaf0b7c808a.job
2014-07-15 01:55 - 2014-04-19 00:37 - 00000000 ____D () C:\ProgramData\MFAData
2014-07-15 00:36 - 2014-04-21 23:21 - 00168111 _____ () C:\MyXML.xml
2014-07-15 00:36 - 2014-02-21 20:10 - 00000906 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-15 00:35 - 2014-05-08 03:19 - 00053038 _____ () C:\windows\PFRO.log
2014-07-15 00:35 - 2012-07-26 15:22 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-15 00:33 - 2014-01-07 19:43 - 00000000 ____D () C:\Users\Demo\AppData\Local\CrashDumps
2014-07-14 22:56 - 2014-07-14 22:53 - 44802501 _____ () C:\Users\Demo\Downloads\Candy Crush Saga v1.19.0 - SUPER MOD.apk
2014-07-14 22:56 - 2013-11-29 23:04 - 00000000 ____D () C:\Users\Demo\AppData\Roaming\uTorrent
2014-07-14 20:12 - 2014-04-12 20:12 - 00000524 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task b6f3ed6d-ad9a-49a8-af0c-8037b5976c98.job
2014-07-14 18:59 - 2014-07-07 13:38 - 00000000 ____D () C:\Users\Demo\Downloads\Bambi (1942)
2014-07-14 18:59 - 2014-06-19 17:24 - 399741727 _____ () C:\Users\Demo\Downloads\Bad.Lieutenant.1992.720p.BluRay.x264-DiMENSiON [PublicHD].mkv
2014-07-14 11:07 - 2014-07-12 16:38 - 377284766 _____ () C:\Users\Demo\Downloads\Bugs Bunny - Lost In Time.exe
2014-07-14 11:07 - 2014-07-08 14:14 - 00000000 ____D () C:\Users\Demo\Downloads\Behind Enemy Lines (2001)
2014-07-14 10:39 - 2013-01-29 00:12 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-07-14 10:39 - 2012-07-26 13:26 - 01048576 ___SH () C:\windows\system32\config\BBI
2014-07-14 10:37 - 2014-03-16 22:07 - 01486291 _____ () C:\windows\WindowsUpdate.log
2014-07-14 10:27 - 2014-07-14 10:27 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-07-14 10:27 - 2014-07-14 10:27 - 00000000 ____D () C:\Program Files\Realtek
2014-07-14 10:27 - 2014-06-24 13:01 - 00000914 _____ () C:\windows\setupact.log
2014-07-14 10:25 - 2012-08-18 19:41 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-13 23:23 - 2012-07-26 15:28 - 00848230 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-13 11:17 - 2014-07-13 11:17 - 00001730 _____ () C:\Users\Demo\Documents\boloa.txt
2014-07-13 08:22 - 2014-07-06 22:38 - 410289781 _____ () C:\Users\Demo\Downloads\Bugs Bunny & Taz - Time Busters.exe
2014-07-13 07:52 - 2014-07-12 16:31 - 77027164 _____ () C:\Users\Demo\Downloads\Bugs Bunny - Hillbilly Hare.mpg
2014-07-13 05:40 - 2012-07-26 16:12 - 00000000 ____D () C:\windows\rescache
2014-07-13 01:23 - 2014-07-13 01:23 - 00281088 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-13 01:21 - 2013-01-29 00:28 - 00000000 ____D () C:\ProgramData\Norton
2014-07-13 01:08 - 2014-07-13 01:08 - 00869456 _____ () C:\Users\Demo\Downloads\Norton_Removal_Tool.exe
2014-07-13 00:54 - 2012-07-26 16:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 00:54 - 2012-07-26 16:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 00:54 - 2012-07-26 15:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-13 00:53 - 2012-07-26 16:12 - 00000000 ____D () C:\windows\WinStore
2014-07-13 00:51 - 2014-04-21 02:01 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-07-13 00:51 - 2014-04-21 00:39 - 00000000 ____D () C:\AdwCleaner
2014-07-13 00:47 - 2014-07-13 00:45 - 01348263 _____ () C:\Users\Demo\Downloads\AdwCleaner (1).exe
2014-07-12 04:04 - 2012-07-26 15:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-12 04:03 - 2013-11-02 00:43 - 00000000 ____D () C:\windows\system32\MRT
2014-07-12 04:02 - 2013-11-02 00:43 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-12 04:02 - 2012-07-26 13:26 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-11 18:50 - 2012-07-26 15:52 - 00000000 ____D () C:\windows\ShellNew
2014-07-11 18:49 - 2012-07-26 16:12 - 00000000 ____D () C:\windows\system32\spp
2014-07-11 18:49 - 2012-07-26 13:38 - 00000000 ____D () C:\windows\system32\Sysprep
2014-07-11 18:48 - 2014-07-07 04:01 - 00000000 ____D () C:\Users\Demo\Downloads\Beauty and the Beast (1991)
2014-07-11 18:48 - 2014-07-06 17:08 - 00000000 ____D () C:\Users\Demo\Downloads\Cinderella (1950)
2014-07-11 18:48 - 2014-07-06 06:06 - 00000000 ____D () C:\Users\Demo\Downloads\Snow White and the Seven Dwarfs {1937} 720p BRRip x264 - HDMiCRO by Mr, KickASS
2014-07-11 18:48 - 2014-07-06 00:11 - 00000000 ____D () C:\Users\Demo\Downloads\The Roommate (2011)
2014-07-11 18:48 - 2014-07-05 23:17 - 00000000 ____D () C:\Users\Demo\Downloads\17 Again (2009)
2014-07-11 18:48 - 2014-07-05 18:04 - 00000000 ____D () C:\Users\Demo\Downloads\The.Son.of.No.One.DVDRip.XviD - TARGET
2014-07-11 18:48 - 2014-07-05 03:31 - 00000000 ____D () C:\Users\Demo\Downloads\The Lucky One (2012)
2014-07-11 18:48 - 2014-07-04 23:43 - 00000000 ____D () C:\Users\Demo\Downloads\Zemana Antilogger v1.9.3.525 Incl. Keygen-BRD
2014-07-11 18:48 - 2014-07-04 22:27 - 00000000 ____D () C:\Users\Demo\Downloads\Zemana AntiLogger v1.9.3.500 ML Incl Keygen-BRD -[MUMBAI]
2014-07-11 18:48 - 2014-07-03 05:08 - 00000000 ____D () C:\Users\Demo\Downloads\The Ten Commandments (1956)
2014-07-11 18:48 - 2014-06-29 15:52 - 00000000 ____D () C:\Users\Demo\Downloads\Enter the Dragon (1973)
2014-07-11 18:48 - 2014-06-08 04:50 - 00000000 ____D () C:\Users\Demo\Downloads\When.a.Stranger.Calls.1979.DVDRip.DivX-SOFILMACOS
2014-07-11 18:48 - 2014-04-21 03:11 - 00000000 ____D () C:\Users\Demo\AppData\Roaming\ProductData
2014-07-11 18:48 - 2014-04-21 02:01 - 00000000 ____D () C:\Users\Demo\AppData\Roaming\IObit
2014-07-11 18:48 - 2013-11-29 23:10 - 00000000 ____D () C:\Users\Demo\AppData\Roaming\BitTorrent Sync
2014-07-11 18:47 - 2014-06-05 15:35 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-11 18:47 - 2014-04-20 14:59 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-11 18:46 - 2014-07-08 09:01 - 00000000 ____D () C:\Users\Demo\Downloads\Dawn of the Dead (2004)
2014-07-11 18:46 - 2014-07-08 06:16 - 00000000 ____D () C:\Users\Demo\Downloads\Peter Pan (1953)
2014-07-11 18:46 - 2012-07-26 16:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-11 18:45 - 2012-07-26 16:12 - 00000000 ____D () C:\windows\registration
2014-07-11 18:42 - 2014-06-13 07:19 - 00000000 ____D () C:\Users\Demo\Downloads\Planet.Of.The.Apes.1-6.Box-Set-DVDRip.XviD[Eng]
2014-07-11 18:41 - 2013-01-29 00:12 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-11 15:58 - 2014-07-11 15:50 - 10293356 _____ () C:\Users\Demo\Desktop\James_Ingram_-_Theres_no_easy_way_Lyrics.mp4
2014-07-11 07:12 - 2012-07-26 16:12 - 00000000 ____D () C:\windows\system32\NDF
2014-07-11 06:59 - 2014-05-16 22:38 - 00000000 ____D () C:\Users\Demo\Documents\mbar
2014-07-11 04:01 - 2014-07-10 23:46 - 00000000 ____D () C:\Users\Demo\Downloads\Sabotage.2014.HDRip.XviD-AQOS
2014-07-11 03:23 - 2013-10-25 03:57 - 00000000 ____D () C:\Users\Demo
2014-07-11 03:19 - 2014-04-21 03:10 - 00000000 ____D () C:\ProgramData\ProductData
2014-07-11 00:01 - 2014-07-11 00:01 - 00000000 ____D () C:\Users\Demo\Downloads\Let Me In (2011)
2014-07-10 23:19 - 2014-07-10 23:15 - 00000000 ____D () C:\Users\Demo\Downloads\Sabotage.2014.HDRip.XviD.AC3-EVO
2014-07-10 20:47 - 2014-07-06 17:22 - 00000000 ____D () C:\Users\Demo\Downloads\47 Ronin (2013)
2014-07-10 19:45 - 2014-07-10 19:45 - 00000000 ____D () C:\Users\Demo\Downloads\Pocahontas (1995)
2014-07-09 06:58 - 2014-07-09 06:49 - 09222317 _____ () C:\Users\Demo\Desktop\Feeder_Buck_Rogers.mp4
2014-07-09 06:16 - 2014-07-09 06:16 - 1049747105 _____ () C:\Users\Demo\Downloads\[ www.UsaBit.com ] - Heartbreak Ridge 1986 720p BRRip x264-PLAYNOW.mp4
2014-07-09 02:10 - 2014-07-09 02:10 - 00000000 ____D () C:\Users\Demo\AppData\Local\Adobe
2014-07-08 23:12 - 2014-07-08 20:39 - 1093444132 _____ () C:\Users\Demo\Downloads\Maleficent.2014.CAM.XviD.mkv
2014-07-08 15:34 - 2012-07-26 16:12 - 00000000 ____D () C:\windows\AUInstallAgent
2014-07-08 12:30 - 2014-04-19 01:52 - 314572800 _____ () C:\Users\Demo\Documents\Data Safe.avgfv
2014-07-08 09:06 - 2014-07-08 08:51 - 00000000 ____D () C:\Users\Demo\Downloads\The Beyond 1981 - Lucio Fulci (GRINDHOUSE) DVDrip
2014-07-08 08:12 - 2014-07-08 07:51 - 00000000 ____D () C:\Users\Demo\Downloads\Maleficent 2014 CAM WATERMARK REMOVED x264 Pimp4003
2014-07-07 19:54 - 2014-07-06 06:22 - 00000000 ____D () C:\Users\Demo\Downloads\Sleeping Beauty (1959)
2014-07-07 18:39 - 2014-07-07 18:15 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Demo\Downloads\64bit_Win7_Win8_Win81_R275.exe
2014-07-07 15:12 - 2014-07-07 15:12 - 00000000 ____D () C:\Users\Demo\Downloads\Tangled (2010)
2014-07-07 13:21 - 2014-07-07 13:21 - 00000000 ____D () C:\Users\Demo\Downloads\The Little Mermaid (1989)
2014-07-07 06:54 - 2014-06-15 03:21 - 00000000 ____D () C:\Users\Demo\Desktop\RESORT RESTAURANT  BUSINESS IDEA AND PLANS
2014-07-07 06:40 - 2014-07-05 14:39 - 00000000 ____D () C:\Users\Demo\Desktop\MY PALAWAN PRINCESS, MY QUEEN
2014-07-07 01:45 - 2014-07-07 01:45 - 00000000 ____D () C:\Users\Demo\Downloads\Ever After - A Cinderella Story (1998) [PROPER] DVDRip WS XviD
2014-07-06 22:51 - 2014-07-06 22:51 - 75112584 _____ () C:\Users\Demo\Downloads\Looney Tunes - Bugs Bunny and Yosemite Sam - Fair-Haired Hare.mpg
2014-07-06 22:40 - 2014-07-06 22:40 - 00000000 ____D () C:\Users\Demo\Downloads\The Looney Looney Looney Bugs Bunny Movie [F-R] (Multi-audio, multi-sub)
2014-07-06 21:56 - 2014-07-06 21:56 - 00000000 ____D () C:\Users\Demo\Downloads\SellYourGF - Rough sex for sick cash
2014-07-06 18:22 - 2014-07-06 18:22 - 00000000 ____D () C:\Users\Demo\Downloads\Sanjuro.1962.BDRip.H264.AAC.Gopo
2014-07-06 01:34 - 2014-07-06 01:34 - 00000000 ____D () C:\Users\Demo\Downloads\[ www.Speed.Cd ] - Last Night 2011 Dvdrip - PRESTiGE
2014-07-05 21:21 - 2014-07-05 21:21 - 00000000 ____D () C:\Users\Demo\Downloads\Dragon Ball Remastered mp4 Part 3
2014-07-05 21:19 - 2014-07-05 21:19 - 00000000 ____D () C:\Users\Demo\Downloads\Dragon Ball Season 2 Remastered Part 3
2014-07-05 21:19 - 2014-07-05 21:19 - 00000000 ____D () C:\Users\Demo\Downloads\Dragon Ball Remastered mp4 Part 2
2014-07-05 21:17 - 2014-07-05 21:17 - 00000000 ____D () C:\Users\Demo\Downloads\Dragon Ball Remastered mp4 Part 1
2014-07-05 02:47 - 2014-07-05 02:47 - 00000000 ____D () C:\Users\Demo\Downloads\Angst.1983.720p.BluRay.x264-KG [PublicHD]
2014-07-05 00:10 - 2014-07-05 00:10 - 00000000 ____D () C:\Users\Demo\Downloads\Equilibrium.[2002].DVDRIP.DIVX.[ENG]-ToTs
2014-07-05 00:06 - 2014-07-05 00:06 - 00000000 ____D () C:\Users\Demo\Downloads\The.Ten.Commandments.1956.720p.Bluray.x264.anoXmous
2014-07-04 16:04 - 2014-07-04 14:26 - 00000000 ____D () C:\Users\Demo\Downloads\E.T. - The Extra Terrestrial (1982)
2014-07-04 06:37 - 2014-06-29 01:20 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 17:26 - 2014-05-16 17:15 - 00000000 ____D () C:\Users\Demo\Documents\iphone
2014-07-03 05:45 - 2014-06-29 22:08 - 00000000 ____D () C:\Users\Demo\Desktop\New Folder 1
2014-07-03 05:25 - 2014-07-03 05:06 - 00000000 ____D () C:\Users\Demo\Downloads\Virtual DJ v7.4 PRO + Crack [ChattChitto RG]
2014-07-02 10:55 - 2014-04-19 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-07-02 10:55 - 2014-04-19 00:39 - 00000976 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-07-02 07:42 - 2014-07-02 07:22 - 00000000 ____D () C:\Users\Demo\Downloads\The Crow (1994)
2014-07-02 00:18 - 2014-07-02 00:12 - 277764480 _____ () C:\Users\Demo\Downloads\Black Man.-.Sex in Japan.mpg
2014-07-01 22:07 - 2014-07-01 21:55 - 03464113 ____R () C:\Users\Demo\Downloads\Evaer Video Recorder for SKYPE 1.1.7.29 (32+64 bit) + KEYGEN.rar
2014-07-01 18:57 - 2014-07-01 18:57 - 00000000 ____D () C:\Users\Demo\Downloads\Cassadaga[2011]DVDRip XviD-ETRG
2014-07-01 14:10 - 2014-06-03 18:04 - 00000000 ____D () C:\Users\Demo\Documents\MAIL
2014-07-01 14:10 - 2014-04-24 19:29 - 00000000 ____D () C:\Users\Demo\Documents\BLACKBERRY PHOTOS STORAGE
2014-07-01 03:29 - 2014-06-22 08:29 - 00000000 ____D () C:\Users\Demo\Desktop\pics
2014-07-01 02:10 - 2014-04-19 00:38 - 00000000 ____D () C:\ProgramData\AVG2014
2014-06-29 23:10 - 2014-06-28 04:45 - 00000000 ____D () C:\Users\Demo\Downloads\Sling Blade Exclusive Directors Cut 1996 DvDrip[Eng]-greenbud1969
2014-06-29 20:09 - 2013-10-25 04:05 - 00003598 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1552949541-214845929-2206156295-1001
2014-06-29 15:55 - 2014-06-29 15:55 - 00000000 ____D () C:\Users\Demo\Downloads\Bugs Bunny and Beep Beep THE MOOVIE
2014-06-29 12:50 - 2014-06-29 11:22 - 00000000 ____D () C:\Users\Demo\Downloads\Equilibrium (2002)
2014-06-29 05:27 - 2014-05-25 23:38 - 314579683 _____ () C:\Users\Demo\Downloads\Forced in my own kitchen.wmv
2014-06-29 02:51 - 2014-06-28 04:40 - 00000000 ____D () C:\Users\Demo\Downloads\Deliverance 1972 DvDrip[Eng]-greenbud1969
2014-06-29 01:19 - 2014-06-29 01:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-29 01:19 - 2014-06-29 01:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-29 01:19 - 2014-02-19 08:07 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-29 01:19 - 2014-02-19 08:07 - 00000000 ____D () C:\Users\Demo\AppData\Roaming\Malwarebytes
2014-06-29 01:19 - 2014-02-19 08:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-29 00:52 - 2014-06-29 00:51 - 04881197 _____ () C:\Users\Demo\Downloads\Jackie_Wilson_-_Lonely_Teardrops.mp4
2014-06-29 00:50 - 2014-06-29 00:46 - 05104564 _____ () C:\Users\Demo\Downloads\Jackie_Wilson_-_Thats_Why_I_Love_You_So.mp4
2014-06-29 00:45 - 2014-06-29 00:44 - 05130603 _____ () C:\Users\Demo\Downloads\Jackie_Wilson_Your_Love_Keeps_Lifting_Me_Higher_and_Higher_lyrics.mp4
2014-06-29 00:44 - 2014-06-29 00:41 - 07130506 _____ () C:\Users\Demo\Downloads\Garnet_Mimms_the_Enchanters_Cry_Baby_lyrics.mp4
2014-06-29 00:42 - 2014-06-29 00:37 - 08116440 _____ () C:\Users\Demo\Downloads\Al_Green_You_Ought_to_Be_With_Me_lyrics.mp4
2014-06-29 00:32 - 2014-06-29 00:30 - 04661640 _____ () C:\Users\Demo\Downloads\Argent_-_Liar_Original_Version_1970.mp4
2014-06-29 00:21 - 2014-06-29 00:19 - 08213906 _____ () C:\Users\Demo\Downloads\SideShow_Blue_Magic_.mp4
2014-06-28 17:45 - 2014-06-28 17:44 - 05863892 _____ () C:\Users\Demo\Downloads\Sam_Cooke_I_Lost_Everything_1963.mp4
2014-06-28 17:40 - 2014-06-28 17:38 - 05697472 _____ () C:\Users\Demo\Downloads\Sam_Cooke_Get_Yourself_Another_Fool_1963.mp4
2014-06-28 17:38 - 2014-06-28 17:36 - 04279696 _____ () C:\Users\Demo\Downloads\Sam_Cooke_-_Youre_Always_On_My_Mind.mp4
2014-06-28 17:33 - 2014-06-28 17:33 - 02475724 _____ () C:\Users\Demo\Downloads\Sam_Cooke-Tenderness_Unreleased_Version.mp4
2014-06-28 17:28 - 2014-06-28 17:26 - 05406611 _____ () C:\Users\Demo\Downloads\Sam_Cooke_-_Blue_Moon.mp4
2014-06-28 04:45 - 2014-06-28 04:34 - 00000000 ____D () C:\Users\Demo\Downloads\Southern Comfort  1981 HDTVRip 720p - zeberzee
2014-06-27 21:52 - 2014-06-27 21:51 - 06173136 _____ () C:\Users\Demo\Downloads\THE_MARCELS_-_BLUE_MOON_1961.mp4
2014-06-27 17:35 - 2014-06-27 17:33 - 08894374 _____ () C:\Users\Demo\Downloads\BAYAN_KO_AKO_AY_PILIPINO_MEDLEY_BY_RODEL_NAVAL.mp4
2014-06-27 17:32 - 2014-06-27 17:22 - 17260539 _____ () C:\Users\Demo\Downloads\Mr_Lonely_by_Rodel_Naval.mp4
2014-06-27 17:13 - 2014-06-27 17:07 - 17084576 _____ () C:\Users\Demo\Downloads\Ikaw_Pa_Lamang_by_Rodel_Naval.mp4
2014-06-27 16:52 - 2014-06-27 16:49 - 16753522 _____ () C:\Users\Demo\Downloads\Bakit_Kung_Kailan_by_Rodel_Naval.mp4
2014-06-27 16:43 - 2014-06-27 16:41 - 07770705 _____ () C:\Users\Demo\Downloads\Kailan_Kaya_-_Rodel_Naval.mp4
2014-06-27 16:40 - 2014-06-27 16:37 - 08719269 _____ () C:\Users\Demo\Downloads\Bryan_Termulo_-_Kailan_Studio_Recording_HD.mp4
2014-06-27 16:15 - 2014-06-27 16:11 - 15323564 _____ () C:\Users\Demo\Downloads\Nais_Ko_-_Miguel_Vera_with_lyrics_with_English_translation.mp4
2014-06-27 16:02 - 2014-06-27 15:58 - 14733131 _____ () C:\Users\Demo\Downloads\MULI_with_Lyrics_song_by_Rodel_Naval.mp4
2014-06-27 15:04 - 2014-06-27 15:03 - 08245109 _____ () C:\Users\Demo\Downloads\Bukas_na_lang_kita_Mamahalin_-_Lani_Misalucha_OST_-_Tayong_Dalawa_with_filipino_and_english_subs.mp4
2014-06-27 14:37 - 2014-06-27 14:35 - 08248330 _____ () C:\Users\Demo\Desktop\Bukas_Na_Lang_Kita_Mamahalin_-_Lani_Misalucha.mp4
2014-06-27 09:37 - 2014-06-27 09:37 - 00000000 ____D () C:\Users\Demo\Downloads\Bruno_Dumont-Hadewijch-2009
2014-06-27 09:19 - 2014-06-27 09:19 - 00000000 ____D () C:\Users\Demo\Downloads\GGG Angst Vorm Schlucken.DVDRip.XxX
2014-06-27 04:53 - 2013-12-03 08:43 - 00703968 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-06-27 04:53 - 2013-12-03 08:43 - 00105440 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-27 00:25 - 2014-06-26 05:22 - 00000000 ____D () C:\Users\Demo\Downloads\Blue Jasmine (2013) [1080p]
2014-06-26 05:09 - 2014-06-26 05:09 - 00000000 ____D () C:\Users\Demo\Downloads\Last Vegas (2013)
2014-06-26 04:57 - 2014-06-26 04:44 - 00000000 ____D () C:\Users\Demo\Downloads\The.Raid.2.2014.BRRip.480p.x264.AAC-VYTO
2014-06-26 04:43 - 2014-06-26 04:43 - 00000000 ____D () C:\Users\Demo\Downloads\Starship Troopers (1997)
2014-06-26 04:26 - 2014-06-26 03:44 - 937310212 _____ () C:\Users\Demo\Downloads\Sesame Street Rock n Roll Request Show 1992 vhs hifi st 30 min vgq mpeg2 pal.mpg
2014-06-26 04:18 - 2014-06-26 04:18 - 00000000 ____D () C:\Users\Demo\Downloads\Starship Troopers Invasion (2012) [1080p]
2014-06-26 04:04 - 2014-06-26 03:36 - 00000000 ____D () C:\Users\Demo\Downloads\Sesame.Street.The.Best.of.Elmo.2.2010.DVDRiP.XViD-DOCUMENT [NO-RAR] - [ www.torrentday.com ]
2014-06-26 03:29 - 2014-06-26 03:27 - 00000000 ____D () C:\Users\Demo\Downloads\Sesame.Street.Bert.and.Ernies.Great.Adventures.2010.DVDRip.XviD-ReVoTT [NO-RAR] - [ www.torrentday.com ]
2014-06-26 03:28 - 2014-06-26 03:27 - 00000000 ____D () C:\Users\Demo\Downloads\Sesame.Street.2009.11.10.Frankly.Its.A.Habitat.WS.DSR.XviD-FUtV- [ www.TorrentDay.com ]
2014-06-25 16:33 - 2014-06-25 16:33 - 00287312 _____ () C:\windows\Minidump\062514-31796-01.dmp
2014-06-25 16:33 - 2014-04-12 16:34 - 382636798 _____ () C:\windows\MEMORY.DMP
2014-06-25 16:33 - 2014-02-14 09:02 - 00000000 ____D () C:\windows\Minidump
2014-06-24 19:51 - 2014-06-24 19:13 - 00000000 ____D () C:\Users\Demo\Downloads\The Great Raid (2005)
2014-06-24 15:33 - 2014-06-23 17:12 - 00001751 _____ () C:\Users\Demo\Desktop\Wonderful_tonight_-_Eric_Clapton - Shortcut.lnk
2014-06-24 14:28 - 2014-06-24 14:27 - 00511782 _____ () C:\Users\Demo\Downloads\Autoruns.zip
2014-06-24 14:23 - 2014-06-24 14:21 - 01327539 _____ (GlarySoft.com ) C:\Users\Demo\Downloads\spesetup.exe
2014-06-24 13:01 - 2014-06-24 13:01 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_SynTP_01011.Wdf
2014-06-24 13:01 - 2014-06-24 13:01 - 00000000 _____ () C:\windows\setuperr.log
2014-06-24 13:01 - 2013-01-29 00:13 - 00002990 _____ () C:\windows\System32\Tasks\Synaptics TouchPad Enhancements
2014-06-24 02:23 - 2014-06-24 02:18 - 04018942 _____ () C:\Users\Demo\Downloads\Frank_Sinatra_Let_it_snow.mp4
2014-06-24 02:18 - 2014-06-24 02:12 - 05333350 _____ () C:\Users\Demo\Downloads\Bing_Crosby_-_Its_Beginning_to_Look_A_Lot_Like_Christmas.mp4
2014-06-24 02:10 - 2014-06-24 01:59 - 13462242 _____ () C:\Users\Demo\Downloads\Someone_Saved_My_Life_Tonight_-_Elton_John_Lyrics_on_screen.mp4
2014-06-24 01:58 - 2014-06-24 01:42 - 08095049 _____ () C:\Users\Demo\Downloads\Frank_Sinatra_-_The_Way_You_Look_Tonight_Lyrics.mp4
2014-06-23 18:01 - 2014-06-23 17:50 - 04377484 _____ () C:\Users\Demo\Downloads\Wonderful_tonight_-_Eric_Clapton (1).mp4
2014-06-23 17:23 - 2014-06-23 17:10 - 14350008 _____ () C:\Users\Demo\Downloads\Said_I_Love_You_But_I_Lied_-_Michael_Bolton_-_Lyrics_on_screen.mp4
2014-06-23 17:10 - 2014-06-23 17:03 - 06636904 _____ () C:\Users\Demo\Downloads\If_You_Leave_Me_Now-Chicago-Lyricswmv (1).mp4
2014-06-23 17:02 - 2014-06-23 16:52 - 04383324 _____ () C:\Users\Demo\Downloads\If_You_Leave_Me_Now-Chicago-Lyricswmv (2).mp4
2014-06-23 16:42 - 2014-06-23 16:31 - 08622506 _____ () C:\Users\Demo\Downloads\Chicago_-_Youre_The_Inspiration_Lyrics.mp4
2014-06-23 16:30 - 2014-06-23 16:23 - 03740924 _____ () C:\Users\Demo\Downloads\If_You_Leave_Me_Now-Chicago-Lyricswmv.mp4
2014-06-23 12:08 - 2014-06-22 16:49 - 00000000 ____D () C:\Users\Demo\Downloads\Miracle In Cell No. 7 2013 Blu-Ray 720p x264 AAC Dolby FLiCKSiCK
2014-06-23 03:26 - 2014-06-23 03:26 - 00000861 _____ () C:\Users\Demo\Desktop\µTorrent.lnk
2014-06-23 03:26 - 2014-06-23 03:26 - 00000841 _____ () C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-06-23 03:14 - 2014-06-23 03:13 - 01314384 _____ (BitTorrent Inc.) C:\Users\Demo\Downloads\uTorrent(1).exe
2014-06-22 17:29 - 2014-04-12 20:12 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-22 05:40 - 2014-06-22 05:29 - 08809384 _____ () C:\Users\Demo\Downloads\Rock-A-Bye_Baby_-_English_Nursery_Rhyme_With_Full_Lyrics.mp4
2014-06-21 17:21 - 2014-06-21 17:15 - 05268992 _____ () C:\Users\Demo\Downloads\RogueKillerX64 (1).exe
2014-06-21 17:18 - 2014-06-13 04:58 - 00000000 ____D () C:\Users\Demo\Downloads\Husk 2011 DVDRip Xvid BigPerm LKRG
2014-06-21 17:00 - 2014-06-21 16:59 - 01314384 _____ (BitTorrent Inc.) C:\Users\Demo\Downloads\uTorrent.exe
2014-06-21 15:37 - 2014-06-21 15:27 - 03505864 _____ () C:\Users\Demo\Downloads\Wonderful_tonight_-_Eric_Clapton.mp4
2014-06-21 14:44 - 2014-06-21 14:37 - 07257859 _____ () C:\Users\Demo\Downloads\WILL_U_STILL_LOVE_ME_TOMORROW_-THE_SHIRELLES_LYRICS.mp4
2014-06-21 14:36 - 2014-06-21 14:32 - 05083879 _____ () C:\Users\Demo\Downloads\The_Shirelles_-_Baby_its_you_original_1961 (1).mp4
2014-06-21 13:40 - 2014-06-21 13:31 - 10231492 _____ () C:\Users\Demo\Downloads\Chain_of_Love_--_Clay_Walker_lyrics.mp4
2014-06-20 22:47 - 2014-06-20 02:55 - 00000000 ____D () C:\Users\Demo\Downloads\Pay It Forward (2000)
2014-06-20 11:02 - 2013-12-19 12:58 - 00000000 ____D () C:\Users\Demo\Desktop\New Downloaded Movies folder
2014-06-20 04:21 - 2014-06-20 04:15 - 04816482 _____ () C:\Users\Demo\Downloads\2014-05-18 04.58.16.mov
2014-06-19 23:13 - 2014-06-19 23:09 - 05268992 _____ () C:\Users\Demo\Downloads\RogueKillerX64.exe
2014-06-19 22:14 - 2014-06-19 22:13 - 01253303 _____ () C:\Users\Demo\Downloads\uTorrent 3.3.2 Version.rar
2014-06-19 10:12 - 2014-07-11 15:39 - 02239488 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-06-19 10:12 - 2014-07-11 15:39 - 01366528 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-06-19 10:12 - 2014-07-11 15:39 - 00915968 _____ (Microsoft Corporation) C:\windows\system32\uxtheme.dll
2014-06-19 10:12 - 2014-07-11 15:39 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\UXInit.dll
2014-06-19 10:12 - 2014-07-11 15:39 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-06-19 10:11 - 2014-07-11 15:39 - 19277312 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-06-19 10:11 - 2014-07-11 15:39 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-06-19 10:11 - 2014-07-11 15:39 - 00097792 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 15369728 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 03959296 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 02650624 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 00281600 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2014-06-19 10:10 - 2014-07-11 15:39 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-06-19 10:10 - 2014-07-11 15:38 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-06-19 10:10 - 2014-07-11 15:38 - 00053760 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-06-19 10:09 - 2014-07-11 15:39 - 01508864 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-06-19 08:53 - 2014-07-11 15:39 - 14368768 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-06-19 08:53 - 2014-07-11 15:39 - 01766400 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-06-19 08:53 - 2014-07-11 15:39 - 01141760 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-06-19 08:53 - 2014-07-11 15:39 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-06-19 08:53 - 2014-07-11 15:39 - 00163840 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-06-19 08:53 - 2014-07-11 15:39 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-06-19 08:53 - 2014-07-11 15:39 - 00044032 _____ (Microsoft Corporation) C:\windows\SysWOW64\UXInit.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 13732352 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 02863616 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 01440768 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-06-19 08:52 - 2014-07-11 15:39 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 00357888 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 00226816 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2014-06-19 08:52 - 2014-07-11 15:39 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-06-19 08:52 - 2014-07-11 15:38 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-06-19 08:52 - 2014-07-11 15:38 - 00039936 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-06-19 08:33 - 2014-07-11 15:38 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-06-19 08:30 - 2014-07-11 15:38 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-06-19 06:05 - 2014-07-11 15:38 - 00534528 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxtheme.dll
2014-06-19 05:36 - 2014-05-31 08:15 - 00000000 ____D () C:\Users\Demo\Downloads\Grand Theft Auto - Vice City (with trainer)(1-click run)
2014-06-19 05:31 - 2014-02-24 07:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-19 00:14 - 2014-06-19 00:12 - 01317200 _____ (BitTorrent Inc.) C:\Users\Demo\Downloads\uTorrent (1).exe
2014-06-18 16:07 - 2014-06-18 16:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-18 12:23 - 2014-06-18 12:12 - 08984119 _____ () C:\Users\Demo\Downloads\Rumor_Has_It_-_Adele_Lyrics.mp4
2014-06-18 12:04 - 2014-06-18 11:59 - 00847354 _____ () C:\Users\Demo\Downloads\Adele_-_Rolling_in_the_Deep.mp4
2014-06-18 11:45 - 2014-06-18 11:24 - 10698055 _____ () C:\Users\Demo\Downloads\One_and_Only_-_Adele_Lyrics.mp4
2014-06-18 11:12 - 2014-06-18 10:57 - 07082041 _____ () C:\Users\Demo\Downloads\Adele_-_Set_Fire_to_the_Rain_Lyrics.mp4
2014-06-18 07:27 - 2014-07-11 10:07 - 01440256 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-06-18 07:24 - 2014-07-11 10:07 - 01557504 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-06-18 06:33 - 2014-06-18 04:12 - 00000000 ____D () C:\Users\Demo\Downloads\Repentance.2014.NEW.CAM.XviD.AC3-RARBG
2014-06-18 02:27 - 2014-06-18 02:00 - 24426482 _____ () C:\Users\Demo\Downloads\Lil_Wayne_-_Hustler_Musik_Money_On_My_Mind.mp4
2014-06-17 21:46 - 2014-02-21 20:10 - 00003882 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 21:46 - 2014-02-21 20:10 - 00003646 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-17 16:21 - 2014-06-17 16:21 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgldx64.sys
2014-06-17 16:07 - 2014-06-17 16:07 - 00328984 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgloga.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00242968 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsdrivera.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00190744 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgidsha.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00153368 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgdiska.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00123672 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgmfx64.sys
2014-06-17 16:06 - 2014-06-17 16:06 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgrkx64.sys
2014-06-17 15:41 - 2014-05-25 05:07 - 00000000 ____D () C:\Users\Demo\Downloads\So Close 2002 DVDRip(Multisub) GoGo
2014-06-16 18:50 - 2014-06-16 18:40 - 06971897 _____ () C:\Users\Demo\Downloads\Randy_Santiago_-_Babaero.mp4
2014-06-16 07:10 - 2014-06-16 06:58 - 12335124 _____ () C:\Users\Demo\Downloads\LAWISWIS_KAWAYAN_Samar-Leyte_Folk_Song.mp4
2014-06-16 06:32 - 2014-06-16 06:29 - 00443194 _____ () C:\Users\Demo\Downloads\JOEY_AYALA_AT_ANG_BAGONG_LUMAD_-_MAGKAUGNAY.mp4
2014-06-15 15:52 - 2014-06-14 20:01 - 00000000 ____D () C:\Users\Demo\Downloads\Welcome To The Dollhouse [XviD][DVDRip][1995]
 
Some content of TEMP:
====================
C:\Users\Demo\AppData\Local\temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-14 05:54
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-07-2014 01
Ran by Demo at 2014-07-15 02:54:58
Running from C:\Users\Demo\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: AVG Internet Security 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: AVG Internet Security 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.31893 - BitTorrent Inc.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.3986 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.04 - Piriform)
Clickfree (HKLM-x32\...\{1EB9B986-CECA-4E05-B454-C9343EE9DDE7}) (Version: 3.16.449.0 - Clickfree Automatic Backup)
CopyTrans Suite (HKLM-x32\...\CopyTrans Suite) (Version:  - )
Evernote v. 4.5.7 (HKLM-x32\...\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}) (Version: 4.5.7.7146 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HDD Capacity Restore 1.2 (HKLM-x32\...\HDD Capacity Restore_is1) (Version: 1.2 - Atola Technology)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33235) (Version: 3.6.1.33235.13 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3040 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.0.5.1172 - IObit)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
KeePass Password Safe 1.26 (HKLM-x32\...\KeePass Password Safe_is1) (Version: 1.26 - Dominik Reichl)
Living Waterfalls 2 (HKLM-x32\...\Living Waterfalls 2) (Version:  - ScenicReflections.com)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.97 - Panda Security)
Perfect Uninstaller v6.3.3.9 (HKLM\...\Perfect Uninstaller_is1) (Version:  - www.PerfectUninstaller.com)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.4.0.0 - IObit)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{F2DE0088-CF05-4DAB-AC4D-9D2C4D657456}) (Version: 1.0.2.8 - TOSHIBA Corporation)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.1.0001 - Toshiba Corporation)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.950 - Toshiba Corporation)
Toshiba Password Utility (x32 Version: 2.00.950 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version:  - )
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Webfuii (HKLM\...\Webfuii) (Version: 2013.11.22.002525 - Webfuii)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.9.7 - WildTangent) Hidden
WinRAR 5.10 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Restore Points  =========================
 
24-06-2014 05:00:25 Windows Update
02-07-2014 22:14:40 Scheduled Checkpoint
07-07-2014 10:29:31 today
07-07-2014 10:42:13 Restore Operation
11-07-2014 01:30:00 Windows Update
 
==================== Hosts content: ==========================
 
2012-07-26 13:26 - 2014-04-20 15:41 - 00449915 ___RA C:\windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
 
There are 1000 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {167CA587-9EBB-48AB-86A2-F1D50C1B6C55} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {258CE7C3-0A4A-41E1-A6B7-2FA9CB648320} - System32\Tasks\ShopperProUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: {39BEF1CE-FFE2-400B-BD95-DA6CDF709C6C} - System32\Tasks\SUPERAntiSpyware Scheduled Task b6f3ed6d-ad9a-49a8-af0c-8037b5976c98 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {3A661721-70E2-4648-944A-E3933DEFBF6F} - System32\Tasks\SUPERAntiSpyware Scheduled Task ff56ebf7-89b4-4164-afd1-3aaf0b7c808a => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-08] (SUPERAdBlocker.com)
Task: {3BDA8B9A-57F0-4E48-A8A9-7F4EE398BC66} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-07-12] (Microsoft Corporation)
Task: {486C3398-09C8-46AF-BE93-A3590C61A7C6} - System32\Tasks\Driver Booster SkipUAC (Demo) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {58980AEC-5867-460C-8F04-19335ED2426E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.)
Task: {59DA496F-88C3-4881-AFC5-73A6C1BB259E} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe [2013-12-09] (IObit)
Task: {60D34688-B84C-47B4-8994-22A5AAA2F505} - System32\Tasks\Microsoft\Windows\RVLKL\RVLKL => C:\ProgramData\rvlkl\rvlkl.exe [2014-06-10] (Logixoft)
Task: {6709814B-66B3-4112-AD5B-652BA493C031} - \ShopperPro No Task File <==== ATTENTION
Task: {834978E3-3FE0-466B-91F4-F72088E1A933} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {89E3D946-7CFE-4464-8932-F4E91943FC70} - \LaunchApp No Task File <==== ATTENTION
Task: {9165337C-0A4B-451A-A71F-C750590A47F2} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CF4FD195-B66F-4AA2-A8A1-9898CF7946A5} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {D0B15D71-4E2D-47FD-91B8-921F946F9063} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-23] (Piriform Ltd)
Task: {D307CF3F-D38F-4EA3-AAEC-2A9C022CE60A} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-28] (TOSHIBA Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F0AF91D4-FD62-43FB-ACBA-A718E54FD35A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-21] (Google Inc.)
Task: C:\windows\Tasks\Driver Booster SkipUAC (Demo).job => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task b6f3ed6d-ad9a-49a8-af0c-8037b5976c98.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task ff56ebf7-89b4-4164-afd1-3aaf0b7c808a.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-10-14 06:38 - 2011-10-14 06:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2012-07-19 10:38 - 2012-07-19 10:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 10:38 - 2012-07-19 10:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-14 11:13 - 2012-08-14 11:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2012-08-06 21:36 - 2012-08-06 21:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-21 23:21 - 2013-12-09 16:10 - 00348992 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-04-21 23:21 - 2013-12-09 16:10 - 00183616 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-04-21 23:21 - 2013-12-09 16:10 - 00051008 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2014-04-21 23:21 - 2013-12-09 16:10 - 00089920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\NTFSScan.dll
2014-04-21 23:21 - 2013-12-09 16:11 - 00041280 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2013-01-29 00:09 - 2012-06-26 02:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Demo\Downloads\Firefox Setup Stub 27.0.1.exe:BDU
AlternateDataStreams: C:\Users\Demo\Downloads\mb-1.07.0.1009.exe:BDU
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
HKLM\...\StartupApproved\Run32: => "YTDownloader"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/15/2014 00:34:19 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/15/2014 00:34:19 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/15/2014 00:33:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233
Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0xa270
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5
 
Error: (07/15/2014 00:22:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 30.0.0.5269, time stamp: 0x53914233
Faulting module name: mozalloc.dll, version: 30.0.0.5269, time stamp: 0x53911393
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x14d0
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Faulting package full name: plugin-container.exe4
Faulting package-relative application ID: plugin-container.exe5
 
Error: (07/14/2014 11:37:53 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/14/2014 11:37:53 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/14/2014 06:43:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.2.9200.16628, time stamp: 0x51a94434
Faulting module name: twinui.dll, version: 6.2.9200.16680, time stamp: 0x51fb45f3
Exception code: 0xc0000005
Fault offset: 0x000000000000186c
Faulting process id: 0x1048
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
 
Error: (07/14/2014 10:39:43 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/14/2014 10:39:43 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/14/2014 05:38:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.2.9200.16628, time stamp: 0x51a94434
Faulting module name: twinui.dll, version: 6.2.9200.16680, time stamp: 0x51fb45f3
Exception code: 0xc0000005
Fault offset: 0x000000000000186c
Faulting process id: 0x1068
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
Faulting package full name: Explorer.EXE4
Faulting package-relative application ID: Explorer.EXE5
 
 
System errors:
=============
Error: (07/15/2014 00:37:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/14/2014 11:40:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/14/2014 06:44:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/14/2014 10:50:05 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/14/2014 10:25:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/14/2014 10:23:23 AM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
 
Error: (07/14/2014 05:39:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/13/2014 09:59:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/13/2014 11:49:10 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (07/13/2014 11:16:01 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (07/15/2014 00:34:19 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/15/2014 00:34:19 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/15/2014 00:33:37 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141ba27001cf9f80879b58c7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll9a979e74-0b74-11e4-bf87-7054d2af3d72
 
Error: (07/15/2014 00:22:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b14d001cf9f7bee133d06C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll1e91aa71-0b73-11e4-bf87-7054d2af3d72
 
Error: (07/14/2014 11:37:53 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/14/2014 11:37:53 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/14/2014 06:43:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.2.9200.1662851a94434twinui.dll6.2.9200.1668051fb45f3c0000005000000000000186c104801cf9f506a9100fbC:\windows\Explorer.EXEC:\Windows\System32\twinui.dlla918e830-0b43-11e4-bf86-7054d2af3d72
 
Error: (07/14/2014 10:39:43 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/14/2014 10:39:43 AM) (Source: IMFservice) (EventID: 0) (User: )
Description: The handle is invalid
 
Error: (07/14/2014 05:38:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.2.9200.1662851a94434twinui.dll6.2.9200.1668051fb45f3c0000005000000000000186c106801cf9ee2ce707535C:\windows\Explorer.EXEC:\Windows\System32\twinui.dll0e11b414-0ad6-11e4-bf83-7054d2af3d72
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-17 08:45:32.531
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-17 08:45:32.500
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-14 14:22:17.142
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-14 14:22:17.127
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-03-13 02:04:08.425
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 39%
Total physical RAM: 3979.21 MB
Available physical RAM: 2415.96 MB
Total Pagefile: 9355.21 MB
Available Pagefile: 4630.38 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB
 
==================== Drives ================================
 
Drive c: (TI80135600F) (Fixed) (Total:921.21 GB) (Free:532.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
Users shortcut scan result (x64) Version: 14-07-2014 01
Ran by Demo at 2014-07-15 02:55:56
Running from C:\Users\Demo\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
 
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Perfect Uninstaller.lnk -> C:\Program Files\Perfect Uninstaller\PU.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\UserGuide.lnk -> C:\Program Files\TOSHIBA\UserManual\help\Help.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk -> C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-AB0000000001}\SC_Reader.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Immersive Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KeePass.lnk -> C:\Program Files (x86)\KeePass Password Safe\KeePass.exe (Dominik Reichl)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk -> C:\Windows\Installer\{95140000-0070-0000-0000-0000000FF1CE}\oobeicon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Store.lnk -> C:\Windows\WinStore\WinStore.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yahoo! Messenger\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2\Uninstall.lnk -> C:\Program Files (x86)\VirusTotalUploader2\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VirusTotal Uploader 2.2\VirusTotal Uploader 2.2.lnk -> C:\Program Files (x86)\VirusTotalUploader2\VirusTotalUploader2.2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk -> C:\Program Files (x86)\VideoLAN\VLC\Documentation.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk -> C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk -> C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Applications and Drivers.lnk -> C:\Program Files\TOSHIBA\TOSAPINS\COMPS1 ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Desktop Assist.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe (Microsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\HDD Accelerator.lnk -> C:\Program Files\TOSHIBA\HDD Accelerator\THAccelView.exe (TOSHIBA CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\System Settings.lnk -> C:\Program Files (x86)\TOSHIBA\System Setting\TOSHIBASystemSetting.exe (TOSHIBA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Support\PC Diagnostic Tool.lnk -> C:\Program Files (x86)\TOSHIBA\PCDiag\PCDiag.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Support\PC Health Monitor.lnk -> C:\Program Files\TOSHIBA\TPHM\TPCHViewer.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Support\Recovery Media Creator.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Recovery Media Creator\TRMCLcher.exe (Toshiba Information Equipment(Hangzhou)Co.,LTD)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Support\Service Station.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Support\UserGuide.lnk -> C:\Program Files\TOSHIBA\UserManual\help\Help.exe (TOSHIBA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Multimedia\TOSHIBA Resolution+ for Windows Media Player Help.lnk -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Resolution+ Plug-in for Windows Media Player\Help\index.htm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Multimedia\TOSHIBA VIDEO PLAYER.lnk -> C:\Program Files (x86)\TOSHIBA\TOSHIBA VIDEO PLAYER\SMILauncher.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk -> C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE (SUPERAdBlocker.com and SUPERAntiSpyware.com)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Professional.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Uninstall Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\File Shredder.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy\SDShred.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Spybot - Search & Destroy.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Tutorial.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy\Help\English.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Uninstall Spybot-S&D.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy\Update Spybot-S&D.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy\SDUpdate.exe (Safer Networking Limited)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Splashtop Remote\Splashtop Streamer.lnk -> C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Smart Defrag 3.lnk -> C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe (IObit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Uninstall Smart Defrag 3.lnk -> C:\Program Files (x86)\IObit\Smart Defrag 3\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller\Perfect Uninstaller on the Web.lnk -> C:\Program Files\Perfect Uninstaller\PerfectUninstaller.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller\Perfect Uninstaller.lnk -> C:\Program Files\Perfect Uninstaller\PU.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect Uninstaller\Uninstall Perfect Uninstaller.lnk -> C:\Program Files\Perfect Uninstaller\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Panda Cloud Cleaner.lnk -> C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security\Panda Cloud Cleaner\Uninstall Panda Cloud Cleaner.lnk -> C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware Notifications.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Uninstall Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Help.lnk -> C:\Program Files (x86)\IObit\IObit Uninstaller\help.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\IObit Uninstaller.lnk -> C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (IObit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\IObit Malware Fighter.lnk -> C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\Uninstall IObit Malware Fighter.lnk -> C:\Program Files (x86)\IObit\IObit Malware Fighter\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HDD Capacity Restore\HDD Capacity Restore.lnk -> C:\Program Files (x86)\HDD Capacity Restore\CapacityRestore.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote\Evernote.lnk -> C:\Windows\Installer\{0BE73D3C-B5AF-11E1-933A-984BE15F174E}\Evernote.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clickfree Software\Clickfree Software.lnk -> C:\Windows\Installer\{1EB9B986-CECA-4E05-B454-C9343EE9DDE7}\StartClickFreeBack_2BFA06F8574A4D13BAB2DDB07D815E28.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk -> C:\Program Files\CCleaner\uninst.exe (Piriform Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2014.lnk -> C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (32-bit).lnk -> C:\Windows\SysWOW64\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\ODBC Data Sources (64-bit).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Actual Keylogger\Uninstall Actual Keylogger.lnk -> C:\Program Files (x86)\AKMonitor\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Steps Recorder.lnk -> C:\Windows\System32\psr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\Windows Journal.lnk -> C:\Program Files\Windows Journal\Journal.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\Pictures\Data Safe.lnk -> C:\Users\Demo\Documents\Data Safe.avgfv ()
Shortcut: C:\Users\Demo\Links\Data Safe.lnk -> C:\Users\Demo\Documents\Data Safe.avgfv ()
Shortcut: C:\Users\Demo\Links\Desktop.lnk -> C:\Users\Demo\Desktop ()
Shortcut: C:\Users\Demo\Links\Downloads.lnk -> C:\Users\Demo\Downloads ()
Shortcut: C:\Users\Demo\Downloads\Q.And.A.1990.720p.BluRay.x264-RSG [PublicHD]\iLibs.lnk -> C:\Program Files (x86)\CopyTrans Suite\iLibs\iLibs.exe (WindSolutions)
Shortcut: C:\Users\Demo\Documents\Adobe Reader XI.lnk -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Demo\Documents\Advanced SystemCare Ultimate 7.lnk -> C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe (No File)
Shortcut: C:\Users\Demo\Documents\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Demo\Documents\CopyTrans Doctor.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Doctor\CopyTransDoctor.exe (WindSolutions)
Shortcut: C:\Users\Demo\Documents\CopyTrans Manager.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Manager\CopyTransManager.exe (WindSolutions)
Shortcut: C:\Users\Demo\Documents\CopyTrans Photo.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Photo\CopyTransPhoto.exe (WindSolutions)
Shortcut: C:\Users\Demo\Documents\CopyTrans.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans\CopyTrans.exe (WindSolutions)
Shortcut: C:\Users\Demo\Documents\Desktop Assist.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Desktop Assist\TosDesktopAssist.exe (Microsoft)
Shortcut: C:\Users\Demo\Documents\Driver Booster.lnk -> C:\Program Files (x86)\IObit\Driver Booster\SkipUacExec.exe (No File)
Shortcut: C:\Users\Demo\Documents\HDD Capacity Restore.lnk -> C:\Program Files (x86)\HDD Capacity Restore\CapacityRestore.exe ()
Shortcut: C:\Users\Demo\Documents\iCloner.lnk -> C:\Program Files (x86)\CopyTrans Suite\iCloner\iCloner.exe (WindSolutions)
Shortcut: C:\Users\Demo\Documents\IObit Malware Fighter.lnk -> C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe (IObit)
Shortcut: C:\Users\Demo\Documents\IObit Uninstaller.lnk -> C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe (IObit)
Shortcut: C:\Users\Demo\Documents\Panda Cloud Cleaner.lnk -> C:\Program Files (x86)\Panda Security\Panda Cloud Cleaner\PCloudCleaner.exe ()
Shortcut: C:\Users\Demo\Documents\Perfect Uninstaller.lnk -> C:\Program Files\Perfect Uninstaller\PU.exe ()
Shortcut: C:\Users\Demo\Documents\Play Plants vs Zombies.lnk -> C:\Program Files (x86)\Plants vs Zombies\LaunchGame.bfg (No File)
Shortcut: C:\Users\Demo\Documents\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Demo\Documents\Smart Defrag 3.lnk -> C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe (IObit)
Shortcut: C:\Users\Demo\Documents\Splashtop Remote Client.lnk -> C:\windows\Installer\{3CBAA9A5-2584-42C6-8A1D-E28CBD7A506D}\clientoobe.exe111_76F26A9526114EE9A6D3ABEE84979385.exe (No File)
Shortcut: C:\Users\Demo\Documents\Spybot - Search & Destroy.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy\SpybotSD.exe (Safer Networking Limited)
Shortcut: C:\Users\Demo\Documents\UserGuide.lnk -> C:\Program Files\TOSHIBA\UserManual\help\Help.exe (TOSHIBA Corporation)
Shortcut: C:\Users\Demo\Documents\VLC media player.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Demo\Desktop\KeePass.lnk -> C:\Program Files (x86)\KeePass Password Safe\KeePass.exe (Dominik Reichl)
Shortcut: C:\Users\Demo\Desktop\VirusTotal Uploader 2.2.lnk -> C:\Program Files (x86)\VirusTotalUploader2\VirusTotalUploader2.2.exe ()
Shortcut: C:\Users\Demo\Desktop\Wonderful_tonight_-_Eric_Clapton - Shortcut.lnk -> C:\Users\Demo\Downloads\Wonderful_tonight_-_Eric_Clapton.mp4 ()
Shortcut: C:\Users\Demo\Desktop\µTorrent.lnk -> C:\Users\Demo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Demo\Desktop\music2\SONGS TO FREE US LOVE WILL KEEP US ALIVE\music for workouts\Christina Perri - A Thousand Years Lyrics - Shortcut.lnk -> C:\Users\Demo\Downloads\Christina Perri - A Thousand Years Lyrics.mp4 ()
Shortcut: C:\Users\Demo\Desktop\Music\Libraries - Shortcut.lnk -> C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Demo\Desktop\GAME SOUND TRACKS\LOVE WILL KEEP US ALIVE eagles-lyrics. - Shortcut.lnk -> C:\Users\Demo\Desktop\GAME SOUND TRACKS\LOVE WILL KEEP US ALIVE eagles-lyrics..mp4 ()
Shortcut: C:\Users\Demo\Desktop\GAME SOUND TRACKS\Miley_Cyrus_-_Wrecking_Ball_lyrics - Shortcut.lnk -> C:\Users\Demo\Downloads\Miley_Cyrus_-_Wrecking_Ball_lyrics.mp4 ()
Shortcut: C:\Users\Demo\Desktop\GAME SOUND TRACKS\The_Cure_-_Lovesong_Official_Video - Shortcut.lnk -> C:\Users\Demo\Downloads\The_Cure_-_Lovesong_Official_Video.mp4 ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\CopyTrans Doctor.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Doctor\CopyTransDoctor.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\CopyTrans Manager.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Manager\CopyTransManager.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\CopyTrans Photo.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Photo\CopyTransPhoto.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\CopyTrans.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans\CopyTrans.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\iCloner.lnk -> C:\Program Files (x86)\CopyTrans Suite\iCloner\iCloner.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\iLibs.lnk -> C:\Program Files (x86)\CopyTrans Suite\iLibs\iLibs.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk -> C:\Users\Demo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop.lnk -> C:\Users\Demo\Desktop ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TCPOptimizer.lnk -> C:\Users\Demo\AppData\Local\temp\dlm3B60.tmp\TCPOptimizer.exe (No File)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\File Explorer.lnk -> C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools\Windows.Defender.lnk -> C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScenicReflections\Living Waterfalls 2\Uninstall Living Waterfalls 2.lnk -> C:\Program Files (x86)\ScenicReflections\Living Waterfalls 2\uninst.exe ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe (VS Revo Group Ltd.)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\CopyTrans Doctor.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Doctor\CopyTransDoctor.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\CopyTrans Manager.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Manager\CopyTransManager.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\CopyTrans Photo.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans Photo\CopyTransPhoto.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\CopyTrans.lnk -> C:\Program Files (x86)\CopyTrans Suite\CopyTrans\CopyTrans.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\iCloner.lnk -> C:\Program Files (x86)\CopyTrans Suite\iCloner\iCloner.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite\iLibs.lnk -> C:\Program Files (x86)\CopyTrans Suite\iLibs\iLibs.exe (WindSolutions)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\SendTo\VirusTotal.lnk -> C:\Program Files (x86)\VirusTotalUploader2\VirusTotalUploader2.2.exe ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -> C:\Users\Demo\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk -> C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Libraries ()
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\01 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\02 - Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\03 - Computer Management.lnk -> C:\Windows\System32\compmgmt.msc ()
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\04 - Disk Management.lnk -> C:\Windows\System32\diskmgmt.msc ()
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\07 - Event Viewer.lnk -> C:\Windows\System32\eventvwr.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\09 - Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group2\4 - Control Panel.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\GameExplorer\{DED9E4CE-2D0E-454D-8498-BA28A2D9C718}\PlayTasks\0\Play.lnk -> C:\Users\Demo\Desktop\HALFLIFE2\hl2.exe ()
Shortcut: C:\Users\Demo\AppData\Local\Microsoft\Windows\GameExplorer\{7670B82E-3D13-4C5C-9DC8-1CD7D370D45C}\PlayTasks\0\Play.lnk -> C:\Users\Demo\Desktop\HALFLIFE 2 EPISODE 2\HALFLIFE 2 EPISODE 2\hl2.exe ()
Shortcut: C:\Users\Public\Desktop\AVG 2014.lnk -> C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
Shortcut: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
Shortcut: C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk -> C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
Shortcut: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\Start Menu 8.lnk -> C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (IObit)
Shortcut: C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware)
Shortcut: C:\Users\Public\Desktop\Yahoo! Messenger.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.)
 
 
 
 
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - toshiba.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp toshibaapj
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> --reset-config --reset-plugins-cache vlc://quit
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk -> C:\Program Files (x86)\VideoLAN\VLC\vlc.exe (VideoLAN) -> -Iskins
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\eco Utility.lnk -> C:\Program Files\TOSHIBA\Teco\TecoResident.exe (TOSHIBA Corporation) -> /UI
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\Supervisor Password.lnk -> C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation) -> /S
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\TOSHIBA Hotkey.lnk -> C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe (TOSHIBA Corporation) -> /Setting
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\Utilities\User Password.lnk -> C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe (Pegatron Corporation) -> /U
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools\Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /7
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk -> C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware) ->  /register
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp\rvlkl.lnk -> C:\ProgramData\rvlkl\rvlkl.exe (Logixoft) -> /b
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files (x86)\Java\jre7\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Uninstaller\Uninstall IObit Uninstaller.lnk -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallDisplay.exe () -> uninstall_start
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(SM) center\Intel AppUp(SM) center.lnk -> C:\Program Files (x86)\Intel\IntelAppStore\bin\AppUp.exe (Intel Corporation) -> --domain F0399437-FD0C-4A48-B101-F0314A6172E4
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Uninstall Google Earth Plug-in.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E} FEEDBACK=1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Casual Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Enthusiast Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Family Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All Kids Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\All MMO Games.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\More Games - WildTangent.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gamesmenuoem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - toshiba.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src gamesmenu /dp toshibaapj
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clickfree Software\Uninstall Clickfree Software.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {1EB9B986-CECA-4E05-B454-C9343EE9DDE7}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{d58eecb0-0816-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=d58eecb0-0816-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{c3c636e0-1b04-11de-8c30-0800200c9a66}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=c3c636e0-1b04-11de-8c30-0800200c9a66 /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{b87f2bde-5d44-4e86-bd37-a71616b35ea6}\PlayTasks\0\Bejeweled 3.lnk -> C:\Program Files (x86)\WildGames\Bejeweled 3\bejeweled3-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{977b5905-4d14-47f1-bbbf-7b92f596695d}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - main\provider.exe (WildTangent) -> /id=977b5905-4d14-47f1-bbbf-7b92f596695d /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{5ae0d760-ddcf-4247-85df-eacefd518e86}\PlayTasks\0\Plants vs. Zombies - Game of the Year.lnk -> C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\plantsvszombies-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{3eda1e54-8889-41f5-a649-5a306789b7ef}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=3eda1e54-8889-41f5-a649-5a306789b7ef /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{26352374-af55-4b53-b07b-6b0288ed97df}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=26352374-af55-4b53-b07b-6b0288ed97df /src gameexploreroem
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{0334682e-f04f-4f03-8b56-d518fdcb7661}\PlayTasks\0\Zuma's Revenge.lnk -> C:\Program Files (x86)\WildGames\Zumas Revenge\zumasrevenge-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\GameExplorer\{000d96f5-8034-4b74-a429-b6f0b04c75f4}\PlayTasks\0\provider.lnk -> C:\Program Files (x86)\WildTangent Games\Game Explorer Categories - genres\provider.exe (WildTangent) -> /id=000d96f5-8034-4b74-a429-b6f0b04c75f4 /src gameexploreroem
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Default\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Demo\Documents\WildTangent Games App - toshiba.lnk -> C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe (WildTangent) -> /src desktop /dp toshibaapj
ShortcutWithArgument: C:\Users\Demo\AppData\Roaming\Yahoo!\Messenger\Shortcut\FRANK PEREZ.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) ->  ymsgr:sendim?frankp747
ShortcutWithArgument: C:\Users\Demo\AppData\Roaming\Yahoo!\Messenger\Shortcut\peter james.lnk -> C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe (Yahoo! Inc.) ->  ymsgr:sendim?pjh000
ShortcutWithArgument: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ScenicReflections\Living Waterfalls 2\Run Living Waterfalls 2.lnk -> C:\Windows\Living Waterfalls 2.scr (Rhode Island Soft Systems, Inc.) -> /s
ShortcutWithArgument: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk -> C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe (VS Revo Group) -> -hunter
ShortcutWithArgument: C:\Users\Demo\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\05 - Device Manager.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DeviceManager
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\06 - System.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.System
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\08 - Power Options.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.PowerOptions
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group3\10 - Programs and Features.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.ProgramsAndFeatures
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group2\1 - Run.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group2\2 - Search.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{2559a1f8-21d7-11d4-bdaf-00c04f60b9f0}
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group2\3 - Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> /e,::{20D04FE0-3AEA-1069-A2D8-08002B30309D}
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group2\5 - Task Manager.lnk -> C:\Windows\System32\Taskmgr.exe (Microsoft Corporation) -> /0
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\WinX\Group1\1 - Desktop.lnk -> C:\Windows\explorer.exe (Microsoft Corporation) -> shell:::{3080F90D-D7AD-11D9-BD98-0000947B0257}
ShortcutWithArgument: C:\Users\Demo\AppData\Local\Microsoft\Windows\GameExplorer\{5ae0d760-ddcf-4247-85df-eacefd518e86}\PlayTasks\0\Plants vs. Zombies - Game of the Year.lnk -> C:\Program Files (x86)\WildGames\Plants vs Zombies - Game of the Year\plantsvszombies-WT.exe (WildTangent, Inc.) -> /launchgc /src gameexplorer
 
 
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3\Smart Defrag Home Page.url -> hxxp://www.iobit.com/iobitsmartdefrag.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter\Home Page.url -> hxxp://www.iobit.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url -> hxxp://www.piriform.com/ccleaner
InternetURL: C:\Users\Default\Favorites\TOSHIBA Recommended Sites\eBay Deals.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-2/4
InternetURL: C:\Users\Default\Favorites\TOSHIBA Recommended Sites\eBay Homepage.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-1/4
InternetURL: C:\Users\Default\Favorites\TOSHIBA Recommended Sites\my eBay.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-3/4
InternetURL: C:\Users\Default\Favorites\TOSHIBA Recommended Sites\Norton Security Microsite.url -> hxxp://now-static.norton.com/now/en/AU_SITE/pu/images/Promotions/2012/tsb_au/index.html
InternetURL: C:\Users\Default\Favorites\TOSHIBA Recommended Sites\WildTangent Games.url -> hxxp://toshiba.wildgames.com/?mc=iefav&DP=toshibaapj
InternetURL: C:\Users\Default\Favorites\TOSHIBA\TOSHIBA Extended Warranty.url -> hxxp://www.mytoshiba.com.au/support/warranty/extra/guard
InternetURL: C:\Users\Default\Favorites\TOSHIBA\TOSHIBA Services & Support.url -> hxxp://www.mytoshiba.com.au/support
InternetURL: C:\Users\Default\Favorites\Links\1. WildTangent.url -> hxxp://toshiba.wildgames.com/?mc=iefav&DP=toshibaapj
InternetURL: C:\Users\Default\Favorites\Links\2. eBay Homepage.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-1/4
InternetURL: C:\Users\Default\Favorites\Links\3. eBay Deals.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-2/4
InternetURL: C:\Users\Default\Favorites\Links\4. my eBay.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-3/4
InternetURL: C:\Users\Default\Favorites\Links\5. Norton Security Microsite.url -> hxxp://now-static.norton.com/now/en/AU_SITE/pu/images/Promotions/2012/tsb_au/index.html
InternetURL: C:\Users\Demo\Favorites\Bing.url -> hxxp://go.microsoft.com/fwlink/p/?LinkId=255142
InternetURL: C:\Users\Demo\Favorites\TOSHIBA Recommended Sites\eBay Deals.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-2/4
InternetURL: C:\Users\Demo\Favorites\TOSHIBA Recommended Sites\eBay Homepage.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-1/4
InternetURL: C:\Users\Demo\Favorites\TOSHIBA Recommended Sites\my eBay.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-3/4
InternetURL: C:\Users\Demo\Favorites\TOSHIBA Recommended Sites\Norton Security Microsite.url -> hxxp://now-static.norton.com/now/en/AU_SITE/pu/images/Promotions/2012/tsb_au/index.html
InternetURL: C:\Users\Demo\Favorites\TOSHIBA Recommended Sites\WildTangent Games.url -> hxxp://toshiba.wildgames.com/?mc=iefav&DP=toshibaapj
InternetURL: C:\Users\Demo\Favorites\TOSHIBA\TOSHIBA Extended Warranty.url -> hxxp://www.mytoshiba.com.au/support/warranty/extra/guard
InternetURL: C:\Users\Demo\Favorites\TOSHIBA\TOSHIBA Services & Support.url -> hxxp://www.mytoshiba.com.au/support
InternetURL: C:\Users\Demo\Favorites\Links\1. WildTangent.url -> hxxp://toshiba.wildgames.com/?mc=iefav&DP=toshibaapj
InternetURL: C:\Users\Demo\Favorites\Links\2. eBay Homepage.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-1/4
InternetURL: C:\Users\Demo\Favorites\Links\3. eBay Deals.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-2/4
InternetURL: C:\Users\Demo\Favorites\Links\4. my eBay.url -> hxxp://rover.ebay.com/rover/1/705-142447-44013-3/4
InternetURL: C:\Users\Demo\Favorites\Links\5. Norton Security Microsite.url -> hxxp://now-static.norton.com/now/en/AU_SITE/pu/images/Promotions/2012/tsb_au/index.html
InternetURL: C:\Users\Demo\Favorites\Links\Sign in to Yahoo.url -> https://login.yahoo.com/config/login_verify2?.intl=ph&.src=ym
InternetURL: C:\Users\Demo\Downloads\Virtual DJ v7.4 PRO + Crack [ChattChitto RG]\ChattChitto RG.url -> hxxp://chattchitto.com/forum
InternetURL: C:\Users\Demo\Downloads\Paint Your Wagon 1969 XviD Clint Eastwood, Lee Marvin [Honeyko]\VLC Media Player.url -> hxxp://www.videolan.org/vlc/
InternetURL: C:\Users\Demo\Downloads\Grand Theft Auto - Vice City (with trainer)(1-click run)\Uninstall Information.url -> hxxp://www.friendsinwar.com/information.php
 
==================== End of log =============================
 
 
==================== End Of Log ============================


#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:09 PM

Posted 14 July 2014 - 07:55 PM

I see no important issues in this system. Perhaps some adware.
 
 
Download AdwCleaner from here or from here. Save the file to the desktop.
 
 
NOTE: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.
 
Close all open windows and browsers.

 

  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:

AdwScan.jpg?
 

  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove.
  • Click the Clean button.
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.Once done it will ask to reboot, allow this

adwcleaner_delete_restart.jpg
 

  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 frankp747

frankp747
  • Topic Starter

  • Members
  • 258 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:New Jersey , Puerto Rico ,Philippines
  • Local time:01:09 PM

Posted 14 July 2014 - 09:20 PM

Hi here is the adwarelog below,

 

# AdwCleaner v3.215 - Report created 15/07/2014 at 10:13:24
# Updated 09/07/2014 by Xplode
# Operating System : Windows 8  (64 bits)
# Username : Demo - TOSHIBA
# Running from : C:\Users\Demo\Desktop\AdwCleaner (2).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[x] Not Deleted : C:\ProgramData\rvlkl
[x] Not Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\rvlkl.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v10.0.9200.17028
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
[ File : C:\Users\Demo\AppData\Roaming\Mozilla\Firefox\Profiles\pb0j2syr.default\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Demo\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Extension] : gkcefkcdkepgkpbgncjchhbjgoanleod
 
*************************
 
AdwCleaner[R0].txt - [2175 octets] - [21/04/2014 00:39:29]
AdwCleaner[R1].txt - [1699 octets] - [10/06/2014 13:56:58]
AdwCleaner[R2].txt - [1467 octets] - [13/07/2014 00:48:02]
AdwCleaner[R3].txt - [1406 octets] - [15/07/2014 10:11:02]
AdwCleaner[S0].txt - [2249 octets] - [21/04/2014 00:41:41]
AdwCleaner[S1].txt - [1781 octets] - [10/06/2014 14:00:39]
AdwCleaner[S2].txt - [1544 octets] - [13/07/2014 00:51:24]
AdwCleaner[S3].txt - [1337 octets] - [15/07/2014 10:13:24]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1397 octets] ##########


#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 10,840 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:02:09 PM

Posted 15 July 2014 - 09:11 AM

Download the enclosed file. [attachment=152408:fixlist.txt]

 

Save it in the same position FRST is saved,

 

Run FRST, except that this time around, click on the Fix button and wait.

 

The tool will make a log in the same location FRST is saved (Fixlog.txt), Please post it to your reply.
 

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users