Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Process running continues to open by itself


  • This topic is locked This topic is locked
22 replies to this topic

#1 Tr1pkt12

Tr1pkt12

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 07 January 2015 - 03:51 AM

My computer has run into trouble because there are many process running that can be stopped and is eating up my CPU. I had them for awhile now because I have no idea to get rid of them and there are three of them I'm worried about.

 

1. schtasks.exe: I know this supposedly  apart of my computer however it is running from an empty file that is non existent at C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate. It usually opens 5 or 6 processes that can be ended through Task Manager but doing so wouldn't do much as it will reopen more of itself.

 

2. iexplorer.exe: I don't even use internet explorer but it happens to have 4 processes open that has the problem of reopening itself automatically. The browser doesn't even appear on screen which worry me. Another thing is every time I exit my computer, my screen will blink black multiples of times which I believe is the invisible programs closing. Sometimes when this is happening, I will get a quick glimpse for a second, along with the black blinks, of a website I haven't open before shutting down. Only thing I can make of this is that there are invisible websites open that my computer can't detect.

 

3.ofsiy.exe: I don't believe the name for this is needed much as it will sometimes appear with different names. The one I had before was yzubyyg.exe but it changed it's name when I attempted to block it with protective programs. One thing that stays consistent with this one is that the description of the process will stay the same. The description is "Eraem Vire Studaa 2021" but I can't make any thing out of it.

This one I'm most concern about is that it will open itself automatically until it reaches 10 processes and sometimes more. Every time I end a process, it will slowly but surely open itself again. This process resides in a file at C:\Users\1\AppData\Roaming\Onqyte that only has a application in it. I once tried to delete the application and the folder that it's in by removing the processes really quickly then deleting them. I manage to do it but it will just resurrect itself and continue what it's doing. I also think that this could be the cause of the black blinks when I shut don't my computer.

 

This is a major problem with my computer as these processes will use up CPU, slow down my computer and is a possibly a source for some sort of virus or malware. I'm not sure if the is a virus or not but I need help either way. If anyone has any solutions to these problems or suggestions, I would appreciate it if you would replay. Many Thanks.

Attached Files



BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:58 AM

Posted 07 January 2015 - 04:33 PM

Hey my friend, :)

my Name is Machiavelli and I will assist you with your problem.   :exclame: The fixes are specific to your problem and should only be used for the issue on your machine!  :exclame:
 
I'm in the 'Malware Staff Team' and will provide you with advice:
To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.
 
You must reply to posts within days. If you haven't replied within 4 days your topic will be closed. If you go away for some time please let me know. Communication is a important part here! If you are unsure about something - STOP - and ask me. No need to be afraid of asking - better ask than doing a mistake. Mistakes can lead to an unbootable PC! I would recommend to follow the topic by clicking on the Follow this topic button - you will get notified when I have replied to your topic.
 

:exclame: Below are a few tips :exclame:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

3. indicates Malware. But don't worry, we'll fix it.

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 Tr1pkt12

Tr1pkt12
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 08 January 2015 - 01:39 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by 1 (administrator) on SEAN-PC on 08-01-2015 12:35:56
Running from C:\Users\1\Downloads
Loaded Profiles: 1 & UpdatusUser (Available profiles: 1 & UpdatusUser & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Bitberry Software) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
( ) C:\Windows\System32\dleacoms.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
() C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Eraem Corniratu) C:\Users\1\AppData\Roaming\Viemwyx\yzubygg.exe
(BitTorrent Inc.) C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe
(iBryte) C:\Program Files (x86)\iBryte\playbryte\iBryteDesktop.exe
(Chicony) C:\Program Files (x86)\Thermaltake Challenger Pro\Ttsystray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-01-06] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [iBryte playbryte Desktop] => C:\Program Files (x86)\iBryte\playbryte\ibrytedesktop.exe [163840 2012-01-08] (iBryte)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ChallengerPro] => C:\Program Files (x86)\Thermaltake Challenger Pro\Ttsystray.exe [1254912 2010-06-21] (Chicony)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2640408 2014-08-25] ()
HKLM-x32\...\Run: [Erhozecoz] => C:\Users\1\AppData\Roaming\Viemwyx\yzubygg.exe [505019 2015-01-07] (Eraem Corniratu)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [Ebboz] => C:\Users\1\AppData\Roaming\Onqyte\ofsiy.exe [505504 2012-06-12] (Eraem Corniratu)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-07] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584 2014-04-21] (IObit)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [BRS] => C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe [1074688 2014-09-08] ()
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Ehjxtion] => regsvr32.exe C:\Users\1\AppData\Local\Ehjxtion\hcwWebInit80.dll <===== ATTENTION
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Iddbsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\1\AppData\Local\IXTsoft\btbGLSvc16.dll
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Erhozecoz] => C:\Users\1\AppData\Roaming\Viemwyx\yzubygg.exe [505019 2015-01-07] (Eraem Corniratu)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [schtasks] => C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe [135168 2014-03-04] ()
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [uTorrent] => C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe [1378640 2015-01-06] (BitTorrent Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Ebboz] => C:\Users\1\AppData\Roaming\Onqyte\ofsiy.exe [505504 2012-06-12] (Eraem Corniratu)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\RunOnce: [schtasks] => C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe [135168 2014-03-04] ()
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Policies\Explorer: [Run] "C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe"
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\MountPoints2: D - D:\DVDSetup.exe
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\MountPoints2: {5f52180a-2ea5-11e0-b118-806e6f6e6963} - D:\Setup.EXE
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Command Processor: "C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe" <===== ATTENTION!
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\schtasks.lnk
ShortcutTarget: schtasks.lnk -> C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Users\1\AppData\Local\Temp\DellDock.exe (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
URLSearchHook: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {27C03B0B-EA15-4533-9540-1AE7E9F1428F} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {EEE6C360-6118-11DC-9C72-001320C79847} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> {A4300A8E-C6CC-4609-A26E-5B84F99901F7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> 465565C4B53F476488575E0777CF8CAB URL = http://search.babylon.com/?q={searchTerms}&affID=109935&tt=200612_n_mont&babsrc=SP_ss&mntrId=926bb279000000000000842b2b8f341e
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = http://start.facemoods.com/?a=adknlg&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071913&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {27C03B0B-EA15-4533-9540-1AE7E9F1428F} URL = 
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {57CDC018-35BB-4A5E-8067-2E6E628FC6EB} URL = http://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&pr=sa&d=2013-08-27 02:00:18&v=15.6.1.2&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {80C9D3B8-EDA4-49F7-83C3-B90BB20EAB24} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {8479186C-4CAE-428C-B70A-C2F9191DB716} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {91607fa7-3c2f-4f90-93e3-d5337a6b0ac2} URL = playbryte/search/redirect/?type=default&user_id=d75ec895-754d-4667-8917-1e943e63c69d&query={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search-results.com/sr?src=ieb&appid=101&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {9EA88A2B-A1D9-4D81-B907-F06D1FA7C373} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {BF420FCC-C96F-4378-9B61-222F9429E5AA} URL = http://websearch.ask.com/custom/java/redirect?client=ie&tb=ORJ&o=100000030&src=kw&q={searchTerms}&locale=&apn_ptnrs=TV&apn_dtid=OSJ000
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Qwiklinx -> {3E7C8B5A-96AB-438F-BF9B-782400655440} -> C:\Users\1\AppData\Roaming\Qwiklinx\Qwiklinx.dll (Qwiklinx, Inc.)
BHO-x32: PlayBryte BHO -> {61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
BHO-x32: No Name -> {bb46be07-13eb-4c49-b0f0-fc78b9ea4983} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM - No Name - !{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} -  No File
Toolbar: HKLM-x32 - No Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM-x32 - No Name - !{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.1.9.799\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM-x32 - No Name - {3004627E-F8E9-4E8B-909D-316753CBA923} -  No File
Toolbar: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0D9E443E-C250-4392-B51A-9D9BFB0757A7}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{4584B1C6-466D-408A-80C3-2D8483BE9C27}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{AB6D0BB6-3D6E-4ABC-A299-0D91F30C3431}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{EDA269E2-391C-479D-9B71-1FCE3FA82C8C}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3031066903-3856787413-868265610-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3031066903-3856787413-868265610-1006: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-08-25]
FF HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: Default -> https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Sad Panda) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-01-15]
CHR Extension: (4chan X) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-06-15]
CHR Extension: (uTorrentControl_v6) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp [2013-05-25]
CHR Extension: (EditThisCookie) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-01-15]
CHR Extension: (Last.fm Scrobbler) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2014-01-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-04]
CHR Extension: (AVG SafeGuard) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-04-22]
CHR Extension: (Google Wallet) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR Extension: (Better History) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2014-02-02]
CHR Extension: (4chan Plus) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj [2014-06-15]
CHR Extension: (4chan Media Player) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppapgpglcdbdkemapmhjnjdhabmmhgid [2014-01-20]
CHR Profile: C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-25]
CHR Extension: (Google Drive) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-25]
CHR Extension: (YouTube) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-25]
CHR Extension: (uTorrentControl_v6) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp [2013-05-25]
CHR Extension: (Google Search) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-25]
CHR Extension: (Make this page red) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo [2013-05-25]
CHR Extension: (SiteAdvisor) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-05-25]
CHR Extension: (Wajam) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-05-25]
CHR Extension: (Norton Identity Protection) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-05-25]
CHR Extension: (Gmail) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-25]
CHR HKLM\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
CHR HKLM\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\1\AppData\Local\mysearchdial-speeddial.crx [2013-09-02]
CHR HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\1\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-03-26]
CHR HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Chrome\Extension: [dleekdifoepfadaikncodjgnkkffkccd] - C:\Users\1\AppData\Local\BostonMarketOne.crx [2013-08-19]
CHR HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Chrome\Extension: [hnofepcmbghfcimfbjicplikedjcnalm] - C:\Users\1\AppData\Local\CouponsMalibu.crx [2013-09-03]
CHR HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
CHR HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\1\AppData\Local\mysearchdial-speeddial.crx [2013-09-02]
CHR HKLM-x32\...\Chrome\Extension: [bopakagnckmlgajfccecajhnimjiiedh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [cflheckfmhopnialghigdlggahiomebp] - C:\Users\1\AppData\Local\CRE\cflheckfmhopnialghigdlggahiomebp.crx [2013-03-26]
CHR HKLM-x32\...\Chrome\Extension: [dnfaglepmjgohnkcoieaijlheabmcdeo] - C:\Users\1\AppData\Roaming\Qwiklinx\Qwiklinx.crx [2012-07-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\1\AppData\Local\Google\Chrome\\User Data\\Default\\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2013-05-25]
CHR HKLM-x32\...\Chrome\Extension: [pfkfdlcdbajamklbneflfbcmfgddmpae] - No Path
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\1\AppData\Local\mysearchdial-speeddial.crx [2013-09-02]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiSpywareService; C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe [616408 2009-06-17] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-27] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5179760 2014-06-18] (Binary Fortress Software)
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-05-21] ( )
R2 dlea_device; C:\Windows\SysWOW64\dleacoms.exe [593920 2009-12-09] ( )
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-11-03] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-17] (Electronic Arts)
R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-15] (AVG Secure Search)
S2 0172931388640400mcinstcleanup; C:\Users\1\AppData\Local\Temp\017293~1.EXE -cleanup -nolog [X]
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-15] (AVG Technologies)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-06] (REALiX™)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-01-05] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-08 12:35 - 2015-01-08 12:36 - 00040105 _____ () C:\Users\1\Downloads\FRST.txt
2015-01-08 12:34 - 2015-01-08 12:35 - 00000000 ____D () C:\FRST
2015-01-08 12:29 - 2015-01-08 12:34 - 02124288 _____ (Farbar) C:\Users\1\Downloads\FRST64.exe
2015-01-08 12:09 - 2015-01-08 12:09 - 00021526 _____ () C:\Users\1\Desktop\attach.txt
2015-01-08 12:09 - 2015-01-08 12:08 - 00029922 _____ () C:\Users\1\Desktop\dds.txt
2015-01-08 12:04 - 2015-01-08 10:00 - 00057810 _____ () C:\Users\1\Downloads\[HorribleSubs] Tokyo Ghoul Root A - 01 [1080p].mkv.torrent
2015-01-08 12:00 - 2015-01-08 12:05 - 00688992 ____R (Swearware) C:\Users\1\Downloads\dds.com
2015-01-08 11:22 - 2015-01-08 11:23 - 00069492 _____ (Swearware) C:\Users\1\Downloads\5F11.tmp
2015-01-08 11:22 - 2015-01-08 11:22 - 00057810 _____ () C:\Users\1\Downloads\3FBC.tmp
2015-01-08 11:21 - 2015-01-08 11:21 - 00057810 _____ () C:\Users\1\Downloads\E1BE.tmp
2015-01-08 11:14 - 2015-01-08 11:18 - 00177136 _____ (Swearware) C:\Users\1\Downloads\Unconfirmed 252798.crdownload
2015-01-08 07:11 - 2015-01-08 07:12 - 00024935 _____ () C:\Users\1\Downloads\[kickass.so]american.horror.story.s04e11.hdtv.x264.killers.ettv.torrent
2015-01-07 01:41 - 2015-01-07 01:42 - 00000000 ____D () C:\Program Files\Zune
2015-01-07 01:41 - 2015-01-07 01:41 - 00000929 _____ () C:\Users\Public\Desktop\Zune.lnk
2015-01-07 01:41 - 2015-01-07 01:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2015-01-07 01:36 - 2015-01-07 01:36 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\Program Files\iTunes
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\Program Files\iPod
2015-01-07 01:36 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-07 01:21 - 2015-01-07 01:24 - 00010395 _____ () C:\Users\1\Documents\Uninstall STAR WARS The Old Republic.log
2015-01-07 01:14 - 2015-01-07 01:14 - 00002878 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_1
2015-01-07 00:31 - 2015-01-07 00:31 - 00000000 ____D () C:\Users\1\AppData\Roaming\Viemwyx
2015-01-07 00:29 - 2015-01-07 00:29 - 00002846 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (1)
2015-01-07 00:01 - 2015-01-08 11:45 - 00000448 _____ () C:\Windows\setupact.log
2015-01-07 00:01 - 2015-01-07 00:01 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 00:00 - 2015-01-08 10:38 - 00001982 _____ () C:\Windows\PFRO.log
2015-01-06 20:56 - 2015-01-06 20:56 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-06 20:54 - 2015-01-06 20:54 - 00545200 _____ (Sun Microsystems, Inc.) C:\Windows\system32\npdeployJava1.dll
2015-01-06 20:54 - 2015-01-06 20:54 - 00196528 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaws.exe
2015-01-06 20:54 - 2015-01-06 20:54 - 00172976 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaw.exe
2015-01-06 20:54 - 2015-01-06 20:54 - 00172976 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00162224 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00149936 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00149936 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-06 20:51 - 2015-01-06 20:51 - 47899136 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 40987136 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2015-01-06 20:51 - 2015-01-06 20:51 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2015-01-06 20:51 - 2015-01-06 20:51 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00843776 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00765851 _____ () C:\Windows\system32\amdicdxx.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00734861 _____ () C:\Windows\system32\atiicdxx.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00631912 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2015-01-06 20:51 - 2015-01-06 20:51 - 00631912 _____ () C:\Windows\system32\atiapfxx.blb
2015-01-06 20:51 - 2015-01-06 20:51 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00323252 _____ () C:\Windows\system32\ativvaxy_vi.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00321712 _____ () C:\Windows\system32\ativvaxy_vi_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 00238144 _____ () C:\Windows\system32\ativvaxy_cz_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00234292 _____ () C:\Windows\system32\ativvaxy_cik.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00232624 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00158944 _____ () C:\Windows\system32\ativce03.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00157248 _____ () C:\Windows\system32\amde31a.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00140240 _____ () C:\Windows\system32\samu_krnl_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00138832 _____ () C:\Windows\system32\samu_krnl_isv_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00083312 _____ () C:\Windows\system32\ativce02.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00046128 _____ () C:\Windows\system32\kapp_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00041936 _____ () C:\Windows\system32\kapp_si.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-06 20:50 - 2015-01-06 20:50 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-06 20:50 - 2015-01-06 20:50 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00110080 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00094720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00082048 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00042624 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-06 20:28 - 2015-01-08 12:00 - 00000772 _____ () C:\Windows\Tasks\Security Center Update - 3559000896.job
2015-01-06 20:28 - 2015-01-06 20:28 - 00003772 _____ () C:\Windows\System32\Tasks\Security Center Update - 3559000896
2015-01-06 20:28 - 2015-01-06 20:28 - 00000000 ____D () C:\Users\1\AppData\Roaming\Onqyte
2015-01-06 20:14 - 2015-01-08 11:50 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-06 20:14 - 2015-01-06 20:56 - 00002036 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-01-06 20:14 - 2015-01-06 20:14 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-01-06 20:14 - 2015-01-06 20:14 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2015-01-06 20:14 - 2015-01-06 20:14 - 00003164 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-01-06 20:14 - 2015-01-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-01-06 20:10 - 2015-01-06 20:10 - 00001135 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-01-06 20:10 - 2015-01-06 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-01-06 06:19 - 2015-01-06 06:19 - 00000000 ____D () C:\Users\1\Downloads\MusicBeeSetup_2_4
2015-01-06 06:02 - 2015-01-06 06:05 - 00447216 _____ () C:\Users\1\Downloads\MusicBeeSetup_2_4.zip
2015-01-06 05:56 - 2013-03-01 20:28 - 00000000 ____D () C:\Users\1\Downloads\Disc2
2015-01-06 05:56 - 2013-03-01 20:28 - 00000000 ____D () C:\Users\1\Downloads\Disc1
2015-01-06 02:08 - 2015-01-06 02:09 - 480055602 _____ () C:\Users\1\Downloads\[Asenshi] Yuri Kuma Arashi - 01 [97E8C378].mkv
2015-01-06 02:08 - 2015-01-06 02:08 - 00036898 _____ () C:\Users\1\Downloads\[Asenshi] Yuri Kuma Arashi - 01 [97E8C378].mkv.torrent
2015-01-06 02:05 - 2015-01-06 02:05 - 00681472 _____ () C:\Users\1\Downloads\MicrosoftFixit50577.msi
2015-01-06 01:47 - 2015-01-06 01:47 - 00000850 _____ () C:\Users\1\Desktop\µTorrent.lnk
2015-01-06 01:46 - 2015-01-08 12:35 - 00000000 ____D () C:\Users\1\AppData\Roaming\uTorrent
2015-01-06 01:45 - 2015-01-06 01:46 - 00013824 ___SH () C:\Users\1\AppData\Roaming\Thumbs.db
2015-01-06 01:43 - 2015-01-06 01:50 - 105664248 _____ (Microsoft Corporation) C:\Users\1\Downloads\ZuneSetupPkg.exe
2015-01-06 00:52 - 2015-01-06 00:56 - 00179022 _____ (Microsoft Corporation) C:\Users\1\Downloads\36B5.tmp
2015-01-06 00:52 - 2015-01-06 00:56 - 00176946 _____ (Binary Fortress Software ) C:\Users\1\Downloads\4670.tmp
2015-01-06 00:52 - 2015-01-06 00:52 - 00001153 _____ () C:\Users\1\Desktop\decrypt_pclock - Shortcut.lnk
2015-01-06 00:42 - 2015-01-06 00:42 - 00000000 ____D () C:\b42a65637331628260f4e35af1
2015-01-06 00:24 - 2015-01-06 00:24 - 00000000 ____D () C:\99a128ea5f3c7990a4cf
2015-01-05 23:13 - 2015-01-05 23:10 - 00736224 _____ (Emsisoft Ltd) C:\Users\1\Downloads\decrypt_pclock.exe
2015-01-05 22:43 - 2015-01-06 20:11 - 00128200 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-01-05 22:36 - 2015-01-05 22:36 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll
2015-01-05 22:35 - 2015-01-06 01:28 - 00000000 ____D () C:\ProgramData\Foolish IT
2015-01-05 22:35 - 2015-01-05 22:35 - 00971528 _____ (Foolish IT LLC ) C:\Users\1\Downloads\CryptoPreventSetup.exe
2015-01-05 21:01 - 2015-01-05 21:01 - 00128200 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-01-05 16:49 - 2015-01-05 16:49 - 00894277 ____R () C:\Users\1\enc_files.txt
2015-01-05 16:14 - 2015-01-05 16:13 - 00241664 ____R () C:\Users\1\Downloads\pclock_backup.dat
2015-01-04 09:27 - 2015-01-04 09:27 - 00035195 ____R () C:\Users\1\Downloads\[kickass.so]neon.genesis.evangelion.episode.1.26.480p.hi10p.aac.dual.audio.2d4u.torrent
2015-01-02 19:25 - 2015-01-08 12:00 - 00000780 _____ () C:\Windows\Tasks\Security Center Update - 1800836312.job
2015-01-02 19:25 - 2015-01-02 19:25 - 00003780 _____ () C:\Windows\System32\Tasks\Security Center Update - 1800836312
2015-01-02 01:47 - 2015-01-04 04:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 __SHD () C:\Users\1\AppData\Local\EmieBrowserModeList
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 ____D () C:\Users\1\AppData\Local\IXTsoft
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 ____D () C:\Users\1\AppData\Local\Ehjxtion
2015-01-01 20:17 - 2015-01-01 20:17 - 00001933 ____R () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-01-01 20:17 - 2015-01-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-01-01 20:17 - 2015-01-01 20:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-12-28 16:05 - 2015-01-01 20:17 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-12-24 13:32 - 2014-12-24 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-20 15:26 - 2014-12-20 15:26 - 00000222 ____R () C:\Users\1\Desktop\The Binding of Isaac Rebirth.url
2014-12-18 01:54 - 2014-12-18 01:54 - 00878408 ____R () C:\Users\1\Downloads\org.thebigboss.homescreendesigner_v1.2.2-5_iphoneos-arm.deb
2014-12-17 23:50 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 23:50 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 00:35 - 2014-12-17 00:35 - 00022528 ____R () C:\Users\1\AppData\Local\dsisetup338801722.exe
2014-12-15 22:55 - 2015-01-05 23:23 - 00000000 ____D () C:\Users\1\Downloads\JailBreak
2014-12-15 19:48 - 2014-12-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-15 19:48 - 2014-12-15 19:48 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-14 17:59 - 2014-12-14 17:59 - 00000000 ____D () C:\ProgramData\Avg_Update_1214tb
2014-12-12 01:29 - 2015-01-05 16:54 - 00042433 __RSH () C:\Users\1\Downloads\Folder.jpg.decbak
2014-12-12 01:29 - 2015-01-05 16:54 - 00007475 __RSH () C:\Users\1\Downloads\AlbumArtSmall.jpg.decbak
2014-12-09 23:41 - 2015-01-05 16:54 - 00061583 ____R () C:\Users\1\Downloads\hahaitsyuushatime.mp3.decbak
2014-12-09 22:20 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2014-12-09 22:12 - 2014-12-09 22:15 - 17114432 ____R (DsNET Corp ) C:\Users\1\Downloads\aTube_Catcher_ATU3_8001.exe
2014-12-09 16:58 - 2014-12-09 16:58 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-09 15:50 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 15:50 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 15:50 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 15:50 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 15:50 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 15:50 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 15:50 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 15:50 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 15:50 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 15:50 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 15:50 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 15:50 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 15:50 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 15:50 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 15:50 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 15:50 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 15:50 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 15:50 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 15:50 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 15:50 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 15:50 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 15:50 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 15:50 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 15:50 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 15:50 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 15:50 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 15:50 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 15:50 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 15:50 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 15:50 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 15:50 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 15:50 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 15:50 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 15:50 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 15:50 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 15:50 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 15:50 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 15:50 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 15:50 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 15:50 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 15:50 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 15:50 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 15:50 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 15:50 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 15:50 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 15:50 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 15:50 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 15:50 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 15:50 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 15:50 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 15:50 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 15:50 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 15:50 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 15:50 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 15:50 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 15:50 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-08 12:30 - 2011-04-28 19:35 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-08 12:19 - 2013-09-02 02:19 - 00000276 _____ () C:\Windows\Tasks\MySearchDial.job
2015-01-08 12:02 - 2013-05-25 02:02 - 00000542 _____ () C:\Windows\Tasks\DGChrome31095 Watcher.job
2015-01-08 12:02 - 2011-10-19 16:52 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000UA.job
2015-01-08 11:58 - 2013-09-11 15:13 - 00000410 _____ () C:\Windows\Tasks\DriverUpdate Startup.job
2015-01-08 11:58 - 2012-10-10 21:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 11:55 - 2009-07-13 22:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 11:55 - 2009-07-13 22:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 11:52 - 2011-06-18 15:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 11:51 - 2009-07-13 23:10 - 01964644 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 11:50 - 2011-02-02 00:49 - 00000000 ___HD () C:\ProgramData\Sonic
2015-01-08 11:48 - 2013-09-11 15:13 - 00002828 _____ () C:\Windows\System32\Tasks\DriverUpdate Startup
2015-01-08 11:47 - 2014-01-23 18:32 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-01-08 11:47 - 2014-01-23 18:32 - 00000950 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-01-08 11:47 - 2011-12-30 19:33 - 00000000 ____D () C:\Users\1\AppData\Local\LogMeIn Hamachi
2015-01-08 11:47 - 2011-02-02 00:34 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-01-08 11:46 - 2012-05-25 19:52 - 00000406 _____ () C:\Windows\Tasks\PC Optimizer Pro64 startups.job
2015-01-08 11:46 - 2012-05-25 19:43 - 00000394 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-01-08 11:46 - 2011-06-18 15:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 11:46 - 2011-02-02 01:05 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-01-08 11:46 - 2011-02-02 01:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-01-08 11:45 - 2012-04-29 17:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-08 11:45 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 11:00 - 2012-11-04 16:38 - 00000402 _____ () C:\Windows\Tasks\PC Optimizer Pro64 Scan.job
2015-01-08 07:26 - 2012-05-25 20:06 - 00000000 ____D () C:\Users\1\AppData\Roaming\Apple Computer
2015-01-08 06:42 - 2013-10-03 14:45 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-07 02:48 - 2013-06-20 03:12 - 00000000 ____D () C:\Users\1\AppData\Local\Paint.NET
2015-01-07 01:36 - 2013-11-05 23:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-07 01:21 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-07 01:20 - 2014-01-01 23:46 - 00000000 ____D () C:\Users\1\AppData\Roaming\IObit
2015-01-07 01:15 - 2013-01-15 16:07 - 00000000 ____D () C:\Users\1\AppData\Local\Sony
2015-01-07 01:14 - 2014-01-01 23:50 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-07 01:02 - 2011-10-19 16:52 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000Core.job
2015-01-07 00:59 - 2011-08-04 07:55 - 00000000 ___HD () C:\Program Files (x86)\Steam
2015-01-07 00:01 - 2009-07-13 22:45 - 05086048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-06 20:56 - 2012-04-29 17:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-06 20:55 - 2012-12-11 00:01 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-01-06 20:55 - 2012-10-10 21:06 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 20:55 - 2012-10-10 21:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-06 20:55 - 2011-06-18 15:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-06 20:54 - 2011-02-02 00:27 - 00526768 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll
2015-01-06 20:53 - 2012-12-02 14:11 - 00477616 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2015-01-06 20:53 - 2011-02-02 00:27 - 00473520 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2015-01-06 20:52 - 2013-01-11 21:21 - 00000000 ____D () C:\Program Files\AMD
2015-01-06 20:51 - 2012-12-19 13:56 - 00774656 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-01-06 20:51 - 2012-12-19 13:56 - 00244736 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-01-06 20:51 - 2012-12-19 13:33 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-01-06 20:51 - 2012-06-11 11:24 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-01-06 20:51 - 2012-06-11 11:23 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-01-06 20:51 - 2012-06-11 11:01 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-01-06 20:51 - 2012-06-11 10:45 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-01-06 20:51 - 2012-06-11 10:43 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-01-06 20:51 - 2012-06-11 10:25 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-01-06 20:51 - 2012-06-11 10:24 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-01-06 20:51 - 2011-02-02 02:22 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-06 20:14 - 2012-03-11 04:28 - 00000000 ____D () C:\ProgramData\IObit
2015-01-06 20:14 - 2012-03-11 04:28 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-01-06 19:56 - 2011-02-02 00:29 - 00000000 ___HD () C:\ProgramData\Adobe
2015-01-06 19:55 - 2011-02-02 00:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-06 19:50 - 2014-03-22 02:24 - 00000000 ____D () C:\Program Files (x86)\AskPartnerNetwork
2015-01-06 19:50 - 2011-11-11 08:49 - 00000000 ___HD () C:\Users\c
2015-01-06 06:04 - 2014-10-18 15:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-06 06:03 - 2012-05-25 20:04 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-06 06:01 - 2014-04-14 00:01 - 00000000 ____D () C:\Users\1\Downloads\Media
2015-01-06 02:00 - 2012-01-03 18:53 - 00000000 ____D () C:\Users\1\AppData\Local\Adobe
2015-01-06 01:51 - 2012-11-05 17:39 - 00000000 ____D () C:\Users\1\AppData\Roaming\DisplayFusion
2015-01-06 01:44 - 2013-05-19 20:26 - 00000000 ____D () C:\uTorrent
2015-01-06 00:58 - 2012-01-08 21:32 - 00001481 _____ () C:\prefs.js
2015-01-06 00:36 - 2012-11-05 18:20 - 00000000 ____D () C:\Users\1\Desktop\Word Projects
2015-01-06 00:36 - 2012-03-11 04:26 - 00000000 ____D () C:\Users\1\AppData\Roaming\Mozilla
2015-01-06 00:10 - 2012-05-21 19:03 - 00000000 ___RD () C:\Users\1\Podcasts
2015-01-05 23:23 - 2012-03-02 17:21 - 00000000 ____D () C:\Users\1\Downloads\Display_ATI_WSW7_3264_8.850.0.0000
2015-01-05 23:22 - 2014-07-27 06:28 - 96259306 _____ () C:\Users\1\Downloads\[DeadFish] Non Non Biyori - OVA [DVD][480p][AAC].mp4
2015-01-05 23:21 - 2014-11-19 20:15 - 01380214 _____ () C:\Users\1\Downloads\Guide to installing carrier hacks.pptx
2015-01-05 23:21 - 2014-10-28 21:09 - 00238820 _____ () C:\Users\1\Downloads\ZuseMe.zip
2015-01-05 23:21 - 2014-10-21 22:44 - 00000000 ____D () C:\Users\1\Documents\Photoshop
2015-01-05 23:21 - 2014-09-16 17:13 - 00000000 ____D () C:\Users\1\Documents\Samantha Stuff
2015-01-05 23:21 - 2014-02-19 00:06 - 28017951 _____ () C:\Users\1\Downloads\[774 Nanashi] Nagatoro's Sandbag.zip
2015-01-05 23:21 - 2014-01-22 15:15 - 00000000 ____D () C:\Users\1\Documents\Outlook Files
2015-01-05 23:21 - 2013-06-20 22:00 - 272523981 _____ () C:\Users\1\Downloads\amd_9002_v78_vga.zip
2015-01-05 23:21 - 2013-06-20 22:00 - 09456943 _____ () C:\Users\1\Downloads\amd_9002_v78_vga.zip.part
2015-01-05 23:21 - 2012-12-09 00:50 - 20659071 _____ () C:\Users\1\Downloads\Fallout.zip
2015-01-05 23:21 - 2012-05-04 21:47 - 00000000 ____D () C:\Users\1\Documents\Records
2015-01-05 23:21 - 2012-04-22 18:09 - 00002378 _____ () C:\Users\1\Documents\MumbleAutomaticCertificateBackup.p12
2015-01-05 23:15 - 2009-07-13 23:13 - 00779266 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-05 21:40 - 2011-12-27 19:56 - 00000000 ____D () C:\Users\1
2015-01-05 21:38 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2015-01-05 20:42 - 2012-05-25 19:57 - 00000430 _____ () C:\Windows\Tasks\PC Optimizer Pro Updates.job
2015-01-05 20:42 - 2011-12-29 14:52 - 00000000 ____D () C:\Users\1\AppData\Local\CrashDumps
2015-01-05 20:38 - 2013-09-11 15:13 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-01-05 20:38 - 2011-12-27 19:56 - 00000000 ___SD () C:\S-1-5-21-3031066903-3856787413-868265610-1006
2015-01-05 20:10 - 2012-07-26 19:11 - 00000000 ____D () C:\Users\1\AppData\Roaming\Skype
2015-01-05 18:31 - 2011-12-27 19:56 - 00000000 ____D () C:\Users\1\AppData\Local\VirtualStore
2015-01-05 16:55 - 2014-07-27 06:28 - 96259306 ____R () C:\Users\1\Downloads\[DeadFish] Non Non Biyori - OVA [DVD][480p][AAC].mp4.decbak
2015-01-05 16:54 - 2014-11-19 20:15 - 01380214 ____R () C:\Users\1\Downloads\Guide to installing carrier hacks.pptx.decbak
2015-01-05 16:54 - 2014-10-28 21:09 - 00238820 ____R () C:\Users\1\Downloads\ZuseMe.zip.decbak
2015-01-05 16:54 - 2014-09-18 17:36 - 04162645 ____R () C:\Users\1\Downloads\14.Kusatta Umi no Nioi.mp3.decbak
2015-01-05 16:54 - 2014-09-16 19:50 - 00852917 ____R () C:\Users\1\Downloads\49 MaMU2.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:27 - 00869882 ____R () C:\Users\1\Downloads\I Am Not Home.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:27 - 00756602 ____R () C:\Users\1\Downloads\God Level.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:26 - 00816506 ____R () C:\Users\1\Downloads\All Day.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 01103036 ____R () C:\Users\1\Downloads\40 Noire.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 01023664 ____R () C:\Users\1\Downloads\29 Anna.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00996588 ____R () C:\Users\1\Downloads\21 Olivia.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00954180 ____R () C:\Users\1\Downloads\03 Freddy Bear.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00927508 ____R () C:\Users\1\Downloads\11 Lon'qu.mp3.decbak
2015-01-05 16:54 - 2014-07-21 18:59 - 13818596 ____R () C:\Users\1\Downloads\Yoko_Kanno-ili_lolol_[Zankyou_no_Terror].mp3.decbak
2015-01-05 16:54 - 2014-07-21 18:59 - 06594185 ____R () C:\Users\1\Downloads\Yoko_Kanno_amp_POP_ETC-is_[Zankyou_no_Terror_OST].mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:34 - 05923612 ____R () C:\Users\1\Downloads\Stone Cold Crazy (feat. Josh Homme).mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:31 - 10219017 ____R () C:\Users\1\Downloads\Outlaw Blues (Bob Dylan Cover).mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:30 - 11506284 ____R () C:\Users\1\Downloads\No One Knows (Flute, Orchestra, No Solo, Backing Vox, Piano).mp3.decbak
2015-01-05 16:54 - 2014-02-19 00:06 - 28017951 ____R () C:\Users\1\Downloads\[774 Nanashi] Nagatoro's Sandbag.zip.decbak
2015-01-05 16:54 - 2013-06-20 22:00 - 272523981 ____R () C:\Users\1\Downloads\amd_9002_v78_vga.zip.decbak
2015-01-05 16:54 - 2013-06-20 22:00 - 09456943 ____R () C:\Users\1\Downloads\amd_9002_v78_vga.zip.part.decbak
2015-01-05 16:54 - 2012-12-09 00:50 - 20659071 ____R () C:\Users\1\Downloads\Fallout.zip.decbak
2015-01-05 16:53 - 2012-04-22 18:09 - 00002378 ____R () C:\Users\1\Documents\MumbleAutomaticCertificateBackup.p12.decbak
2015-01-05 16:53 - 2012-02-18 22:01 - 00000162 ___RH () C:\Users\1\Desktop\~$Debate.docx.decbak
2015-01-05 06:37 - 2013-03-24 02:11 - 00000000 ____D () C:\Users\1\AppData\Roaming\vlc
2015-01-05 00:35 - 2014-01-22 15:15 - 00000000 ____D () C:\Users\1\AppData\Local\CF1DA33D-98E4-496F-BA1D-9A0E0DA4B395.aplzod
2015-01-05 00:35 - 2013-07-26 21:59 - 00000279 ____R () C:\Users\1\AppData\Roaming\WB.CFG
2015-01-04 10:34 - 2014-07-30 12:29 - 00002167 ____R () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2015-01-04 10:31 - 2014-07-30 12:29 - 00000000 ____D () C:\Windows\pss
2015-01-04 10:27 - 2013-08-16 19:15 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 10:22 - 2013-08-16 19:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-02 21:28 - 2014-06-02 19:22 - 00000000 ____D () C:\Users\1\AppData\Roaming\iFunbox_UserCache
2015-01-02 00:25 - 2013-03-04 15:54 - 00000000 ____D () C:\Users\1\AppData\Roaming\TS3Client
2014-12-29 21:04 - 2013-07-10 09:00 - 00000428 _____ () C:\Windows\Tasks\PC Optimizer Pro Idle.job
2014-12-24 13:32 - 2011-02-02 00:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-24 13:32 - 2011-02-02 00:35 - 00000000 ___HD () C:\ProgramData\Skype
2014-12-22 20:54 - 2013-12-02 00:11 - 00001474 ____R () C:\Users\1\Desktop\Steins;Gate.lnk
2014-12-20 15:55 - 2011-12-29 13:52 - 00000000 ____D () C:\Users\1\Documents\My Games
2014-12-17 23:41 - 2013-08-16 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-12-17 00:35 - 2014-12-01 18:35 - 00000010 ____R () C:\Users\1\AppData\Local\DSI.DAT
2014-12-15 19:44 - 2012-11-15 22:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 19:44 - 2012-11-15 22:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 01:45 - 2012-11-15 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-15 01:40 - 2011-04-28 19:35 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-12-14 18:00 - 2013-07-07 04:20 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-12-10 18:31 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 03:28 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 03:13 - 2011-04-28 19:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:12 - 2014-01-16 11:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:04 - 2012-03-04 01:15 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 22:20 - 2014-11-02 22:15 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2014-12-09 22:20 - 2014-03-22 02:24 - 00001148 ____R () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-12-09 22:20 - 2013-10-08 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
 
Files to move or delete:
====================
C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe
C:\ProgramData\hash.dat
 
 
Some content of TEMP:
====================
C:\Users\c\AppData\Local\Temp\InstallFlashPlayer.exe
C:\Users\c\AppData\Local\Temp\kna0.431093313062746.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-26 15:24
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by 1 at 2015-01-08 12:37:29
Running from C:\Users\1\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\uTorrent) (Version: 3.4.2.36802 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.3.1 - IObit)
AMD Catalyst Install Manager (HKLM\...\{5E03A267-415E-5383-FA8F-3CE4145663B9}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 10.10.0.41001 - ATI Technologies Inc.) Hidden
ATI Problem Report Wizard (Version: 3.0.745.0 - ATI Technologies) Hidden
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7925 - DsNET Corp)
aTube Catcher version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version:  - Audacity Team)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.1.9.799 - AVG Technologies)
BattlEye (A2Free) Uninstall (HKLM-x32\...\BattlEye A2 Free) (Version:  - )
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (x32 Version: 2009.0714.2132.36830 - ATI) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ Commander (HKLM-x32\...\{49D57DC1-18C3-4BA5-95F6-8DD94350B7FD}) (Version: 0.9.117 - Dotjosh Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell DataSafe Online (HKLM-x32\...\{7EC66A95-AC2D-4127-940B-0445A526AB2F}) (Version: 2.1.19634 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version: 2.0 - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell V310-V510 Series (HKLM\...\Dell V310-V510 Series) (Version:  - Dell, Inc.)
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DisplayFusion 6.0 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 6.0.0.0 - Binary Fortress Software)
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
DriverUpdate (HKLM-x32\...\{850A14FC-F410-47F7-94E4-38F4D3F270D4}) (Version: 2.2.30452 - SlimWare Utilities, Inc.)
eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)
ffdshow [rev 3154] [2009-12-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.0 - )
File Type Assistant (HKLM-x32\...\Trusted Software Assistant_is1) (Version:  - Trusted Software) <==== ATTENTION
ƒOƒŠƒUƒCƒA‚̉ʎÀ (HKLM-x32\...\FW_Grisaia) (Version:  - )
Free File Viewer 2011 (HKLM-x32\...\FreeFileViewer_is1) (Version:  - Bitberry Software) <==== ATTENTION
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
HydraVision (x32 Version: 4.2.114.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.5 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.2.10.2466 - IObit)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java™ 6 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416045FF}) (Version: 6.0.450 - Oracle)
Java™ 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LogMeIn (HKLM-x32\...\{53E10F4E-B361-45D7-8DBD-A6BF073236F0}) (Version: 4.1.3430 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mipony Download Manager Packages (HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Mipony Download Manager Packages) (Version:  - ) <==== ATTENTION
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 23.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.3 (HKLM-x32\...\{B4E343DD-BAAB-4D59-AD9C-DEA0AFE09DF1}) (Version: 1.2.3 - Thorvald Natvig)
NCsoft Launcher (HKLM-x32\...\{5F8E2CBB-949D-4175-AC98-5ADE7F6C9697}) (Version: 1.5.25.1 - NCsoft)
NVIDIA 3D Vision Controller Driver 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 275.33 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 275.33 - NVIDIA Corporation)
NVIDIA Graphics Driver 275.33 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 275.33 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA Update 1.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.3.5 - NVIDIA Corporation)
Omnitool version 11 (HKLM-x32\...\{C639B1D2-D1FB-454C-BB28-C5348B2EB95C}_is1) (Version: 11 - Fabian Dill)
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PC Remote (HKLM-x32\...\{6C61794B-55F4-4A18-850D-9C4F374B3756}) (Version: 3.37 - PC Remote)
PhotoShowExpress (x32 Version: 2.0.028 - Sonic Solutions) Hidden
PlayBryte (HKLM-x32\...\iBryte_playbryte) (Version:  - iBryte)
Quick-RAR (HKLM-x32\...\Quick-RAR) (Version:  - )
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Qwiklinx (HKLM-x32\...\{2E497885-E60B-420A-832D-0148B392E058}_is1) (Version: 1.2.0.1073 - Qwiklinx, Inc.) <==== ATTENTION
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7373 - Realtek Semiconductor Corp.)
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.0 - IObit)
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stepvoice Recorder 1.8.0.206 (HKLM-x32\...\Stepvoice Recorder_is1) (Version:  - )
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
Tt eSPORTS Challenger Pro (HKLM-x32\...\{91591AEF-F2AB-45DF-9BAA-4288B5EC8032}) (Version: 2.2.0.0 - Tt eSPORTS)
Unity Web Player (HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Ventrilo Client (HKLM-x32\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version:  - Neil Jedrzejewski & Ryan Gregg)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Phone app for desktop (HKLM-x32\...\{E786AE85-8A30-4CF2-BF70-57404A5CD684}) (Version: 1.0.1720.1 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WSE_Astromenda (HKLM-x32\...\WSE_Astromenda) (Version:  - WSE_Astromenda) <==== ATTENTION!
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
06-01-2015 01:53:06 Installed Zune 4.8
06-01-2015 06:02:22 Removed iTunes
06-01-2015 06:07:40 Installed Zune 4.8
06-01-2015 19:51:48 Removed Microsoft AppLocale
06-01-2015 20:47:37 Driver Booster : AMD High Definition Audio Device
07-01-2015 00:55:45 Installed Microsoft Fix it 50577
07-01-2015 01:05:24 Installed iTunes
07-01-2015 01:07:28 Installed iTunes
07-01-2015 01:10:40 Installed iTunes
07-01-2015 01:14:30 Removed Movie Studio Platinum 12.0
07-01-2015 01:22:34 Installed Microsoft Fix it 50577
07-01-2015 01:34:43 Installed iTunes
07-01-2015 01:38:24 Installed Microsoft Fix it 50577
07-01-2015 01:41:11 Installed Zune 4.8
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2015-01-04 04:41 - 00001497 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
85.25.79.99 www.google-analytics.com.
85.25.79.99 google-analytics.com.
85.25.79.99 connect.facebook.net.
162.247.13.85 www.google-analytics.com.
162.247.13.85 google-analytics.com.
162.247.13.85 connect.facebook.net.
185.53.9.209 www.google-analytics.com.
185.53.9.209 google-analytics.com.
185.53.9.209 connect.facebook.net.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05E37C0B-B2EF-44A4-BAA2-E11F6702C4CF} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ExecuteWithUAC.exe
Task: {0A06BEB7-E650-4341-9AD3-A59E909D8483} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {0F40F6FC-7DB3-448B-8C3E-2CF83B41669F} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {1100A9BC-4778-4616-BDE9-427F7FBFF73E} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe [2011-03-11] (Bitberry Software) <==== ATTENTION
Task: {1115E2A3-C85B-4CD9-BD08-01848F19B94D} - System32\Tasks\{32C3B7D2-C961-4117-8BE9-8BED9C8ECD5D} => pcalua.exe -a "C:\Program Files (x86)\Steam\steamapps\common\terraria\TCCLInstaller.exe" -d "C:\Program Files (x86)\Steam\steamapps\common\terraria"
Task: {12861D95-9CC1-4026-955C-F3B5B9D90489} - System32\Tasks\Security Center Update - 3559000896 => C:\Users\1\AppData\Roaming\Onqyte\ofsiy.exe [2012-06-12] (Eraem Corniratu) <==== ATTENTION
Task: {139BC11D-9380-480D-91CD-D8F4C136CF7E} - System32\Tasks\MySearchDial => C:\Users\1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {15C473B9-2857-488C-9942-5DBFC90555DA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-08-25] (Apple Inc.)
Task: {1839E044-1F44-43C1-8F40-4B56C58965C8} - System32\Tasks\ASC7_SkipUac_1 => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2014-05-29] (IObit)
Task: {185D454D-D662-4F4B-AA2B-FB3356913F2D} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-12-17] (IObit)
Task: {19602E40-A001-4FBB-BEE0-73E54FD373E1} - System32\Tasks\PC Optimizer Pro Idle => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {20F8DE1C-C4B5-4E30-9989-D3FB7AD7F6C6} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {237F4FDE-1890-4CFB-8734-ED329150A562} - System32\Tasks\{E9CEC5B0-209E-4941-8BF6-25FCD6AA7101} => C:\Program Files (x86)\Steam\steamapps\common\terraria\TerrariaTexturePack\TerrariaTexturePack.exe
Task: {2C821381-4D70-47C1-AD41-D65BC7A3FF7D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {2CBE098F-D694-4388-AA80-7A07DEC518F3} - System32\Tasks\{A61C5CB1-9D49-4B48-8B71-C6474198B63B} => Chrome.exe http://ui.skype.com/ui/0/6.14.0.104/en/abandoninstall?page=tsMain
Task: {34468DAA-8855-4921-8F12-BDD85E06FBDC} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {38DECFCD-C7CA-4423-96F0-24C37085D473} - System32\Tasks\Uninstaller_SkipUac_1 => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-06] (IObit)
Task: {3FCEA785-3486-43A1-9381-C19004D42D3D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {540BA204-2B58-4FAB-9E67-DF4DDE485230} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-06] (Adobe Systems Incorporated)
Task: {5468DE91-089B-4B54-9D54-A8C956EDC678} - System32\Tasks\winupd => C:\Users\c\AppData\Local\Temp:winupd.exe
Task: {54C45668-E389-44D0-988A-2C667D98289C} - System32\Tasks\PC Optimizer Pro64 Scan => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {5D330E0D-A2DE-4858-9533-04F2AC38F467} - System32\Tasks\PC Optimizer Pro Updates => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: {643999A2-BA2C-49BC-A8D7-A51540D7ABAD} - System32\Tasks\DGChrome31095 Watcher => C:\Program Files\Updater By SweetPacks\DGChrome.exe
Task: {712DA5BD-8FBE-4748-A735-777A7278C670} - System32\Tasks\{1E5EAB78-F512-4B6B-BA2A-F4E3C4CE0832} => C:\Program Files (x86)\Steam\steamapps\common\terraria\TerrariaTexturePack\TerrariaTexturePack.exe
Task: {766FE6D4-07C9-445A-90D5-1F0CABCD510C} - System32\Tasks\DriverUpdate Startup => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe [2013-06-22] (SlimWare Utilities, Inc.)
Task: {76DB33F9-52F5-4CD9-95F8-827B3B290344} - System32\Tasks\{1168A3D1-F725-4C85-B229-370FA983C68F} => C:\Program Files (x86)\Steam\steamapps\common\terraria\TerrariaTexturePack\TerrariaTexturePack.exe
Task: {7C45764A-BC5F-4337-9FF6-B558D111B68C} - System32\Tasks\ProgramUpdateCheck => C:\Program Files (x86)\File Type Assistant\TSAssist.exe [2012-02-28] (Trusted Software ApS) <==== ATTENTION
Task: {7EE15776-FFF4-45B2-BAC5-BB1AE5E2A1F7} - System32\Tasks\{AF92FB05-E3C7-4E3D-A42D-76C713581E0A} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/223710
Task: {960304F5-C904-4E73-8368-E1662357F2FA} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-05] ()
Task: {9628E1C5-6002-45DB-B061-8ADDAD9F02EC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-04] (IObit)
Task: {97C34E44-B545-434A-859A-9A95FE986294} - System32\Tasks\Security Center Update - 1800836312 => C:\Users\1\AppData\Roaming\Viemwyx\yzubygg.exe [2015-01-07] (Eraem Corniratu) <==== ATTENTION
Task: {9D337F5B-B81B-4814-8CBB-6EAA0B72CDDB} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-06] (IObit)
Task: {A92AA0DF-C641-48C8-966F-F05A1A31E882} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000Core => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {ADFBC78D-C453-4F80-BD03-E61918C203EE} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
Task: {B1428397-2C41-432E-A85F-DD7DDFB1AE00} - System32\Tasks\{871B8E05-9956-4E10-A7F9-B1D0FC9716B4} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?source=lightinstaller&amp;page=tsProgressBar
Task: {BCEB8A02-8C1B-4CEF-BBC9-CB85AD6BBF91} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe [2014-05-06] (IObit)
Task: {BE17C4AE-18BE-4C84-AE3D-C09DD3BF6A32} - System32\Tasks\{DA2E18C2-E9DE-4035-AFB7-400F32774A4E} => pcalua.exe -a C:\Users\1\Desktop\Setup.exe -d C:\Users\1\Desktop
Task: {C2205604-CFAD-4CD0-AED6-F8490E5ADEBE} - \1279868192 No Task File <==== ATTENTION
Task: {C531305A-76F9-404D-BB76-90B2F378D4B5} - System32\Tasks\Driver Booster SkipUAC (1) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-04] (IObit)
Task: {D0C27EE0-3FBB-4A9F-965E-87D11D8D7493} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {D1F78788-66D1-4E83-9E53-E4CA0D238757} - System32\Tasks\{3BF01BD5-BD3F-433D-B3D9-B87C33DFB8D6} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {F03ACEFD-254E-4E55-B4AF-23DA8E6A8CC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-22] (Google Inc.)
Task: {F84CF644-9DB6-44F9-8A5A-3275D0ADADB3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000UA => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {FF18E09A-3C9C-4159-89D4-0BF07C2D501F} - System32\Tasks\PC Optimizer Pro64 startups => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DGChrome31095 Watcher.job => C:\Program Files\Updater By SweetPacks\DGChrome.exe
Task: C:\Windows\Tasks\DriverUpdate Startup.job => C:\Program Files (x86)\DriverUpdate\DriverUpdate.exe
Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000Core.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000UA.job => C:\Users\Sean\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\1\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro Idle.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro Updates.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro64 Scan.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\PC Optimizer Pro64 startups.job => C:\Program Files\PC Optimizer Pro\StartApps.exe <==== ATTENTION
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exe
Task: C:\Windows\Tasks\Security Center Update - 1800836312.job => C:\Users\1\AppData\Roaming\Viemwyx\yzubygg.exe <==== ATTENTION
Task: C:\Windows\Tasks\Security Center Update - 3559000896.job => C:\Users\1\AppData\Roaming\Onqyte\ofsiy.exe <==== ATTENTION
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-03-15 17:27 - 2009-11-04 12:18 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll
2009-06-17 11:49 - 2009-06-17 11:49 - 00616408 _____ () C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntiSpyService.exe
2011-02-02 00:35 - 2011-08-18 09:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2014-08-15 17:19 - 2014-08-15 17:19 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
2014-09-08 01:34 - 2014-09-08 01:34 - 01074688 _____ () C:\Program Files (x86)\WSE_Astromenda\BRS\brs.exe
2013-07-07 04:20 - 2014-08-25 18:27 - 02640408 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2015-01-02 01:31 - 2015-01-02 01:31 - 02737664 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2015-01-02 01:31 - 2015-01-02 01:31 - 02242560 _____ () C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll
2014-04-08 14:24 - 2014-03-04 03:44 - 00135168 __RSH () C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe
2014-07-30 12:29 - 2013-10-25 11:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-07-30 12:29 - 2013-01-15 17:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-07-30 12:29 - 2013-01-15 17:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-07-30 12:29 - 2013-01-15 17:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-07-30 12:29 - 2013-01-15 17:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-15 17:19 - 2014-08-15 17:19 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
2015-01-02 01:32 - 2015-01-02 01:32 - 00034816 ____R () C:\Users\1\AppData\Local\Ehjxtion\hcwWebInit80.dll
2015-01-02 01:32 - 2015-01-02 01:32 - 00034816 ____R () C:\Users\1\AppData\Local\IXTsoft\btbGLSvc16.dll
2012-11-25 17:36 - 2009-10-09 17:50 - 00045056 _____ () C:\Program Files (x86)\Thermaltake Challenger Pro\WMINPUT.DLL
2015-01-06 20:10 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2015-01-06 20:10 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2015-01-06 20:10 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2015-01-06 20:10 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2015-01-06 20:10 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2015-01-06 20:10 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2015-01-06 20:10 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-12-11 15:53 - 2014-12-05 19:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 15:53 - 2014-12-05 19:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 15:53 - 2014-12-05 19:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 15:53 - 2014-12-05 19:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-11 15:53 - 2014-12-05 19:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk => C:\Windows\pss\$McRebootA5E6DEAA56$.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^1^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^schtasks.lnk => C:\Windows\pss\schtasks.lnk.Startup
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: BrowserPlugInHelper => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\BrowserPlugInHelper.exe
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: dleamon.exe => "C:\Program Files (x86)\Dell V310-V510 Series\dleamon.exe"
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: IXTsoft => C:\Users\1\AppData\Local\IXTsoft\tmpF0D9.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PC Remote Server => C:\Program Files (x86)\PC Remote\PC Remote\PCRemote.exe /silent
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: schtasks => "C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
MSCONFIG\startupreg: VNT => "C:\Program Files (x86)\VNT\vntldr.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
 
========================= Accounts: ==========================
 
1 (S-1-5-21-3031066903-3856787413-868265610-1006 - Administrator - Enabled) => C:\Users\1
Administrator (S-1-5-21-3031066903-3856787413-868265610-500 - Administrator - Disabled)
Guest (S-1-5-21-3031066903-3856787413-868265610-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3031066903-3856787413-868265610-1012 - Limited - Enabled)
LogMeInRemoteUser (S-1-5-21-3031066903-3856787413-868265610-1010 - Administrator - Enabled) => C:\Users\LogMeInRemoteUser
UpdatusUser (S-1-5-21-3031066903-3856787413-868265610-1007 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
Name: AntiLog32
Description: AntiLog32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: AntiLog32
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/08/2015 00:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0xbc0
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:34:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1ea8
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:33:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007fe00000000
Faulting process id: 0x18c0
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:31:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x121c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:30:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1ccc
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:28:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1370
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0xd34
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0xa60
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:23:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x84c
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:22:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000000000000
Faulting process id: 0x1430
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
 
System errors:
=============
Error: (01/08/2015 11:25:41 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer8 service.
 
Error: (01/08/2015 11:25:11 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (01/08/2015 11:23:13 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
 
Error: (01/08/2015 10:40:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (01/08/2015 10:40:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer8 service.
 
Error: (01/08/2015 10:39:37 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (01/08/2015 07:21:50 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3C5E2B20-B911-44E2-A2DD-9F05E7B5E775}
 
Error: (01/08/2015 06:31:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (01/08/2015 06:31:20 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
Error: (01/07/2015 05:13:13 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
 
 
Microsoft Office Sessions:
=========================
Error: (01/08/2015 00:36:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000bc001d02b71c9358ec0C:\Windows\explorer.exeunknown39140fc8-9765-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:34:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000000000001ea801d02b7195146a70C:\Windows\explorer.exeunknown049392d9-9765-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:33:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c0000005000007fe0000000018c001d02b715b3626e7C:\Windows\explorer.exeunknownc5f11b92-9764-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:31:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000121c01d02b712c44c73fC:\Windows\explorer.exeunknown96ff1c24-9764-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:30:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c000000500000000000000001ccc01d02b70f8dd2eadC:\Windows\explorer.exeunknown6815b97c-9764-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:28:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000137001d02b70bf64e270C:\Windows\explorer.exeunknown2a1f0bba-9764-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:27:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000d3401d02b70867b54caC:\Windows\explorer.exeunknownf134a9b2-9763-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:25:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000a6001d02b7049e911c2C:\Windows\explorer.exeunknownb967b239-9763-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:23:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c0000005000000000000000084c01d02b700b6eef90C:\Windows\explorer.exeunknown7a463de5-9763-11e4-a585-842b2b8f341e
 
Error: (01/08/2015 00:22:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4unknown0.0.0.000000000c00000050000000000000000143001d02b6fd7662ae0C:\Windows\explorer.exeunknown45e1ba10-9763-11e4-a585-842b2b8f341e
 
 
==================== Memory info =========================== 
 
Processor: AMD Athlon™ II X3 435 Processor
Percentage of memory in use: 39%
Total physical RAM: 6142.98 MB
Available physical RAM: 3718.46 MB
Total Pagefile: 12284.13 MB
Available Pagefile: 9287.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:451.91 GB) (Free:60.54 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 77E3ED41)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=13.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.9 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:58 AM

Posted 08 January 2015 - 02:20 PM

Hey,

Please move FRST to your Desktop.

Step 1: Adwarecleaner

Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:

Download Mirror #1
  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
Note: The log can also be found in here: C:\AdwCleaner\

Step 2: Malwarebytes

Please download Malwarebytes Anti-Malware to your desktop Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings.JPG

Go back to the Dashboard and select Scan Now

MBAMScan.JPG

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot.JPG

MBAMLog.JPG

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Attach/Post that log

Step 3: Junkware Removal Tool

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 4: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#5 Tr1pkt12

Tr1pkt12
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 08 January 2015 - 05:33 PM

Those scummy Processors are no longer and my computer feel a bunch better

 

# AdwCleaner v4.107 - Report created 08/01/2015 at 14:02:51
# Updated 07/01/2015 by Xplode
# Database : 2015-01-03.1 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : 1 - SEAN-PC
# Running from : C:\Users\1\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : vToolbarUpdater18.1.9
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\~0
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\PC Optimizer Pro
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Program Files (x86)\Amazon Browser Bar
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\comcasttb
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\facemoods.com
Folder Deleted : C:\Program Files (x86)\File Type Assistant
Folder Deleted : C:\Program Files (x86)\Free Offers from Freeze.com
Folder Deleted : C:\Program Files (x86)\iBryte
Folder Deleted : C:\Program Files (x86)\Qwiklinx
Folder Deleted : C:\Program Files (x86)\wse_astromenda
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Program Files\Updater By SweetPacks
Folder Deleted : C:\Users\1\AppData\Local\Amazon Browser Bar
Folder Deleted : C:\Users\1\AppData\Local\Astromenda
Folder Deleted : C:\Users\1\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\1\AppData\Local\Conduit
Folder Deleted : C:\Users\1\AppData\Local\FileTypeAssistant
Folder Deleted : C:\Users\1\AppData\Local\Ilivid Player
Folder Deleted : C:\Users\1\AppData\Local\PackageAware
Folder Deleted : C:\Users\1\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\1\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\1\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\1\AppData\LocalLow\iBryte
Folder Deleted : C:\Users\1\AppData\LocalLow\Mysearchdial
Folder Deleted : C:\Users\1\AppData\LocalLow\searchquband
Folder Deleted : C:\Users\1\AppData\Roaming\Astromenda
Folder Deleted : C:\Users\1\AppData\Roaming\Babylon
Folder Deleted : C:\Users\1\AppData\Roaming\DSite
Folder Deleted : C:\Users\1\AppData\Roaming\Mipony Download Manager Packages
Folder Deleted : C:\Users\1\AppData\Roaming\Qwiklinx
Folder Deleted : C:\Users\1\Documents\ShopToWin
Folder Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Folder Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb
Folder Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp
File Deleted : C:\END
File Deleted : C:\Users\1\AppData\Local\mysearchdial-speeddial.crx
File Deleted : C:\Users\1\AppData\Local\BostonMarketOne.crx
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_lyrics.wikia.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.conduit.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsfreak.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.lyricsmode.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.plyrics.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_toolbar.utorrent.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_services.hearstmags.com_0.localstorage
File Deleted : C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : Driver Booster Scan
Task Deleted : Driver Booster Update
Task Deleted : driverupdate startup
Task Deleted : MySearchDial
Task Deleted : PC Optimizer Pro Updates
Task Deleted : PC Optimizer Pro64 Scan
Task Deleted : ProgramUpdateCheck
Task Deleted : PC Optimizer Pro Idle
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKCU\Software\Google\Chrome\Extensions\dleekdifoepfadaikncodjgnkkffkccd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebp
Key Deleted : HKCU\Software\Google\Chrome\Extensions\hnofepcmbghfcimfbjicplikedjcnalm
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BRS]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO
Key Deleted : HKLM\SOFTWARE\Classes\QwiklinxBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [iBryte playbryte Desktop]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08635077-8829-49E2-B338-C968817EB460}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{20A3F109-F7C1-47B4-8098-8E654B264B1D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C7478AB-3155-463E-936F-55F91F0F10D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3E7C8B5A-96AB-438F-BF9B-782400655440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{204C0025-C26A-43E2-853C-D8A8EB1BCE51}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{68DE31F7-43FF-4EE2-B88B-10665016970D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3E7C8B5A-96AB-438F-BF9B-782400655440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3E7C8B5A-96AB-438F-BF9B-782400655440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3E7C8B5A-96AB-438F-BF9B-782400655440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3E7C8B5A-96AB-438F-BF9B-782400655440}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B278D9F8-0FA9-465E-9938-0C392605D8E3}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{96DD9437-5D20-4EFB-BF52-A4A605A4E0AA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E2C1A522-B8E1-45D1-B316-F5625004A28C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49BC4DD1-0E69-4611-9164-0009538C5E46}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\465565C4B53F476488575E0777CF8CAB
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BF420FCC-C96F-4378-9B61-222F9429E5AA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{04CFCE06-C4FB-3E21-44CB-73AFF22BE164}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\Bitberry
Key Deleted : HKCU\Software\BRS
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\FileTypeAssistant
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\mysearchdial.com
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\PIP
Key Deleted : HKCU\Software\Qwiklinx
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\SweetIM
Key Deleted : HKCU\Software\WNLT
Key Deleted : HKCU\Software\WSE_Astromenda
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\lyrixeeker
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\xfin_portal
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mipony Download Manager Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2E497885-E60B-420A-832D-0148B392E058}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Trusted Software Assistant_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Astromenda
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search-results.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\searchqu.com
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17496
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
 
-\\ Mozilla Firefox v
 
 
-\\ Google Chrome v39.0.2171.95
 
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN16365586691126713&ctid=CT3289075&UM=2
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&cui=UN16365586691126713&ctid=CT3289075&UM=2
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10045&barid={03D1F86F-C511-11E2-8FBC-842B2B8F341E}
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.sweetpacks.com?src=6&q={searchTerms}&barid={03D1F86F-C511-11E2-8FBC-842B2B8F341E}&crg=3.5000006.10045&st=23
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd84&cd=2XzuyEtN2Y1L1QzuzzyEtB0BtB0Bzz0FtAyEtC0E0BtByBzytN0D0Tzu0SyCtCtDtN1L2XzutBtFtBtFyDtFtCtDyBtDtN1L1Czu1L1C1H1B1QzzyE&cr=1265188352&ir=
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN10506&l=dis&prt=360&chn=S1122&geo=US&ver=20&locale=en_US&gct=sb&qsrc=2869
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.search.ask.com/web?tpid=ATU4-V7C&o=APN11391&l=dis&pf=V7&p2=%5EBAY%5EYYYYYY%5EYY%5EUS&gct=&itbv=12.10.3.4594&doi=2014-03-22&apn_uid=A45326CE-93CC-4BBC-8963-A1F30F9E9190&apn_ptnrs=%5EBAY&apn_dtid=%5EYYYYYY%5EYY%5EUS&apn_dbr=cr_33.0.1750.154&psv=&trgb=CR&tbv=&crxv=&q={searchTerms}
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_file_14_37_ch&cd=2XzuyEtN2Y1L1QzuzzyEtB0BtB0Bzz0FtAyEtC0E0BtByBzytN0D0Tzu0SzyzztCtN1L2XzutAtFtBtFtCtFtBtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCyB0BzzzzyBtBzztGyD0BtByBtGzztB0AzytGtBtCyB0CtGtB0AyC0AyByByCyCyDzy0B0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0A0A0BtCtC0CtA0CtG0DyDyD0AtGyEyB0DtCtGzy0C0BtAtGtDyDyCyD0DyDyB0CyEzz0FtC2Q&cr=1237876039&ir=
[C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://www.amazon.com/websearch/ref=bit_bds-p07_serp_cr_us_display?ie=UTF8&tagbase=bds-p07&tbrId=v1_abb-channel-7_8a6cd25ecf9d474b91e8c8cc2f05cfe2_30_46_20130329_US_cr_sp_
 
*************************
 
AdwCleaner[R0].txt - [27615 octets] - [08/01/2015 13:43:03]
AdwCleaner[R1].txt - [27676 octets] - [08/01/2015 13:48:04]
AdwCleaner[S0].txt - [25689 octets] - [08/01/2015 14:02:51]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [25750 octets] ##########
 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 1/8/2015
Scan Time: 3:40:14 PM
Logfile: MAM.txt
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2015.01.08.15
Rootkit Database: v2015.01.07.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: 1
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 529995
Time Elapsed: 42 min, 58 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 7 Home Premium x64
Ran by 1 on Thu 01/08/2015 at 15:47:06.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Successfully stopped: [Service] antispywareservice 
Successfully deleted: [Service] antispywareservice 
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011461139}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{57CDC018-35BB-4A5E-8067-2E6E628FC6EB}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bb46be07-13eb-4c49-b0f0-fc78b9ea4983}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{bb46be07-13eb-4c49-b0f0-fc78b9ea4983}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bb46be07-13eb-4c49-b0f0-fc78b9ea4983}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{bb46be07-13eb-4c49-b0f0-fc78b9ea4983}
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Windows\Tasks\PC Optimizer Pro64 startups.job
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\pcdr"
Successfully deleted: [Folder] "C:\Users\1\appdata\local\cre"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{15B66DCC-6A04-4229-82FD-FA5AAC2A2D6C}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{2955AD13-93BF-4999-BCBA-96A59B0A1B77}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{2D21DB28-2EF0-4D4E-ADA7-5FE455127213}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{4C5482D5-4B0E-44B4-AF03-56E322F26CA6}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{72F3138B-CF7A-4AED-9118-9A74DDA05FF7}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{8D529173-0669-440E-A633-696E59D3303F}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{A701BE6E-A553-4234-A2C4-AB2078D6148E}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{BD822F15-3AEB-482A-824A-75D5F6ED964B}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{CDD17228-574B-4D32-92B8-CC835D7DDCCF}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{CF74009E-B197-4136-9C82-06656CDECD99}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{D34DF407-F0EB-40AF-9AA6-0E080B0268D2}
Successfully deleted: [Empty Folder] C:\Users\1\appdata\local\{F4E68FBC-FA17-4A49-8772-170CA61AEA1A}
 
 
 
~~~ Chrome
 
Successfully deleted: [Folder] C:\Users\1\appdata\local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Successfully deleted: [Folder] C:\Users\1\appdata\local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 01/08/2015 at 15:59:30.02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by 1 (administrator) on SEAN-PC on 08-01-2015 16:32:50
Running from C:\Users\1\Desktop
Loaded Profiles: 1 & UpdatusUser (Available profiles: 1 & UpdatusUser & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
( ) C:\Windows\System32\dleacoms.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Bitberry Software) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Chicony) C:\Program Files (x86)\Thermaltake Challenger Pro\Ttsystray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-01-06] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ChallengerPro] => C:\Program Files (x86)\Thermaltake Challenger Pro\Ttsystray.exe [1254912 2010-06-21] (Chicony)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-07] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584 2014-04-21] (IObit)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Ehjxtion] => regsvr32.exe C:\Users\1\AppData\Local\Ehjxtion\hcwWebInit80.dll <===== ATTENTION
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Iddbsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\1\AppData\Local\IXTsoft\btbGLSvc16.dll
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [uTorrent] => C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe [1378640 2015-01-06] (BitTorrent Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\MountPoints2: D - D:\DVDSetup.exe
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\MountPoints2: {5f52180a-2ea5-11e0-b118-806e6f6e6963} - D:\Setup.EXE
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\schtasks.lnk
ShortcutTarget: schtasks.lnk -> C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe (No File)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Users\1\AppData\Local\Temp\DellDock.exe (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
URLSearchHook: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
SearchScopes: HKLM -> {27C03B0B-EA15-4533-9540-1AE7E9F1428F} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A4300A8E-C6CC-4609-A26E-5B84F99901F7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {27C03B0B-EA15-4533-9540-1AE7E9F1428F} URL = 
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {80C9D3B8-EDA4-49F7-83C3-B90BB20EAB24} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {8479186C-4CAE-428C-B70A-C2F9191DB716} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {9EA88A2B-A1D9-4D81-B907-F06D1FA7C373} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM - No Name - !{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM-x32 - No Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM-x32 - No Name - !{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0D9E443E-C250-4392-B51A-9D9BFB0757A7}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{4584B1C6-466D-408A-80C3-2D8483BE9C27}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{AB6D0BB6-3D6E-4ABC-A299-0D91F30C3431}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{EDA269E2-391C-479D-9B71-1FCE3FA82C8C}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3031066903-3856787413-868265610-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3031066903-3856787413-868265610-1006: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: Default -> https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Sad Panda) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-01-15]
CHR Extension: (4chan X) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-06-15]
CHR Extension: (EditThisCookie) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-01-15]
CHR Extension: (Hola Better Internet) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-01-08]
CHR Extension: (Last.fm Scrobbler) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2014-01-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-04]
CHR Extension: (Google Wallet) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR Extension: (Better History) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2015-01-08]
CHR Extension: (4chan Plus) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj [2014-06-15]
CHR Extension: (4chan Media Player) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppapgpglcdbdkemapmhjnjdhabmmhgid [2014-01-20]
CHR Profile: C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-25]
CHR Extension: (Google Drive) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-25]
CHR Extension: (YouTube) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-25]
CHR Extension: (uTorrentControl_v6) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp [2013-05-25]
CHR Extension: (Google Search) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-25]
CHR Extension: (Make this page red) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo [2013-05-25]
CHR Extension: (SiteAdvisor) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-05-25]
CHR Extension: (Wajam) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-05-25]
CHR Extension: (Norton Identity Protection) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-05-25]
CHR Extension: (Gmail) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-25]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-27] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5179760 2014-06-18] (Binary Fortress Software)
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-05-21] ( )
R2 dlea_device; C:\Windows\SysWOW64\dleacoms.exe [593920 2009-12-09] ( )
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-11-03] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-17] (Electronic Arts)
S2 0172931388640400mcinstcleanup; C:\Users\1\AppData\Local\Temp\017293~1.EXE -cleanup -nolog [X]
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-15] (AVG Technologies)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-06] (REALiX™)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-01-05] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-08 16:32 - 2015-01-08 16:32 - 00030815 _____ () C:\Users\1\Desktop\FRST.txt
2015-01-08 16:27 - 2015-01-08 16:27 - 00001049 _____ () C:\Users\1\Desktop\MAM.txt
2015-01-08 15:59 - 2015-01-08 15:59 - 00004278 _____ () C:\Users\1\Desktop\JRT.txt
2015-01-08 15:46 - 2015-01-08 15:46 - 00000000 ____D () C:\Windows\ERUNT
2015-01-08 15:45 - 2015-01-08 15:45 - 01707939 _____ (Thisisu) C:\Users\1\Downloads\JRT.exe
2015-01-08 15:36 - 2015-01-08 15:36 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini
2015-01-08 15:36 - 2015-01-08 15:36 - 00000000 ____D () C:\Users\TEMP\AppData\Local\SoftThinks
2015-01-08 15:36 - 2015-01-08 15:36 - 00000000 ____D () C:\Users\TEMP
2015-01-08 15:36 - 2013-02-10 22:07 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2015-01-08 15:36 - 2011-10-11 00:30 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Microsoft Help
2015-01-08 15:36 - 2009-07-13 22:54 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-01-08 15:36 - 2009-07-13 22:49 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-01-08 14:40 - 2015-01-08 15:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-08 14:40 - 2015-01-08 14:40 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-08 14:40 - 2015-01-08 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-08 14:40 - 2015-01-08 14:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-08 14:40 - 2015-01-08 14:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-08 14:40 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-08 14:40 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-08 14:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-08 14:36 - 2015-01-08 14:38 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\1\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-08 13:42 - 2015-01-08 14:04 - 00000000 ____D () C:\AdwCleaner
2015-01-08 13:31 - 2015-01-08 13:34 - 02191360 _____ () C:\Users\1\Downloads\AdwCleaner.exe
2015-01-08 12:52 - 2015-01-08 12:52 - 00000000 ____D () C:\Users\1\AppData\Roaming\AMD
2015-01-08 12:40 - 2015-01-08 12:40 - 00046107 _____ () C:\Users\1\Desktop\Addition.txt
2015-01-08 12:37 - 2015-01-08 12:37 - 00046107 _____ () C:\Users\1\Downloads\Addition.txt
2015-01-08 12:34 - 2015-01-08 16:32 - 00000000 ____D () C:\FRST
2015-01-08 12:29 - 2015-01-08 12:34 - 02124288 _____ (Farbar) C:\Users\1\Desktop\FRST64.exe
2015-01-08 12:09 - 2015-01-08 12:09 - 00021526 _____ () C:\Users\1\Desktop\attach.txt
2015-01-08 12:09 - 2015-01-08 12:08 - 00029922 _____ () C:\Users\1\Desktop\dds.txt
2015-01-08 12:04 - 2015-01-08 10:00 - 00057810 _____ () C:\Users\1\Downloads\[HorribleSubs] Tokyo Ghoul Root A - 01 [1080p].mkv.torrent
2015-01-08 12:00 - 2015-01-08 12:05 - 00688992 ____R (Swearware) C:\Users\1\Downloads\dds.com
2015-01-08 11:22 - 2015-01-08 11:23 - 00069492 _____ (Swearware) C:\Users\1\Downloads\5F11.tmp
2015-01-08 11:22 - 2015-01-08 11:22 - 00057810 _____ () C:\Users\1\Downloads\3FBC.tmp
2015-01-08 11:21 - 2015-01-08 11:21 - 00057810 _____ () C:\Users\1\Downloads\E1BE.tmp
2015-01-08 11:14 - 2015-01-08 11:18 - 00177136 _____ (Swearware) C:\Users\1\Downloads\Unconfirmed 252798.crdownload
2015-01-08 07:11 - 2015-01-08 07:12 - 00024935 _____ () C:\Users\1\Downloads\[kickass.so]american.horror.story.s04e11.hdtv.x264.killers.ettv.torrent
2015-01-07 01:41 - 2015-01-07 01:42 - 00000000 ____D () C:\Program Files\Zune
2015-01-07 01:41 - 2015-01-07 01:41 - 00000929 _____ () C:\Users\Public\Desktop\Zune.lnk
2015-01-07 01:41 - 2015-01-07 01:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2015-01-07 01:36 - 2015-01-07 01:36 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\Program Files\iTunes
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\Program Files\iPod
2015-01-07 01:36 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-07 01:21 - 2015-01-07 01:24 - 00010395 _____ () C:\Users\1\Documents\Uninstall STAR WARS The Old Republic.log
2015-01-07 01:14 - 2015-01-07 01:14 - 00002878 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_1
2015-01-07 00:31 - 2015-01-08 15:33 - 00000000 ____D () C:\Users\1\AppData\Roaming\Viemwyx
2015-01-07 00:29 - 2015-01-07 00:29 - 00002846 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (1)
2015-01-07 00:01 - 2015-01-08 15:34 - 00000616 _____ () C:\Windows\setupact.log
2015-01-07 00:01 - 2015-01-07 00:01 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-07 00:00 - 2015-01-08 15:33 - 00010654 _____ () C:\Windows\PFRO.log
2015-01-06 20:56 - 2015-01-06 20:56 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-06 20:54 - 2015-01-06 20:54 - 00545200 _____ (Sun Microsystems, Inc.) C:\Windows\system32\npdeployJava1.dll
2015-01-06 20:54 - 2015-01-06 20:54 - 00196528 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaws.exe
2015-01-06 20:54 - 2015-01-06 20:54 - 00172976 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaw.exe
2015-01-06 20:54 - 2015-01-06 20:54 - 00172976 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00162224 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00149936 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00149936 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-06 20:51 - 2015-01-06 20:51 - 47899136 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 40987136 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2015-01-06 20:51 - 2015-01-06 20:51 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2015-01-06 20:51 - 2015-01-06 20:51 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00843776 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00765851 _____ () C:\Windows\system32\amdicdxx.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00734861 _____ () C:\Windows\system32\atiicdxx.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00631912 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2015-01-06 20:51 - 2015-01-06 20:51 - 00631912 _____ () C:\Windows\system32\atiapfxx.blb
2015-01-06 20:51 - 2015-01-06 20:51 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00323252 _____ () C:\Windows\system32\ativvaxy_vi.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00321712 _____ () C:\Windows\system32\ativvaxy_vi_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 00238144 _____ () C:\Windows\system32\ativvaxy_cz_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00234292 _____ () C:\Windows\system32\ativvaxy_cik.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00232624 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00158944 _____ () C:\Windows\system32\ativce03.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00157248 _____ () C:\Windows\system32\amde31a.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00140240 _____ () C:\Windows\system32\samu_krnl_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00138832 _____ () C:\Windows\system32\samu_krnl_isv_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00083312 _____ () C:\Windows\system32\ativce02.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00046128 _____ () C:\Windows\system32\kapp_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00041936 _____ () C:\Windows\system32\kapp_si.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-06 20:50 - 2015-01-06 20:50 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-06 20:50 - 2015-01-06 20:50 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00110080 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00094720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00082048 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00042624 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-06 20:28 - 2015-01-08 15:33 - 00000000 ____D () C:\Users\1\AppData\Roaming\Onqyte
2015-01-06 20:14 - 2015-01-08 13:29 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-06 20:14 - 2015-01-06 20:56 - 00002036 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-01-06 20:14 - 2015-01-06 20:14 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-01-06 20:14 - 2015-01-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-01-06 20:10 - 2015-01-06 20:10 - 00001135 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-01-06 20:10 - 2015-01-06 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-01-06 06:19 - 2015-01-06 06:19 - 00000000 ____D () C:\Users\1\Downloads\MusicBeeSetup_2_4
2015-01-06 06:02 - 2015-01-06 06:05 - 00447216 _____ () C:\Users\1\Downloads\MusicBeeSetup_2_4.zip
2015-01-06 05:56 - 2013-03-01 20:28 - 00000000 ____D () C:\Users\1\Downloads\Disc2
2015-01-06 05:56 - 2013-03-01 20:28 - 00000000 ____D () C:\Users\1\Downloads\Disc1
2015-01-06 02:08 - 2015-01-06 02:09 - 480055602 _____ () C:\Users\1\Downloads\[Asenshi] Yuri Kuma Arashi - 01 [97E8C378].mkv
2015-01-06 02:08 - 2015-01-06 02:08 - 00036898 _____ () C:\Users\1\Downloads\[Asenshi] Yuri Kuma Arashi - 01 [97E8C378].mkv.torrent
2015-01-06 02:05 - 2015-01-06 02:05 - 00681472 _____ () C:\Users\1\Downloads\MicrosoftFixit50577.msi
2015-01-06 01:47 - 2015-01-06 01:47 - 00000850 _____ () C:\Users\1\Desktop\µTorrent.lnk
2015-01-06 01:46 - 2015-01-08 15:37 - 00000000 ____D () C:\Users\1\AppData\Roaming\uTorrent
2015-01-06 01:45 - 2015-01-06 01:46 - 00013824 ___SH () C:\Users\1\AppData\Roaming\Thumbs.db
2015-01-06 01:43 - 2015-01-06 01:50 - 105664248 _____ (Microsoft Corporation) C:\Users\1\Downloads\ZuneSetupPkg.exe
2015-01-06 00:52 - 2015-01-06 00:56 - 00179022 _____ (Microsoft Corporation) C:\Users\1\Downloads\36B5.tmp
2015-01-06 00:52 - 2015-01-06 00:56 - 00176946 _____ (Binary Fortress Software ) C:\Users\1\Downloads\4670.tmp
2015-01-06 00:52 - 2015-01-06 00:52 - 00001153 _____ () C:\Users\1\Desktop\decrypt_pclock - Shortcut.lnk
2015-01-06 00:42 - 2015-01-06 00:42 - 00000000 ____D () C:\b42a65637331628260f4e35af1
2015-01-06 00:24 - 2015-01-06 00:24 - 00000000 ____D () C:\99a128ea5f3c7990a4cf
2015-01-05 23:13 - 2015-01-05 23:10 - 00736224 _____ (Emsisoft Ltd) C:\Users\1\Downloads\decrypt_pclock.exe
2015-01-05 22:43 - 2015-01-06 20:11 - 00128200 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-01-05 22:36 - 2015-01-05 22:36 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll
2015-01-05 22:35 - 2015-01-06 01:28 - 00000000 ____D () C:\ProgramData\Foolish IT
2015-01-05 22:35 - 2015-01-05 22:35 - 00971528 _____ (Foolish IT LLC ) C:\Users\1\Downloads\CryptoPreventSetup.exe
2015-01-05 21:01 - 2015-01-08 12:40 - 00128200 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-01-05 16:49 - 2015-01-05 16:49 - 00894277 ____R () C:\Users\1\enc_files.txt
2015-01-04 09:27 - 2015-01-04 09:27 - 00035195 ____R () C:\Users\1\Downloads\[kickass.so]neon.genesis.evangelion.episode.1.26.480p.hi10p.aac.dual.audio.2d4u.torrent
2015-01-02 01:47 - 2015-01-04 04:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 __SHD () C:\Users\1\AppData\Local\EmieBrowserModeList
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 ____D () C:\Users\1\AppData\Local\IXTsoft
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 ____D () C:\Users\1\AppData\Local\Ehjxtion
2015-01-01 20:17 - 2015-01-01 20:17 - 00001933 ____R () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-01-01 20:17 - 2015-01-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-01-01 20:17 - 2015-01-01 20:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-12-28 16:05 - 2015-01-01 20:17 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-12-24 13:32 - 2014-12-24 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-20 15:26 - 2014-12-20 15:26 - 00000222 ____R () C:\Users\1\Desktop\The Binding of Isaac Rebirth.url
2014-12-18 01:54 - 2014-12-18 01:54 - 00878408 ____R () C:\Users\1\Downloads\org.thebigboss.homescreendesigner_v1.2.2-5_iphoneos-arm.deb
2014-12-17 23:50 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 23:50 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 00:35 - 2014-12-17 00:35 - 00022528 ____R () C:\Users\1\AppData\Local\dsisetup338801722.exe
2014-12-15 22:55 - 2015-01-05 23:23 - 00000000 ____D () C:\Users\1\Downloads\JailBreak
2014-12-15 19:48 - 2014-12-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-15 19:48 - 2014-12-15 19:48 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-14 17:59 - 2014-12-14 17:59 - 00000000 ____D () C:\ProgramData\Avg_Update_1214tb
2014-12-12 01:29 - 2015-01-05 16:54 - 00042433 __RSH () C:\Users\1\Downloads\Folder.jpg.decbak
2014-12-12 01:29 - 2015-01-05 16:54 - 00007475 __RSH () C:\Users\1\Downloads\AlbumArtSmall.jpg.decbak
2014-12-09 23:41 - 2015-01-05 16:54 - 00061583 ____R () C:\Users\1\Downloads\hahaitsyuushatime.mp3.decbak
2014-12-09 22:20 - 2008-08-18 18:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2014-12-09 22:12 - 2014-12-09 22:15 - 17114432 ____R (DsNET Corp ) C:\Users\1\Downloads\aTube_Catcher_ATU3_8001.exe
2014-12-09 16:58 - 2014-12-09 16:58 - 03981488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-12-09 15:50 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 15:50 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 15:50 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 15:50 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 15:50 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 15:50 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 15:50 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 15:50 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 15:50 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 15:50 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 15:50 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 15:50 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 15:50 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 15:50 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 15:50 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 15:50 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 15:50 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 15:50 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 15:50 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 15:50 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 15:50 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 15:50 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 15:50 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 15:50 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 15:50 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 15:50 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 15:50 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 15:50 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 15:50 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 15:50 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 15:50 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 15:50 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 15:50 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 15:50 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 15:50 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 15:50 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 15:50 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 15:50 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 15:50 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 15:50 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 15:50 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 15:50 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 15:50 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 15:50 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 15:50 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 15:50 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 15:50 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 15:50 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 15:50 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 15:50 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 15:50 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 15:50 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 15:50 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 15:50 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 15:50 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 15:50 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-08 16:30 - 2011-04-28 19:35 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-08 16:02 - 2011-10-19 16:52 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000UA.job
2015-01-08 15:58 - 2012-10-10 21:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 15:52 - 2011-06-18 15:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 15:48 - 2011-05-14 11:00 - 00000000 ___HD () C:\ProgramData\PCDr
2015-01-08 15:43 - 2009-07-13 22:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 15:43 - 2009-07-13 22:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 15:38 - 2009-07-13 23:10 - 02027368 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 15:37 - 2011-02-02 00:49 - 00000000 ___HD () C:\ProgramData\Sonic
2015-01-08 15:36 - 2012-05-25 19:43 - 00000394 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-01-08 15:36 - 2011-06-18 15:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 15:36 - 2011-02-02 01:05 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-01-08 15:36 - 2011-02-02 01:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-01-08 15:36 - 2011-02-02 00:34 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-01-08 15:34 - 2014-01-23 18:32 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-01-08 15:34 - 2014-01-23 18:32 - 00000950 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-01-08 15:34 - 2012-04-29 17:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-08 15:34 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 12:52 - 2011-08-04 07:55 - 00000000 ___HD () C:\Program Files (x86)\Steam
2015-01-08 11:47 - 2011-12-30 19:33 - 00000000 ____D () C:\Users\1\AppData\Local\LogMeIn Hamachi
2015-01-08 07:26 - 2012-05-25 20:06 - 00000000 ____D () C:\Users\1\AppData\Roaming\Apple Computer
2015-01-08 06:42 - 2013-10-03 14:45 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-07 02:48 - 2013-06-20 03:12 - 00000000 ____D () C:\Users\1\AppData\Local\Paint.NET
2015-01-07 01:36 - 2013-11-05 23:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-07 01:21 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-07 01:20 - 2014-01-01 23:46 - 00000000 ____D () C:\Users\1\AppData\Roaming\IObit
2015-01-07 01:15 - 2013-01-15 16:07 - 00000000 ____D () C:\Users\1\AppData\Local\Sony
2015-01-07 01:14 - 2014-01-01 23:50 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-07 01:02 - 2011-10-19 16:52 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000Core.job
2015-01-07 00:01 - 2009-07-13 22:45 - 05086048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-06 20:56 - 2012-04-29 17:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-06 20:55 - 2012-12-11 00:01 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-01-06 20:55 - 2012-10-10 21:06 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 20:55 - 2012-10-10 21:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-06 20:55 - 2011-06-18 15:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-06 20:54 - 2011-02-02 00:27 - 00526768 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll
2015-01-06 20:53 - 2012-12-02 14:11 - 00477616 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2015-01-06 20:53 - 2011-02-02 00:27 - 00473520 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2015-01-06 20:52 - 2013-01-11 21:21 - 00000000 ____D () C:\Program Files\AMD
2015-01-06 20:51 - 2012-12-19 13:56 - 00774656 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-01-06 20:51 - 2012-12-19 13:56 - 00244736 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-01-06 20:51 - 2012-12-19 13:33 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-01-06 20:51 - 2012-06-11 11:24 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-01-06 20:51 - 2012-06-11 11:23 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-01-06 20:51 - 2012-06-11 11:01 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-01-06 20:51 - 2012-06-11 10:45 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-01-06 20:51 - 2012-06-11 10:43 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-01-06 20:51 - 2012-06-11 10:25 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-01-06 20:51 - 2012-06-11 10:24 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-01-06 20:51 - 2011-02-02 02:22 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-06 20:14 - 2012-03-11 04:28 - 00000000 ____D () C:\ProgramData\IObit
2015-01-06 20:14 - 2012-03-11 04:28 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-01-06 19:56 - 2011-02-02 00:29 - 00000000 ___HD () C:\ProgramData\Adobe
2015-01-06 19:55 - 2011-02-02 00:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-06 19:50 - 2011-11-11 08:49 - 00000000 ___HD () C:\Users\c
2015-01-06 06:04 - 2014-10-18 15:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-06 06:03 - 2012-05-25 20:04 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-06 06:01 - 2014-04-14 00:01 - 00000000 ____D () C:\Users\1\Downloads\Media
2015-01-06 02:00 - 2012-01-03 18:53 - 00000000 ____D () C:\Users\1\AppData\Local\Adobe
2015-01-06 01:51 - 2012-11-05 17:39 - 00000000 ____D () C:\Users\1\AppData\Roaming\DisplayFusion
2015-01-06 01:44 - 2013-05-19 20:26 - 00000000 ____D () C:\uTorrent
2015-01-06 00:58 - 2012-01-08 21:32 - 00001481 _____ () C:\prefs.js
2015-01-06 00:36 - 2012-11-05 18:20 - 00000000 ____D () C:\Users\1\Desktop\Word Projects
2015-01-06 00:36 - 2012-03-11 04:26 - 00000000 ____D () C:\Users\1\AppData\Roaming\Mozilla
2015-01-06 00:10 - 2012-05-21 19:03 - 00000000 ___RD () C:\Users\1\Podcasts
2015-01-05 23:23 - 2012-03-02 17:21 - 00000000 ____D () C:\Users\1\Downloads\Display_ATI_WSW7_3264_8.850.0.0000
2015-01-05 23:22 - 2014-07-27 06:28 - 96259306 _____ () C:\Users\1\Downloads\[DeadFish] Non Non Biyori - OVA [DVD][480p][AAC].mp4
2015-01-05 23:21 - 2014-11-19 20:15 - 01380214 _____ () C:\Users\1\Downloads\Guide to installing carrier hacks.pptx
2015-01-05 23:21 - 2014-10-28 21:09 - 00238820 _____ () C:\Users\1\Downloads\ZuseMe.zip
2015-01-05 23:21 - 2014-10-21 22:44 - 00000000 ____D () C:\Users\1\Documents\Photoshop
2015-01-05 23:21 - 2014-09-16 17:13 - 00000000 ____D () C:\Users\1\Documents\Samantha Stuff
2015-01-05 23:21 - 2014-02-19 00:06 - 28017951 _____ () C:\Users\1\Downloads\[774 Nanashi] Nagatoro's Sandbag.zip
2015-01-05 23:21 - 2014-01-22 15:15 - 00000000 ____D () C:\Users\1\Documents\Outlook Files
2015-01-05 23:21 - 2013-06-20 22:00 - 272523981 _____ () C:\Users\1\Downloads\amd_9002_v78_vga.zip
2015-01-05 23:21 - 2013-06-20 22:00 - 09456943 _____ () C:\Users\1\Downloads\amd_9002_v78_vga.zip.part
2015-01-05 23:21 - 2012-12-09 00:50 - 20659071 _____ () C:\Users\1\Downloads\Fallout.zip
2015-01-05 23:21 - 2012-05-04 21:47 - 00000000 ____D () C:\Users\1\Documents\Records
2015-01-05 23:21 - 2012-04-22 18:09 - 00002378 _____ () C:\Users\1\Documents\MumbleAutomaticCertificateBackup.p12
2015-01-05 23:15 - 2009-07-13 23:13 - 00779266 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-05 21:40 - 2011-12-27 19:56 - 00000000 ____D () C:\Users\1
2015-01-05 21:38 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2015-01-05 20:42 - 2011-12-29 14:52 - 00000000 ____D () C:\Users\1\AppData\Local\CrashDumps
2015-01-05 20:38 - 2013-09-11 15:13 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-01-05 20:38 - 2011-12-27 19:56 - 00000000 ___SD () C:\S-1-5-21-3031066903-3856787413-868265610-1006
2015-01-05 20:10 - 2012-07-26 19:11 - 00000000 ____D () C:\Users\1\AppData\Roaming\Skype
2015-01-05 18:31 - 2011-12-27 19:56 - 00000000 ____D () C:\Users\1\AppData\Local\VirtualStore
2015-01-05 16:55 - 2014-07-27 06:28 - 96259306 ____R () C:\Users\1\Downloads\[DeadFish] Non Non Biyori - OVA [DVD][480p][AAC].mp4.decbak
2015-01-05 16:54 - 2014-11-19 20:15 - 01380214 ____R () C:\Users\1\Downloads\Guide to installing carrier hacks.pptx.decbak
2015-01-05 16:54 - 2014-10-28 21:09 - 00238820 ____R () C:\Users\1\Downloads\ZuseMe.zip.decbak
2015-01-05 16:54 - 2014-09-18 17:36 - 04162645 ____R () C:\Users\1\Downloads\14.Kusatta Umi no Nioi.mp3.decbak
2015-01-05 16:54 - 2014-09-16 19:50 - 00852917 ____R () C:\Users\1\Downloads\49 MaMU2.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:27 - 00869882 ____R () C:\Users\1\Downloads\I Am Not Home.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:27 - 00756602 ____R () C:\Users\1\Downloads\God Level.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:26 - 00816506 ____R () C:\Users\1\Downloads\All Day.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 01103036 ____R () C:\Users\1\Downloads\40 Noire.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 01023664 ____R () C:\Users\1\Downloads\29 Anna.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00996588 ____R () C:\Users\1\Downloads\21 Olivia.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00954180 ____R () C:\Users\1\Downloads\03 Freddy Bear.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00927508 ____R () C:\Users\1\Downloads\11 Lon'qu.mp3.decbak
2015-01-05 16:54 - 2014-07-21 18:59 - 13818596 ____R () C:\Users\1\Downloads\Yoko_Kanno-ili_lolol_[Zankyou_no_Terror].mp3.decbak
2015-01-05 16:54 - 2014-07-21 18:59 - 06594185 ____R () C:\Users\1\Downloads\Yoko_Kanno_amp_POP_ETC-is_[Zankyou_no_Terror_OST].mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:34 - 05923612 ____R () C:\Users\1\Downloads\Stone Cold Crazy (feat. Josh Homme).mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:31 - 10219017 ____R () C:\Users\1\Downloads\Outlaw Blues (Bob Dylan Cover).mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:30 - 11506284 ____R () C:\Users\1\Downloads\No One Knows (Flute, Orchestra, No Solo, Backing Vox, Piano).mp3.decbak
2015-01-05 16:54 - 2014-02-19 00:06 - 28017951 ____R () C:\Users\1\Downloads\[774 Nanashi] Nagatoro's Sandbag.zip.decbak
2015-01-05 16:54 - 2013-06-20 22:00 - 272523981 ____R () C:\Users\1\Downloads\amd_9002_v78_vga.zip.decbak
2015-01-05 16:54 - 2013-06-20 22:00 - 09456943 ____R () C:\Users\1\Downloads\amd_9002_v78_vga.zip.part.decbak
2015-01-05 16:54 - 2012-12-09 00:50 - 20659071 ____R () C:\Users\1\Downloads\Fallout.zip.decbak
2015-01-05 16:53 - 2012-04-22 18:09 - 00002378 ____R () C:\Users\1\Documents\MumbleAutomaticCertificateBackup.p12.decbak
2015-01-05 16:53 - 2012-02-18 22:01 - 00000162 ___RH () C:\Users\1\Desktop\~$Debate.docx.decbak
2015-01-05 06:37 - 2013-03-24 02:11 - 00000000 ____D () C:\Users\1\AppData\Roaming\vlc
2015-01-05 00:35 - 2014-01-22 15:15 - 00000000 ____D () C:\Users\1\AppData\Local\CF1DA33D-98E4-496F-BA1D-9A0E0DA4B395.aplzod
2015-01-05 00:35 - 2013-07-26 21:59 - 00000279 ____R () C:\Users\1\AppData\Roaming\WB.CFG
2015-01-04 10:34 - 2014-07-30 12:29 - 00002167 ____R () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2015-01-04 10:31 - 2014-07-30 12:29 - 00000000 ____D () C:\Windows\pss
2015-01-04 10:27 - 2013-08-16 19:15 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 10:22 - 2013-08-16 19:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-02 21:28 - 2014-06-02 19:22 - 00000000 ____D () C:\Users\1\AppData\Roaming\iFunbox_UserCache
2015-01-02 00:25 - 2013-03-04 15:54 - 00000000 ____D () C:\Users\1\AppData\Roaming\TS3Client
2014-12-24 13:32 - 2011-02-02 00:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-24 13:32 - 2011-02-02 00:35 - 00000000 ___HD () C:\ProgramData\Skype
2014-12-22 20:54 - 2013-12-02 00:11 - 00001474 ____R () C:\Users\1\Desktop\Steins;Gate.lnk
2014-12-20 15:55 - 2011-12-29 13:52 - 00000000 ____D () C:\Users\1\Documents\My Games
2014-12-17 23:41 - 2013-08-16 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-12-17 00:35 - 2014-12-01 18:35 - 00000010 ____R () C:\Users\1\AppData\Local\DSI.DAT
2014-12-15 19:44 - 2012-11-15 22:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 19:44 - 2012-11-15 22:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 01:45 - 2012-11-15 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-15 01:40 - 2011-04-28 19:35 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-12-10 18:31 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 03:28 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 03:13 - 2011-04-28 19:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:12 - 2014-01-16 11:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:04 - 2012-03-04 01:15 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-09 22:20 - 2014-11-02 22:15 - 00000049 _____ () C:\Windows\SysWOW64\ScrRecX.log
2014-12-09 22:20 - 2014-03-22 02:24 - 00001148 ____R () C:\Users\Public\Desktop\aTube Catcher.lnk
2014-12-09 22:20 - 2013-10-08 03:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
 
Files to move or delete:
====================
C:\ProgramData\hash.dat
 
 
Some content of TEMP:
====================
C:\Users\c\AppData\Local\Temp\InstallFlashPlayer.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-26 15:24
 
==================== End Of Log ============================


#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:58 AM

Posted 09 January 2015 - 08:14 AM

Hey my friend, :)

Step 1: FRST Fix
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
    HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
    HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
    HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [AdobeBridge] => [X]
    HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Ehjxtion] => regsvr32.exe C:\Users\1\AppData\Local\Ehjxtion\hcwWebInit80.dll <===== ATTENTION
    HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\MountPoints2: D - D:\DVDSetup.exe
    HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\MountPoints2: {5f52180a-2ea5-11e0-b118-806e6f6e6963} - D:\Setup.EXE
    HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
    HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
    HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
    Startup: C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\schtasks.lnk
    ShortcutTarget: schtasks.lnk -> C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe (No File)
    ShortcutTarget: Dell Dock.lnk -> C:\Users\1\AppData\Local\Temp\DellDock.exe (No File)
    ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll No File
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {27C03B0B-EA15-4533-9540-1AE7E9F1428F} URL = 
    SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
    Toolbar: HKLM - No Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
    Toolbar: HKLM - No Name - !{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    Toolbar: HKLM-x32 - No Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
    Toolbar: HKLM-x32 - No Name - !{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    Toolbar: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    CHR HomePage: Default -> https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
    CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    S2 0172931388640400mcinstcleanup; C:\Users\1\AppData\Local\Temp\017293~1.EXE -cleanup -nolog [X]
    S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
    2015-01-07 00:31 - 2015-01-08 15:33 - 00000000 ____D () C:\Users\1\AppData\Roaming\Viemwyx
    C:\ProgramData\hash.dat
    EmptyTemp:
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply
Step 2: FRST Scan
  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.
Step 3: ESET

Please run a free online scan with the ESET Online Scanner:

IMPORTANT: You MUST use Internet Explorer for this step!
  • Visit the ESET Online Scanner Web Page
  • Select the blue Run ESET Online Scanner button:
    ESET1_zps23a5e840.png
  • Tick the box next to YES, I accept the Terms of Use and click Start
    ESET_EULA2_zps9451f1c3.png
  • When asked, allow the ActiveX control to install.
  • Select Enable detection of potentially unwanted applications and select Advanced Settings:
    ESET2_zpsc701c045.png
  • Make sure to check the options Remove found threats and Enable Anti-Stealth technology are checked:
    ESET4_zps0afafd0d.png
  • Click Start. (This scan can take several hours, so please be patient):
    ESET3_zpsccd1657d.png
  • Once the scan is completed, select List of found threats:
    ESET5_zpsd27be299.png
  • Select Export to text file... and save the file as ESETlog.txt on your Desktop:
    ESET6_zpsc17d154e.png
  • Click the Back button.
  • Click the Finish button:
    ESET9_zps51587217.png
  • Use Notepad to open the saved log file (on your Desktop- ESET.txt)[/b]
  • Copy and paste that log as a reply to this topic.
Step 4: Question

How is your PC running?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 Tr1pkt12

Tr1pkt12
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 09 January 2015 - 07:19 PM

I wasn't able to do ESET scanner part because the pop-up would go blank

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by 1 at 2015-01-09 16:39:17 Run:1
Running from C:\Users\1\Desktop
Loaded Profiles: 1 & UpdatusUser (Available profiles: 1 & UpdatusUser & LogMeInRemoteUser)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Ehjxtion] => regsvr32.exe C:\Users\1\AppData\Local\Ehjxtion\hcwWebInit80.dll <===== ATTENTION
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\MountPoints2: D - D:\DVDSetup.exe
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\MountPoints2: {5f52180a-2ea5-11e0-b118-806e6f6e6963} - D:\Setup.EXE
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\Explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\schtasks.lnk
ShortcutTarget: schtasks.lnk -> C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe (No File)
ShortcutTarget: Dell Dock.lnk -> C:\Users\1\AppData\Local\Temp\DellDock.exe (No File)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {27C03B0B-EA15-4533-9540-1AE7E9F1428F} URL = 
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
Toolbar: HKLM - No Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM - No Name - !{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKLM-x32 - No Name - !{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM-x32 - No Name - !{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR HomePage: Default -> https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
S2 0172931388640400mcinstcleanup; C:\Users\1\AppData\Local\Temp\017293~1.EXE -cleanup -nolog [X]
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
2015-01-07 00:31 - 2015-01-08 15:33 - 00000000 ____D () C:\Users\1\AppData\Roaming\Viemwyx
C:\ProgramData\hash.dat
EmptyTemp:
*****************
 
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\GoToAssist" => Key deleted successfully.
HKU\S-1-5-19\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-20\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Ehjxtion => value deleted successfully.
"HKU\S-1-5-21-3031066903-3856787413-868265610-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\D" => Key deleted successfully.
"HKU\S-1-5-21-3031066903-3856787413-868265610-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{5f52180a-2ea5-11e0-b118-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{5f52180a-2ea5-11e0-b118-806e6f6e6963} => Key not found. 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
C:\Users\1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\schtasks.lnk => Moved successfully.
C:\Users\1\AppData\Roaming\Microsoft\Windows\IEUpdate\schtasks.exe not found.
C:\Users\1\AppData\Local\Temp\DellDock.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1SecureIconsProvider" => Key deleted successfully.
"HKCR\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3031066903-3856787413-868265610-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{27C03B0B-EA15-4533-9540-1AE7E9F1428F}" => Key deleted successfully.
HKCR\CLSID\{27C03B0B-EA15-4533-9540-1AE7E9F1428F} => Key not found. 
"HKU\S-1-5-21-3031066903-3856787413-868265610-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => value deleted successfully.
HKCR\CLSID\!{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => Key not found. 
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\CLSID\!{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => value deleted successfully.
HKCR\Wow6432Node\CLSID\!{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => Key not found. 
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
HKCR\Wow6432Node\CLSID\!{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key not found. 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key not found. 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
0172931388640400mcinstcleanup => Service deleted successfully.
ADExchange => Service deleted successfully.
C:\Users\1\AppData\Roaming\Viemwyx => Moved successfully.
C:\ProgramData\hash.dat => Moved successfully.
EmptyTemp: => Removed 2.2 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 16:42:39 ====
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by 1 (administrator) on SEAN-PC on 09-01-2015 18:00:00
Running from C:\Users\1\Desktop
Loaded Profiles: 1 & UpdatusUser (Available profiles: 1 & UpdatusUser & LogMeInRemoteUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
( ) C:\Windows\System32\dleacoms.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\ramaint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Bitberry Software) C:\Program Files (x86)\FreeFileViewer\FFVCheckForUpdates.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(BitTorrent Inc.) C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Arnold Vink) C:\Users\1\Downloads\ZuseMe\ZuseMe\ZuseMe.exe
() C:\Users\1\Downloads\ZuseMe\ZuseMe\Resources\ZuseMePlaying.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13774040 2015-01-06] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [35696 2009-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dell DataSafe Online] => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe [1117528 2010-08-25] (Dell, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [ChallengerPro] => C:\Program Files (x86)\Thermaltake Challenger Pro\Ttsystray.exe [1254912 2010-06-21] (Chicony)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1802048 2014-10-13] (IObit)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-07] (Dell)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKLM\...\Policies\Explorer: [NoSetActiveDesktop] 0
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2295584 2014-04-21] (IObit)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Iddbsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\1\AppData\Local\IXTsoft\btbGLSvc16.dll
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [uTorrent] => C:\Users\1\AppData\Roaming\uTorrent\uTorrent.exe [1378640 2015-01-06] (BitTorrent Inc.)
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Policies\Explorer: [NoSetActiveDesktop] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Users\1\AppData\Local\Temp\DellDock.exe (No File)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
URLSearchHook: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 - Default Value = {CFBFAE00-17A6-11D0-99CB-00C04FD64497}
SearchScopes: HKLM -> {27C03B0B-EA15-4533-9540-1AE7E9F1428F} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {A4300A8E-C6CC-4609-A26E-5B84F99901F7} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {80C9D3B8-EDA4-49F7-83C3-B90BB20EAB24} URL = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {8479186C-4CAE-428C-B70A-C2F9191DB716} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {9EA88A2B-A1D9-4D81-B907-F06D1FA7C373} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1007 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{0D9E443E-C250-4392-B51A-9D9BFB0757A7}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{4584B1C6-466D-408A-80C3-2D8483BE9C27}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{AB6D0BB6-3D6E-4ABC-A299-0D91F30C3431}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{EDA269E2-391C-479D-9B71-1FCE3FA82C8C}: [NameServer] 8.8.8.8,8.8.8.8,8.8.8.8,8.8.8.8
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=1.6.0_45 -> C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKU\S-1-5-21-3031066903-3856787413-868265610-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\1\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3031066903-3856787413-868265610-1006: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 
Chrome: 
=======
CHR HomePage: Default -> https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Sad Panda) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohapeiooecafommnlaiccilacgmkaoc [2014-01-15]
CHR Extension: (4chan X) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cellaaeoekimmemgdheibaibbaoeefbl [2014-06-15]
CHR Extension: (EditThisCookie) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-01-15]
CHR Extension: (Hola Better Internet) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2015-01-08]
CHR Extension: (Last.fm Scrobbler) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhinaapppaileiechjoiifaancjggfjm [2014-01-27]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-01-04]
CHR Extension: (Google Wallet) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-15]
CHR Extension: (Better History) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\obciceimmggglbmelaidpjlmodcebijb [2015-01-08]
CHR Extension: (4chan Plus) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pinelipedelckihohgdlpcclgocodhjj [2014-06-15]
CHR Extension: (4chan Media Player) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppapgpglcdbdkemapmhjnjdhabmmhgid [2014-01-20]
CHR Profile: C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-25]
CHR Extension: (Google Drive) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-25]
CHR Extension: (YouTube) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-25]
CHR Extension: (uTorrentControl_v6) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp [2013-05-25]
CHR Extension: (Google Search) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-25]
CHR Extension: (Make this page red) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dnfaglepmjgohnkcoieaijlheabmcdeo [2013-05-25]
CHR Extension: (SiteAdvisor) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2013-05-25]
CHR Extension: (Wajam) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-05-25]
CHR Extension: (Norton Identity Protection) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-05-25]
CHR Extension: (Gmail) - C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-25]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881952 2014-01-14] (IObit)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-27] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5179760 2014-06-18] (Binary Fortress Software)
R2 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-05-21] ( )
R2 dlea_device; C:\Windows\SysWOW64\dleacoms.exe [593920 2009-12-09] ( )
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344896 2014-09-30] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2152736 2014-05-04] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-11-03] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2013-04-30] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-17] (Electronic Arts)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-15] (AVG Technologies)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-01-06] (REALiX™)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-04-30] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2015-01-05] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
R3 xb1usb; C:\Windows\System32\DRIVERS\xb1usb.sys [34016 2014-05-28] (Microsoft Corporation)
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-09 18:00 - 2015-01-09 18:00 - 00028705 _____ () C:\Users\1\Desktop\FRST.txt
2015-01-09 17:10 - 2015-01-09 17:11 - 00960272 _____ (Emsisoft Ltd) C:\Users\1\Desktop\decrypt_pclock2.exe
2015-01-09 16:35 - 2015-01-09 16:35 - 00034294 _____ () C:\Users\1\Downloads\[HorribleSubs] Assassination Classroom - 01 [720p].mkv.torrent
2015-01-08 15:46 - 2015-01-08 15:46 - 00000000 ____D () C:\Windows\ERUNT
2015-01-08 15:45 - 2015-01-08 15:45 - 01707939 _____ (Thisisu) C:\Users\1\Downloads\JRT.exe
2015-01-08 14:40 - 2015-01-09 17:56 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-08 14:40 - 2015-01-08 14:40 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-08 14:40 - 2015-01-08 14:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-08 14:40 - 2015-01-08 14:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-08 14:40 - 2015-01-08 14:40 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-01-08 14:40 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-08 14:40 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-08 14:40 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-08 14:36 - 2015-01-08 14:38 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\1\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-08 13:42 - 2015-01-08 14:04 - 00000000 ____D () C:\AdwCleaner
2015-01-08 13:31 - 2015-01-08 13:34 - 02191360 _____ () C:\Users\1\Downloads\AdwCleaner.exe
2015-01-08 12:52 - 2015-01-08 12:52 - 00000000 ____D () C:\Users\1\AppData\Roaming\AMD
2015-01-08 12:37 - 2015-01-08 12:37 - 00046107 _____ () C:\Users\1\Downloads\Addition.txt
2015-01-08 12:34 - 2015-01-09 18:00 - 00000000 ____D () C:\FRST
2015-01-08 12:29 - 2015-01-08 12:34 - 02124288 _____ (Farbar) C:\Users\1\Desktop\FRST64.exe
2015-01-08 12:04 - 2015-01-08 10:00 - 00057810 _____ () C:\Users\1\Downloads\[HorribleSubs] Tokyo Ghoul Root A - 01 [1080p].mkv.torrent
2015-01-08 12:00 - 2015-01-08 12:05 - 00688992 ____R (Swearware) C:\Users\1\Downloads\dds.com
2015-01-08 11:22 - 2015-01-08 11:23 - 00069492 _____ (Swearware) C:\Users\1\Downloads\5F11.tmp
2015-01-08 11:22 - 2015-01-08 11:22 - 00057810 _____ () C:\Users\1\Downloads\3FBC.tmp
2015-01-08 11:21 - 2015-01-08 11:21 - 00057810 _____ () C:\Users\1\Downloads\E1BE.tmp
2015-01-08 11:14 - 2015-01-08 11:18 - 00177136 _____ (Swearware) C:\Users\1\Downloads\Unconfirmed 252798.crdownload
2015-01-08 07:11 - 2015-01-08 07:12 - 00024935 _____ () C:\Users\1\Downloads\[kickass.so]american.horror.story.s04e11.hdtv.x264.killers.ettv.torrent
2015-01-07 01:41 - 2015-01-07 01:42 - 00000000 ____D () C:\Program Files\Zune
2015-01-07 01:41 - 2015-01-07 01:41 - 00000929 _____ () C:\Users\Public\Desktop\Zune.lnk
2015-01-07 01:41 - 2015-01-07 01:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
2015-01-07 01:36 - 2015-01-07 01:36 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\Program Files\iTunes
2015-01-07 01:36 - 2015-01-07 01:36 - 00000000 ____D () C:\Program Files\iPod
2015-01-07 01:36 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2015-01-07 01:21 - 2015-01-07 01:24 - 00010395 _____ () C:\Users\1\Documents\Uninstall STAR WARS The Old Republic.log
2015-01-07 01:14 - 2015-01-07 01:14 - 00002878 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_1
2015-01-07 00:29 - 2015-01-07 00:29 - 00002846 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (1)
2015-01-06 20:56 - 2015-01-06 20:56 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2015-01-06 20:54 - 2015-01-06 20:54 - 00545200 _____ (Sun Microsystems, Inc.) C:\Windows\system32\npdeployJava1.dll
2015-01-06 20:54 - 2015-01-06 20:54 - 00196528 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaws.exe
2015-01-06 20:54 - 2015-01-06 20:54 - 00172976 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaw.exe
2015-01-06 20:54 - 2015-01-06 20:54 - 00172976 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00162224 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00149936 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00149936 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2015-01-06 20:53 - 2015-01-06 20:53 - 00000000 ____D () C:\Program Files (x86)\Java
2015-01-06 20:51 - 2015-01-06 20:51 - 47899136 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 40987136 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 28354560 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 23621632 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 18959360 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 15716352 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 09401480 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 08379720 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 08369408 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 05837312 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 04590592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 03471376 _____ () C:\Windows\SysWOW64\atiumdva.cap
2015-01-06 20:51 - 2015-01-06 20:51 - 03437632 _____ () C:\Windows\system32\atiumd6a.cap
2015-01-06 20:51 - 2015-01-06 20:51 - 01187342 _____ () C:\Windows\system32\amdocl_as64.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 01061902 _____ () C:\Windows\system32\amdocl_ld64.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00995342 _____ () C:\Windows\SysWOW64\amdocl_as32.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00903168 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00843776 _____ (AMD) C:\Windows\system32\coinst_14.50.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00798734 _____ () C:\Windows\SysWOW64\amdocl_ld32.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00765851 _____ () C:\Windows\system32\amdicdxx.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00734861 _____ () C:\Windows\system32\atiicdxx.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00631912 _____ () C:\Windows\SysWOW64\atiapfxx.blb
2015-01-06 20:51 - 2015-01-06 20:51 - 00631912 _____ () C:\Windows\system32\atiapfxx.blb
2015-01-06 20:51 - 2015-01-06 20:51 - 00589312 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00323252 _____ () C:\Windows\system32\ativvaxy_vi.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00321712 _____ () C:\Windows\system32\ativvaxy_vi_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00294600 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-01-06 20:51 - 2015-01-06 20:51 - 00238144 _____ () C:\Windows\system32\ativvaxy_cz_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00235008 _____ () C:\Windows\system32\clinfo.exe
2015-01-06 20:51 - 2015-01-06 20:51 - 00234292 _____ () C:\Windows\system32\ativvaxy_cik.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00232624 _____ () C:\Windows\system32\ativvaxy_cik_nd.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00158944 _____ () C:\Windows\system32\ativce03.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00157248 _____ () C:\Windows\system32\amde31a.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00146944 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00140240 _____ () C:\Windows\system32\samu_krnl_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00138832 _____ () C:\Windows\system32\samu_krnl_isv_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00133632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00126848 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00118096 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00118096 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00098816 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OpenVideo64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00095744 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00091648 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00090112 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00086528 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\OVDecode64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00085504 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00083456 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OpenVideo.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00083312 _____ () C:\Windows\system32\ativce02.dat
2015-01-06 20:51 - 2015-01-06 20:51 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00073216 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\OVDecode.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00058880 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00049664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00046128 _____ () C:\Windows\system32\kapp_ci.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00041936 _____ () C:\Windows\system32\kapp_si.sbin
2015-01-06 20:51 - 2015-01-06 20:51 - 00038912 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-01-06 20:51 - 2015-01-06 20:51 - 00031232 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 04263128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 03186544 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02827120 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 02000640 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-01-06 20:50 - 2015-01-06 20:50 - 01728768 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 01443340 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-01-06 20:50 - 2015-01-06 20:50 - 01287384 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00959704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00629464 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00458960 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\k57nd60a.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00110080 _____ (Advanced Micro Devices) C:\Windows\system32\DelayAPO.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00094720 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\AtihdW76.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00082048 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_sata.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2015-01-06 20:50 - 2015-01-06 20:50 - 00042624 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amd_xata.sys
2015-01-06 20:50 - 2015-01-06 20:50 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2015-01-06 20:28 - 2015-01-08 15:33 - 00000000 ____D () C:\Users\1\AppData\Roaming\Onqyte
2015-01-06 20:14 - 2015-01-08 13:29 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)
2015-01-06 20:14 - 2015-01-06 20:56 - 00002036 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-01-06 20:14 - 2015-01-06 20:14 - 00026528 _____ (REALiX™) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-01-06 20:14 - 2015-01-06 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-01-06 20:10 - 2015-01-06 20:10 - 00001135 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-01-06 20:10 - 2015-01-06 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-01-06 06:19 - 2015-01-06 06:19 - 00000000 ____D () C:\Users\1\Downloads\MusicBeeSetup_2_4
2015-01-06 06:02 - 2015-01-06 06:05 - 00447216 _____ () C:\Users\1\Downloads\MusicBeeSetup_2_4.zip
2015-01-06 05:56 - 2013-03-01 20:28 - 00000000 ____D () C:\Users\1\Downloads\Disc2
2015-01-06 05:56 - 2013-03-01 20:28 - 00000000 ____D () C:\Users\1\Downloads\Disc1
2015-01-06 02:08 - 2015-01-06 02:09 - 480055602 _____ () C:\Users\1\Downloads\[Asenshi] Yuri Kuma Arashi - 01 [97E8C378].mkv
2015-01-06 02:08 - 2015-01-06 02:08 - 00036898 _____ () C:\Users\1\Downloads\[Asenshi] Yuri Kuma Arashi - 01 [97E8C378].mkv.torrent
2015-01-06 02:05 - 2015-01-06 02:05 - 00681472 _____ () C:\Users\1\Downloads\MicrosoftFixit50577.msi
2015-01-06 01:47 - 2015-01-06 01:47 - 00000850 _____ () C:\Users\1\Desktop\µTorrent.lnk
2015-01-06 01:46 - 2015-01-09 17:59 - 00000000 ____D () C:\Users\1\AppData\Roaming\uTorrent
2015-01-06 01:45 - 2015-01-06 01:46 - 00013824 ___SH () C:\Users\1\AppData\Roaming\Thumbs.db
2015-01-06 01:43 - 2015-01-06 01:50 - 105664248 _____ (Microsoft Corporation) C:\Users\1\Downloads\ZuneSetupPkg.exe
2015-01-06 00:52 - 2015-01-06 00:56 - 00179022 _____ (Microsoft Corporation) C:\Users\1\Downloads\36B5.tmp
2015-01-06 00:52 - 2015-01-06 00:56 - 00176946 _____ (Binary Fortress Software ) C:\Users\1\Downloads\4670.tmp
2015-01-06 00:52 - 2015-01-06 00:52 - 00001153 _____ () C:\Users\1\Desktop\decrypt_pclock - Shortcut.lnk
2015-01-06 00:42 - 2015-01-06 00:42 - 00000000 ____D () C:\b42a65637331628260f4e35af1
2015-01-06 00:24 - 2015-01-06 00:24 - 00000000 ____D () C:\99a128ea5f3c7990a4cf
2015-01-05 23:13 - 2015-01-05 23:10 - 00736224 _____ (Emsisoft Ltd) C:\Users\1\Downloads\decrypt_pclock.exe
2015-01-05 22:43 - 2015-01-06 20:11 - 00128200 _____ () C:\Windows\SysWOW64\GDIPFONTCACHEV1.DAT
2015-01-05 22:36 - 2015-01-05 22:36 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll
2015-01-05 22:35 - 2015-01-06 01:28 - 00000000 ____D () C:\ProgramData\Foolish IT
2015-01-05 22:35 - 2015-01-05 22:35 - 00971528 _____ (Foolish IT LLC ) C:\Users\1\Downloads\CryptoPreventSetup.exe
2015-01-05 21:01 - 2015-01-08 12:40 - 00128200 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2015-01-05 16:49 - 2015-01-05 16:49 - 00894277 ____R () C:\Users\1\enc_files.txt
2015-01-04 09:27 - 2015-01-04 09:27 - 00035195 ____R () C:\Users\1\Downloads\[kickass.so]neon.genesis.evangelion.episode.1.26.480p.hi10p.aac.dual.audio.2d4u.torrent
2015-01-02 01:47 - 2015-01-04 04:41 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 __SHD () C:\Users\1\AppData\Local\EmieBrowserModeList
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 ____D () C:\Users\1\AppData\Local\IXTsoft
2015-01-02 01:32 - 2015-01-02 01:32 - 00000000 ____D () C:\Users\1\AppData\Local\Ehjxtion
2015-01-01 20:17 - 2015-01-01 20:17 - 00001933 ____R () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2015-01-01 20:17 - 2015-01-01 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2015-01-01 20:17 - 2015-01-01 20:17 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-12-28 16:05 - 2015-01-01 20:17 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-12-24 13:32 - 2014-12-24 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-12-20 15:26 - 2014-12-20 15:26 - 00000222 ____R () C:\Users\1\Desktop\The Binding of Isaac Rebirth.url
2014-12-18 01:54 - 2014-12-18 01:54 - 00878408 ____R () C:\Users\1\Downloads\org.thebigboss.homescreendesigner_v1.2.2-5_iphoneos-arm.deb
2014-12-17 23:50 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-17 23:50 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-17 00:35 - 2014-12-17 00:35 - 00022528 ____R () C:\Users\1\AppData\Local\dsisetup338801722.exe
2014-12-15 22:55 - 2015-01-05 23:23 - 00000000 ____D () C:\Users\1\Downloads\JailBreak
2014-12-15 19:48 - 2014-12-15 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-15 19:48 - 2014-12-15 19:48 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-14 17:59 - 2014-12-14 17:59 - 00000000 ____D () C:\ProgramData\Avg_Update_1214tb
2014-12-12 01:29 - 2015-01-05 16:54 - 00042433 __RSH () C:\Users\1\Downloads\Folder.jpg.decbak
2014-12-12 01:29 - 2015-01-05 16:54 - 00007475 __RSH () C:\Users\1\Downloads\AlbumArtSmall.jpg.decbak
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-09 18:00 - 2011-04-28 19:35 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-01-09 17:58 - 2012-10-10 21:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-09 17:58 - 2009-07-13 23:10 - 01065497 _____ () C:\Windows\WindowsUpdate.log
2015-01-09 17:52 - 2011-06-18 15:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 17:17 - 2014-04-14 00:01 - 00000000 ____D () C:\Users\1\Downloads\Media
2015-01-09 17:03 - 2009-07-13 22:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-09 17:03 - 2009-07-13 22:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-09 17:02 - 2011-10-19 16:52 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000UA.job
2015-01-09 16:56 - 2011-02-02 01:05 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks
2015-01-09 16:56 - 2011-02-02 01:05 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks
2015-01-09 16:56 - 2011-02-02 00:34 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2015-01-09 16:55 - 2014-01-23 18:32 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2015-01-09 16:55 - 2014-01-23 18:32 - 00000950 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2015-01-09 16:55 - 2012-05-25 19:43 - 00000394 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job
2015-01-09 16:55 - 2012-04-29 17:32 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-01-09 16:55 - 2011-06-18 15:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-09 16:55 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-09 15:18 - 2011-02-02 00:49 - 00000000 ___HD () C:\ProgramData\Sonic
2015-01-09 15:15 - 2013-10-03 14:45 - 00000000 ____D () C:\ProgramData\LogMeIn
2015-01-08 17:10 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2015-01-08 15:48 - 2011-05-14 11:00 - 00000000 ___HD () C:\ProgramData\PCDr
2015-01-08 12:52 - 2011-08-04 07:55 - 00000000 ___HD () C:\Program Files (x86)\Steam
2015-01-08 11:47 - 2011-12-30 19:33 - 00000000 ____D () C:\Users\1\AppData\Local\LogMeIn Hamachi
2015-01-08 07:26 - 2012-05-25 20:06 - 00000000 ____D () C:\Users\1\AppData\Roaming\Apple Computer
2015-01-07 02:48 - 2013-06-20 03:12 - 00000000 ____D () C:\Users\1\AppData\Local\Paint.NET
2015-01-07 01:36 - 2013-11-05 23:23 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-01-07 01:21 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-01-07 01:20 - 2014-01-01 23:46 - 00000000 ____D () C:\Users\1\AppData\Roaming\IObit
2015-01-07 01:15 - 2013-01-15 16:07 - 00000000 ____D () C:\Users\1\AppData\Local\Sony
2015-01-07 01:14 - 2014-01-01 23:50 - 00000000 ____D () C:\ProgramData\ProductData
2015-01-07 01:02 - 2011-10-19 16:52 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3031066903-3856787413-868265610-1000Core.job
2015-01-07 00:01 - 2009-07-13 22:45 - 05086048 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-01-06 20:56 - 2012-04-29 17:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2015-01-06 20:55 - 2012-12-11 00:01 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-01-06 20:55 - 2012-10-10 21:06 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-01-06 20:55 - 2012-10-10 21:06 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-01-06 20:55 - 2011-06-18 15:50 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-01-06 20:54 - 2011-02-02 00:27 - 00526768 _____ (Sun Microsystems, Inc.) C:\Windows\system32\deployJava1.dll
2015-01-06 20:53 - 2012-12-02 14:11 - 00477616 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\npdeployJava1.dll
2015-01-06 20:53 - 2011-02-02 00:27 - 00473520 _____ (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2015-01-06 20:52 - 2013-01-11 21:21 - 00000000 ____D () C:\Program Files\AMD
2015-01-06 20:51 - 2012-12-19 13:56 - 00774656 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-01-06 20:51 - 2012-12-19 13:56 - 00244736 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-01-06 20:51 - 2012-12-19 13:33 - 01214976 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-01-06 20:51 - 2012-06-11 11:24 - 01127496 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-01-06 20:51 - 2012-06-11 11:23 - 01348928 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-01-06 20:51 - 2012-06-11 11:01 - 11076784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-01-06 20:51 - 2012-06-11 10:45 - 07077776 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-01-06 20:51 - 2012-06-11 10:43 - 07558816 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-01-06 20:51 - 2012-06-11 10:25 - 00144328 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-01-06 20:51 - 2012-06-11 10:24 - 00100032 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-01-06 20:51 - 2011-02-02 02:22 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2015-01-06 20:14 - 2012-03-11 04:28 - 00000000 ____D () C:\ProgramData\IObit
2015-01-06 20:14 - 2012-03-11 04:28 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-01-06 19:56 - 2011-02-02 00:29 - 00000000 ___HD () C:\ProgramData\Adobe
2015-01-06 19:55 - 2011-02-02 00:29 - 00000000 ____D () C:\Program Files (x86)\Adobe
2015-01-06 19:50 - 2011-11-11 08:49 - 00000000 ___HD () C:\Users\c
2015-01-06 06:04 - 2014-10-18 15:13 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-01-06 06:03 - 2012-05-25 20:04 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-01-06 02:00 - 2012-01-03 18:53 - 00000000 ____D () C:\Users\1\AppData\Local\Adobe
2015-01-06 01:51 - 2012-11-05 17:39 - 00000000 ____D () C:\Users\1\AppData\Roaming\DisplayFusion
2015-01-06 01:44 - 2013-05-19 20:26 - 00000000 ____D () C:\uTorrent
2015-01-06 00:58 - 2012-01-08 21:32 - 00001481 _____ () C:\prefs.js
2015-01-06 00:36 - 2012-11-05 18:20 - 00000000 ____D () C:\Users\1\Desktop\Word Projects
2015-01-06 00:36 - 2012-03-11 04:26 - 00000000 ____D () C:\Users\1\AppData\Roaming\Mozilla
2015-01-06 00:10 - 2012-05-21 19:03 - 00000000 ___RD () C:\Users\1\Podcasts
2015-01-05 23:23 - 2012-03-02 17:21 - 00000000 ____D () C:\Users\1\Downloads\Display_ATI_WSW7_3264_8.850.0.0000
2015-01-05 23:22 - 2014-07-27 06:28 - 96259306 _____ () C:\Users\1\Downloads\[DeadFish] Non Non Biyori - OVA [DVD][480p][AAC].mp4
2015-01-05 23:21 - 2014-11-19 20:15 - 01380214 _____ () C:\Users\1\Downloads\Guide to installing carrier hacks.pptx
2015-01-05 23:21 - 2014-10-28 21:09 - 00238820 _____ () C:\Users\1\Downloads\ZuseMe.zip
2015-01-05 23:21 - 2014-10-21 22:44 - 00000000 ____D () C:\Users\1\Documents\Photoshop
2015-01-05 23:21 - 2014-09-16 17:13 - 00000000 ____D () C:\Users\1\Documents\Samantha Stuff
2015-01-05 23:21 - 2014-02-19 00:06 - 28017951 _____ () C:\Users\1\Downloads\[774 Nanashi] Nagatoro's Sandbag.zip
2015-01-05 23:21 - 2014-01-22 15:15 - 00000000 ____D () C:\Users\1\Documents\Outlook Files
2015-01-05 23:21 - 2013-06-20 22:00 - 272523981 _____ () C:\Users\1\Downloads\amd_9002_v78_vga.zip
2015-01-05 23:21 - 2013-06-20 22:00 - 09456943 _____ () C:\Users\1\Downloads\amd_9002_v78_vga.zip.part
2015-01-05 23:21 - 2012-12-09 00:50 - 20659071 _____ () C:\Users\1\Downloads\Fallout.zip
2015-01-05 23:21 - 2012-05-04 21:47 - 00000000 ____D () C:\Users\1\Documents\Records
2015-01-05 23:21 - 2012-04-22 18:09 - 00002378 _____ () C:\Users\1\Documents\MumbleAutomaticCertificateBackup.p12
2015-01-05 23:15 - 2009-07-13 23:13 - 00779266 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-05 21:40 - 2011-12-27 19:56 - 00000000 ____D () C:\Users\1
2015-01-05 21:38 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2015-01-05 20:42 - 2011-12-29 14:52 - 00000000 ____D () C:\Users\1\AppData\Local\CrashDumps
2015-01-05 20:38 - 2013-09-11 15:13 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2015-01-05 20:38 - 2011-12-27 19:56 - 00000000 ___SD () C:\S-1-5-21-3031066903-3856787413-868265610-1006
2015-01-05 20:10 - 2012-07-26 19:11 - 00000000 ____D () C:\Users\1\AppData\Roaming\Skype
2015-01-05 18:31 - 2011-12-27 19:56 - 00000000 ____D () C:\Users\1\AppData\Local\VirtualStore
2015-01-05 16:55 - 2014-07-27 06:28 - 96259306 ____R () C:\Users\1\Downloads\[DeadFish] Non Non Biyori - OVA [DVD][480p][AAC].mp4.decbak
2015-01-05 16:54 - 2014-12-09 23:41 - 00061583 ____R () C:\Users\1\Downloads\hahaitsyuushatime.mp3.decbak
2015-01-05 16:54 - 2014-11-19 20:15 - 01380214 ____R () C:\Users\1\Downloads\Guide to installing carrier hacks.pptx.decbak
2015-01-05 16:54 - 2014-10-28 21:09 - 00238820 ____R () C:\Users\1\Downloads\ZuseMe.zip.decbak
2015-01-05 16:54 - 2014-09-18 17:36 - 04162645 ____R () C:\Users\1\Downloads\14.Kusatta Umi no Nioi.mp3.decbak
2015-01-05 16:54 - 2014-09-16 19:50 - 00852917 ____R () C:\Users\1\Downloads\49 MaMU2.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:27 - 00869882 ____R () C:\Users\1\Downloads\I Am Not Home.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:27 - 00756602 ____R () C:\Users\1\Downloads\God Level.mp3.decbak
2015-01-05 16:54 - 2014-08-24 17:26 - 00816506 ____R () C:\Users\1\Downloads\All Day.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 01103036 ____R () C:\Users\1\Downloads\40 Noire.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 01023664 ____R () C:\Users\1\Downloads\29 Anna.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00996588 ____R () C:\Users\1\Downloads\21 Olivia.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00954180 ____R () C:\Users\1\Downloads\03 Freddy Bear.mp3.decbak
2015-01-05 16:54 - 2014-07-29 09:10 - 00927508 ____R () C:\Users\1\Downloads\11 Lon'qu.mp3.decbak
2015-01-05 16:54 - 2014-07-21 18:59 - 13818596 ____R () C:\Users\1\Downloads\Yoko_Kanno-ili_lolol_[Zankyou_no_Terror].mp3.decbak
2015-01-05 16:54 - 2014-07-21 18:59 - 06594185 ____R () C:\Users\1\Downloads\Yoko_Kanno_amp_POP_ETC-is_[Zankyou_no_Terror_OST].mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:34 - 05923612 ____R () C:\Users\1\Downloads\Stone Cold Crazy (feat. Josh Homme).mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:31 - 10219017 ____R () C:\Users\1\Downloads\Outlaw Blues (Bob Dylan Cover).mp3.decbak
2015-01-05 16:54 - 2014-06-26 08:30 - 11506284 ____R () C:\Users\1\Downloads\No One Knows (Flute, Orchestra, No Solo, Backing Vox, Piano).mp3.decbak
2015-01-05 16:54 - 2014-02-19 00:06 - 28017951 ____R () C:\Users\1\Downloads\[774 Nanashi] Nagatoro's Sandbag.zip.decbak
2015-01-05 16:54 - 2013-06-20 22:00 - 272523981 ____R () C:\Users\1\Downloads\amd_9002_v78_vga.zip.decbak
2015-01-05 16:54 - 2013-06-20 22:00 - 09456943 ____R () C:\Users\1\Downloads\amd_9002_v78_vga.zip.part.decbak
2015-01-05 16:54 - 2012-12-09 00:50 - 20659071 ____R () C:\Users\1\Downloads\Fallout.zip.decbak
2015-01-05 16:53 - 2012-04-22 18:09 - 00002378 ____R () C:\Users\1\Documents\MumbleAutomaticCertificateBackup.p12.decbak
2015-01-05 16:53 - 2012-02-18 22:01 - 00000162 ___RH () C:\Users\1\Desktop\~$Debate.docx.decbak
2015-01-05 06:37 - 2013-03-24 02:11 - 00000000 ____D () C:\Users\1\AppData\Roaming\vlc
2015-01-05 00:35 - 2014-01-22 15:15 - 00000000 ____D () C:\Users\1\AppData\Local\CF1DA33D-98E4-496F-BA1D-9A0E0DA4B395.aplzod
2015-01-05 00:35 - 2013-07-26 21:59 - 00000279 ____R () C:\Users\1\AppData\Roaming\WB.CFG
2015-01-04 10:34 - 2014-07-30 12:29 - 00002167 ____R () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2015-01-04 10:31 - 2014-07-30 12:29 - 00000000 ____D () C:\Windows\pss
2015-01-04 10:27 - 2013-08-16 19:15 - 00000000 ____D () C:\ProgramData\Origin
2015-01-04 10:22 - 2013-08-16 19:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-01-02 21:28 - 2014-06-02 19:22 - 00000000 ____D () C:\Users\1\AppData\Roaming\iFunbox_UserCache
2015-01-02 00:25 - 2013-03-04 15:54 - 00000000 ____D () C:\Users\1\AppData\Roaming\TS3Client
2014-12-24 13:32 - 2011-02-02 00:36 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-24 13:32 - 2011-02-02 00:35 - 00000000 ___HD () C:\ProgramData\Skype
2014-12-22 20:54 - 2013-12-02 00:11 - 00001474 ____R () C:\Users\1\Desktop\Steins;Gate.lnk
2014-12-20 15:55 - 2011-12-29 13:52 - 00000000 ____D () C:\Users\1\Documents\My Games
2014-12-17 23:41 - 2013-08-16 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-12-17 00:35 - 2014-12-01 18:35 - 00000010 ____R () C:\Users\1\AppData\Local\DSI.DAT
2014-12-15 19:44 - 2012-11-15 22:42 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-15 19:44 - 2012-11-15 22:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-15 01:45 - 2012-11-15 22:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-15 01:40 - 2011-04-28 19:35 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2014-12-10 03:28 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 03:13 - 2011-04-28 19:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 03:12 - 2014-01-16 11:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-10 03:04 - 2012-03-04 01:15 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-08 17:03
 
==================== End Of Log ============================


#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:58 AM

Posted 10 January 2015 - 07:20 AM

Hey,
try it with another browser. :)

I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 Tr1pkt12

Tr1pkt12
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 10 January 2015 - 04:30 PM

My PC is running very smoothly after this clean but downloads sometimes takes a while to pop up bu tother than that, my computer is feeling much better 

 

C:\Users\All Users\Microsoft\Secure\Icons\IconsCacheHelper.dll a variant of Win64/Sathurbot.A trojan
C:\Users\All Users\Microsoft\Secure\Icons\temp\tmpBC8C.exe a variant of Win32/Injector.BSIB trojan
C:\Users\All Users\Microsoft\Secure\Icons\temp\tmpE36B.exe Win32/Boaxxe.BQ trojan
C:\Users\All Users\Microsoft\Secure\Icons\temp\tmpF0D9.exe a variant of Win32/Kryptik.CUNF trojan
C:\AdwCleaner\Quarantine\C\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe.vir a variant of Win32/Toolbar.Montiera.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\File Type Assistant\tsassist.exe.vir a variant of Win32/FileTypeAssistant.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\iBryte\playbryte\iBryteDesktop.exe.vir MSIL/Adware.iBryte application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\iBryte\playbryte\uninstall.exe.vir a variant of MSIL/Adware.iBryte.A application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\wse_astromenda\BRS\brs.exe.vir a variant of Win32/AdWare.Agent.NNW application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{DA00D550-BB91-4A26-AAE5-9172D626CAAE}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.31.4.510_0\APISupport\APISupport.dll.vir a variant of Win32/Conduit.SearchProtect.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\1\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\1\AppData\Roaming\Mipony Download Manager Packages\uninstaller.exe.vir Win32/InstallCore.AZ potentially unwanted application deleted - quarantined
C:\Config.Msi\1993c9a.rbf a variant of Win32/Toolbar.Babylon.P potentially unwanted application deleted - quarantined
C:\Program Files (x86)\IObit\Smart Defrag 2\smart-defrag-3-free.exe Win32/Toolbar.Widgi.E potentially unwanted application deleted - quarantined
C:\Program Files (x86)\IObit\Smart Defrag 3\SDUpgrate.exe Win32/Toolbar.Widgi.E potentially unwanted application deleted - quarantined
C:\ProgramData\Microsoft\Secure\Icons\IconsCacheHelper.dll a variant of Win64/Sathurbot.A trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpBC8C.exe a variant of Win32/Injector.BSIB trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpE36B.exe Win32/Boaxxe.BQ trojan cleaned by deleting - quarantined
C:\ProgramData\Microsoft\Secure\Icons\temp\tmpF0D9.exe a variant of Win32/Kryptik.CUNF trojan cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Ehjxtion\hcwWebInit80.dll a variant of Win32/Boaxxe.CL trojan cleaned by deleting - quarantined
C:\Users\1\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.62_0\plugins\ConduitChromeApiPlugin.dll a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\Users\1\AppData\Local\IXTsoft\btbGLSvc16.dll a variant of Win32/Boaxxe.CL trojan cleaned by deleting - quarantined
C:\Users\1\AppData\Local\IXTsoft\tmpF0D9.exe a variant of Win32/Kryptik.CUNF trojan cleaned by deleting - quarantined
C:\Users\1\Downloads\cbsidlm-tr1_13-Virtual_CloneDrive-ORG-173879 (1).exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
C:\Users\1\Downloads\defragsetup.exe a variant of Win32/Toolbar.Widgi.B potentially unwanted application deleted - quarantined


#10 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:58 AM

Posted 10 January 2015 - 04:34 PM

Hey,
please tell me how your computer behaves after this fix below. :)
  • Please open Notepad.exe. Make sure that you don't use any other software than Notepad.exe!
  • Copy and Paste the content of the codebox below into the empty textfile:

    HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Iddbsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\1\AppData\Local\IXTsoft\btbGLSvc16.dll
    ShortcutTarget: Dell Dock.lnk -> C:\Users\1\AppData\Local\Temp\DellDock.exe (No File)
    SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1007 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    CHR HomePage: Default -> https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
    CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp"
    CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
    C:\Users\All Users\Microsoft\Secure\Icons
    C:\ProgramData\Microsoft\Secure\Icons
    C:\Users\1\AppData\Local\Ehjxtion
    C:\Users\1\AppData\Local\IXTsoft
  • Then click on File >> Save as
    • File Name: Fixlist.txt
    • From the Save as type drop down list, choose All Files
  • It is very important that you save this textfile on your Desktop!
Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
  • Run FRST.exe/FRST64.exe (Note: If FRST advises there is a new updated version to be downloaded, allow this.)and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#11 Tr1pkt12

Tr1pkt12
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 11 January 2015 - 04:34 PM

My Computer is running much better than last time and it's not longer clunky but one minor annoyance is that every time I go on chrome, I'm always signed out rather than already signed. My Reddit account, Facebook account and my Youtube account needs to be signed as well as this website. And still downloads would sometimes delay in download and seems to not pop up. Other than that, mu computer is fine.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-01-2015
Ran by 1 at 2015-01-11 15:24:10 Run:2
Running from C:\Users\1\Desktop
Loaded Profiles: 1 & UpdatusUser (Available profiles: 1 & UpdatusUser & LogMeInRemoteUser)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\...\Run: [Iddbsoft] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\1\AppData\Local\IXTsoft\btbGLSvc16.dll
ShortcutTarget: Dell Dock.lnk -> C:\Users\1\AppData\Local\Temp\DellDock.exe (No File)
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1006 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3031066903-3856787413-868265610-1007 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
CHR HomePage: Default -> https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp
CHR StartupUrls: Default -> "https://mysearch.avg.com?cid={BC21BD72-25D4-494F-8F69-3F65857C7E3C}&mid=17d3de7cd8f547d3a5d655626d6bdded-80ffffc0f9e3c64eca402af1a1405d818e4dda8e&lang=en&ds=sf011&coid=avgtbdissf&cmpid=&pr=sa&d=2014-02-06 15:26:17&v=18.1.9.799&pid=safeguard&sg=0&sap=hp"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
C:\Users\All Users\Microsoft\Secure\Icons
C:\ProgramData\Microsoft\Secure\Icons
C:\Users\1\AppData\Local\Ehjxtion
C:\Users\1\AppData\Local\IXTsoft
 
*****************
 
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\Software\Microsoft\Windows\CurrentVersion\Run\\Iddbsoft => Value not found.
C:\Users\1\AppData\Local\Temp\DellDock.exe not found.
HKU\S-1-5-21-3031066903-3856787413-868265610-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKU\S-1-5-21-3031066903-3856787413-868265610-1006\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
HKCR\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key not found. 
HKU\S-1-5-21-3031066903-3856787413-868265610-1007\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
C:\Users\All Users\Microsoft\Secure\Icons => Moved successfully.
"C:\ProgramData\Microsoft\Secure\Icons" => File/Directory not found.
C:\Users\1\AppData\Local\Ehjxtion => Moved successfully.
C:\Users\1\AppData\Local\IXTsoft => Moved successfully.
 
==== End of Fixlog 15:24:11 ====


#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:58 AM

Posted 11 January 2015 - 04:59 PM

Please follow these instructions here to reset chrome.

Did this help? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 Tr1pkt12

Tr1pkt12
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 11 January 2015 - 08:22 PM

Resetting Chrome didn't effect anything. Any other solutions?



#14 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 3,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:05:58 AM

Posted 12 January 2015 - 01:00 AM

  • Download Windows Repair (All in One) from this site
  • Install the program then run it.
NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.
  • Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
  • If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk. In that case make sure you restart computer.
p22004342.gif
  • Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:
p22004343.gif
  • Go to Step 4 and under "System Restore" click on Create button:
p22004346.gif
  • Go to Start Repairs tab and click Start button. Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design. Click on Start button.
 
p22004347.gif
  • Post Windows Repair log which is located in the following folder:
    • 64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
    • 32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
Still problems?

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#15 Tr1pkt12

Tr1pkt12
  • Topic Starter

  • Members
  • 23 posts
  • OFFLINE
  •  
  • Local time:11:58 AM

Posted 13 January 2015 - 04:33 PM

The Windows Repair (All in One) just got a new update, can you have a new step by step tutorial with the new one?






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users