Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need my log files checked for Tdsskiller and HijackThis


  • This topic is locked This topic is locked
9 replies to this topic

#1 amped323

amped323

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 03 March 2015 - 01:36 AM

Here are both log files. I need recommendations on what to remove:

 

Attached File  1.png   57.22KB   0 downloads

 

 

========================

 

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:29:31 AM, on 3/3/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17496)

FIREFOX: 36.0 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Windows\SysWOW64\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
C:\Users\admin\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Broken Internet access because of LSP provider 'c:\windows\system32\n1service.dll' missing
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: McAfee Application Installer Cleanup (0183861408819834) (0183861408819834mcinstcleanup) - Unknown owner - C:\Users\admin\AppData\Local\Temp\018386~1.EXE (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 8 (AdvancedSystemCareService8) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Browser Defender Update Service - Unknown owner - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dell Digital Delivery Service (DellDigitalDelivery) - Dell Products, LP. - c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
O23 - Service: DisplayLinkManager (DisplayLinkService) - DisplayLink Corp. - C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: N1Service - Nite Media, LLC - C:\Windows\NMsvc\N1Service.exe
O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: PACE License Services (PaceLicenseDServices) - PACE Anti-Piracy, Inc. - C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: RoxMediaDB12OEM - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe
O23 - Service: Roxio Hard Drive Watcher 12 (RoxWatch12) - Sonic Solutions - C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Spyware Terminator 2015 Realtime Shield Service (ST2012_Svc) - Crawler Group - C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12038 bytes
 



BC AdBot (Login to Remove)

 


#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:06 PM

Posted 06 March 2015 - 08:56 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 amped323

amped323
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 09 March 2015 - 12:07 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-03-2015 03
Ran by admin (administrator) on ADMIN-PC on 09-03-2015 01:05:50
Running from C:\Users\admin\Downloads
Loaded Profiles: admin (Available profiles: admin)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(PC Tools) C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
() C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Nite Media, LLC) C:\WINDOWS\NMsvc\N1Service.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe
(Mozilla Corporation) C:\Users\admin\Desktop\Tor Browser\Browser\firefox.exe
() C:\Users\admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
(PC-Doctor, Inc.) C:\Program Files\Dell Support Center\imstrayicon.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_manager.exe
(http://www.ruby-lang.org/) C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\bin\rubyw.exe
() C:\Program Files\pia_manager\pia_tray\pia_tray.exe
() C:\Program Files\pia_manager\openvpn.exe
() C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\WINDOWS\System32\Macromed\Flash\FlashUtil64_16_0_0_305_ActiveX.exe
(Microsoft Corporation) C:\WINDOWS\System32\MsSpellCheckingFacility.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-12-16] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2874010073-1328126794-2967002207-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2874010073-1328126794-2967002207-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM-x32 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2874010073-1328126794-2967002207-1000 -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-2874010073-1328126794-2967002207-1000 -> {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-12-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-12-24] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-11-12] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-12-24] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-11-12] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-12-24] (Oracle Corporation)
Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - c:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll [2011-05-05] (Cozi Group, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Winsock: Catalog9 11 C:\Windows\system32\N1Service.dll File Not found ()
Winsock: Catalog9 12 C:\Windows\system32\N1Service.dll File Not found ()
Winsock: Catalog9-x64 01 C:\Windows\system32\N1Service64.dll [370744] (Nite Media, LLC)
Winsock: Catalog9-x64 02 C:\Windows\system32\N1Service64.dll [370744] (Nite Media, LLC)
Winsock: Catalog9-x64 03 C:\Windows\system32\N1Service64.dll [370744] (Nite Media, LLC)
Winsock: Catalog9-x64 04 C:\Windows\system32\N1Service64.dll [370744] (Nite Media, LLC)
Winsock: Catalog9-x64 15 C:\Windows\system32\N1Service64.dll [370744] (Nite Media, LLC)
Tcpip\Parameters: [DhcpNameServer] 209.222.18.222 209.222.18.218

FireFox:
========
FF ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rx1l4p6j.default-1425346192047
FF DefaultSearchEngine.US: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-05] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-12-24] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-29] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-05] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-12-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.72.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-12-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-07-27] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-07] ()
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-29] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-07-27] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2014-08-23] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2014-08-23] (Apple Inc.)
FF Extension: Blur (Formerly DoNotTrackMe) - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rx1l4p6j.default-1425346192047\Extensions\donottrackplus@abine.com [2015-03-02]
FF Extension: DownloadHelper - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rx1l4p6j.default-1425346192047\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2015-03-02]
FF Extension: Flash and Video Download - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rx1l4p6j.default-1425346192047\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-03-03]
FF Extension: Self-Destructing Cookies - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rx1l4p6j.default-1425346192047\Extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2015-03-02]
FF Extension: Win on Quibids & DealDash - BidNinja PlugIn - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rx1l4p6j.default-1425346192047\Extensions\{68b75e63-7ac2-4987-9b29-62fa5436dac9}.xpi [2015-03-05]
FF Extension: Adblock Plus - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rx1l4p6j.default-1425346192047\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-03-02]
FF Extension: BetterPrivacy - C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\rx1l4p6j.default-1425346192047\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2015-03-02]
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools Security\BDT\Firefox
FF Extension: Browser Guard Toolbar - C:\Program Files (x86)\PC Tools Security\BDT\Firefox [2015-03-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [815392 2014-11-04] (IObit)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1417160 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3247120 2014-12-16] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-12-16] (AVG Technologies CZ, s.r.o.)
S2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [580728 2012-10-23] (Threat Expert Ltd.)
S2 DellDigitalDelivery; c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [8894864 2013-01-30] (DisplayLink Corp.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [344864 2015-01-27] (IObit)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2724128 2015-01-16] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 N1Service; C:\Windows\NMsvc\N1Service.exe [1314616 2015-01-19] (Nite Media, LLC) [File not signed]
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2926592 2011-06-30] (PACE Anti-Piracy, Inc.) [File not signed]
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-09-11] ()
R2 sdAuxService; C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [403416 2012-10-31] (PC Tools)
S3 sdCoreService; C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [1162360 2012-11-01] (PC Tools)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-02-05] (Crawler Group)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 0183861408819834mcinstcleanup; C:\Users\admin\AppData\Local\Temp\018386~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-10-29] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-10-20] (AVG Technologies CZ, s.r.o.)
R3 DisplayLinkUsbPort; C:\Windows\System32\DRIVERS\DisplayLinkUsbPort_7.0.41409.0.sys [17408 2015-02-14] (http://libusb-win32.sourceforge.net)
S4 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2014-11-10] (IObit)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-23] (REALiX™)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 MFE_RR; No ImagePath
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [77144 2012-10-23] (PC Tools)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [413448 2012-10-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096176 2012-02-28] (PC Tools)
R1 pctgntdi; C:\WINDOWS\System32\drivers\pctgntdi64.sys [347016 2012-10-31] (PC Tools)
S3 pctplsm; C:\WINDOWS\System32\drivers\pctplsm64.sys [87968 2012-11-01] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [253256 2012-11-01] (PC Tools)
R1 PFolder; C:\Windows\System32\Drivers\PFolder64.sys [57832 2012-12-31] (eMing Software Inc.)
S3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2014-11-10] (IObit.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2011-08-24] (Windows ® Win 7 DDK provider)
S3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2014-11-10] (IObit.com)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-09 01:05 - 2015-03-09 01:06 - 00022454 _____ () C:\Users\admin\Downloads\FRST.txt
2015-03-09 01:05 - 2015-03-09 01:05 - 00000000 ____D () C:\FRST
2015-03-09 01:04 - 2015-03-09 01:04 - 02095104 _____ (Farbar) C:\Users\admin\Downloads\FRST64.exe
2015-03-08 03:26 - 2015-03-08 04:05 - 280707072 _____ () C:\Users\admin\Downloads\SexxyKaryna-elm.mpg
2015-03-08 03:12 - 2015-03-08 03:39 - 149968449 _____ () C:\Users\admin\Downloads\▶ Racist Ferguson Police Department Financially Motivated Against Blacks - YouTube [720p].mp4
2015-03-07 15:29 - 2015-03-07 15:30 - 00009786 _____ () C:\Users\admin\Desktop\deal dash.xlsx
2015-03-05 23:00 - 2015-03-05 23:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-05 04:08 - 2015-03-05 04:08 - 00009656 _____ () C:\Users\admin\Desktop\bball stats.xlsx
2015-03-05 02:51 - 2015-03-05 02:59 - 34539839 _____ () C:\Users\admin\Downloads\Melody Jai Upskirt.mp4
2015-03-05 02:30 - 2015-03-05 02:46 - 145965092 _____ () C:\Users\admin\Downloads\▶ Dylan Dreyer BOOTY, Erica Hill & Sheinelle Jones legs & high heels (2-28-15) - YouTube [720p].mp4
2015-03-05 02:18 - 2015-03-05 02:38 - 74731317 _____ () C:\Users\admin\Downloads\Undressing.mp4
2015-03-05 01:41 - 2015-03-05 02:10 - 86688001 _____ () C:\Users\admin\Downloads\▶ Dylan Dreyer vs. Kristin Clark - Weather Babe Booty Battle - YouTube [720p].mp4
2015-03-05 01:32 - 2015-03-05 02:14 - 61378059 _____ () C:\Users\admin\Downloads\Wide open   - Pornhubcom.mp4
2015-03-04 01:27 - 2015-03-04 01:27 - 00000000 ____D () C:\Users\admin\AppData\Roaming\MPC-HC
2015-03-03 14:35 - 2015-03-03 14:36 - 01535887 _____ () C:\Users\admin\Downloads\Academic Dishonesty Charge- Spring 2015 CSIA 4126383.zip
2015-03-03 03:01 - 2015-03-03 03:23 - 132265134 _____ () C:\Users\admin\Downloads\Bill O'Reilly Lies About JFK Assassination - YouTube [720p].mp4
2015-03-03 03:01 - 2015-03-03 03:19 - 97916998 _____ () C:\Users\admin\Downloads\▶ Tamir Rice’s Death IsHis Own Fault, Rules Cleveland Courts - YouTube [720p].mp4
2015-03-03 02:40 - 2015-03-03 03:13 - 113221920 _____ () C:\Users\admin\Downloads\▶ Warren Buffet Warns Elizabeth Warren - YouTube [720p].mp4
2015-03-03 02:39 - 2015-03-03 03:10 - 118794766 _____ () C:\Users\admin\Downloads\▶ Michelle Rodriguez_ Minorities Shouldn’t Play White Superhero Roles - YouTube [720p].mp4
2015-03-03 02:39 - 2015-03-03 03:07 - 122987356 _____ () C:\Users\admin\Downloads\▶ FBI Warns TSA About A Dangerous Material They Can't Detect - YouTube [720p].mp4
2015-03-03 02:39 - 2015-03-03 02:57 - 49957785 _____ () C:\Users\admin\Downloads\▶ CPAC Confuses Black Guys And Then Plays The Photoshop Card - YouTube [720p].mp4
2015-03-03 02:38 - 2015-03-03 02:57 - 60333976 _____ () C:\Users\admin\Downloads\▶ SNL Spoofs ISIS And Fox News Objects - YouTube [360p].webm
2015-03-03 02:38 - 2015-03-03 02:49 - 30009328 _____ () C:\Users\admin\Downloads\▶ Why Earthquakes Are Happening Where They've Never Happened Before - YouTube [360p].webm
2015-03-03 02:29 - 2015-03-03 02:29 - 00012040 _____ () C:\Users\admin\Downloads\hijackthis.log
2015-03-03 02:20 - 2015-03-03 02:20 - 00388608 _____ (Trend Micro Inc.) C:\Users\admin\Downloads\HijackThis.exe
2015-03-03 02:16 - 2015-03-03 02:37 - 62038099 _____ () C:\Users\admin\Downloads\▶ Judge Sides With NYPD Whistleblower Who Spoke Out Against Quotas - YouTube [720p].mp4
2015-03-03 02:16 - 2015-03-03 02:36 - 93538918 _____ () C:\Users\admin\Downloads\▶ CPAC 2015_ Conservatives Compete To Demonize The Poor - YouTube [720p].mp4
2015-03-03 02:15 - 2015-03-03 02:56 - 121261280 _____ () C:\Users\admin\Downloads\▶ Teen Faces 55 Years For Murder When He Never Killed Anyone - YouTube [720p].mp4
2015-03-03 02:15 - 2015-03-03 02:36 - 58532271 _____ () C:\Users\admin\Downloads\▶ Ron Paul Says Black Politicians Just Want More Money For Food Stamps - YouTube [720p].mp4
2015-03-03 02:15 - 2015-03-03 02:34 - 71120983 _____ () C:\Users\admin\Downloads\Scott Walker_ _I Don't Know If Obama's A Christian_ - YouTube [720p].mp4
2015-03-03 02:07 - 2015-03-03 02:16 - 62038099 _____ () C:\Users\admin\Downloads\Judge Sides With NYPD Whistleblower Who Spoke Out Against Quotas - YouTube [720p].mp4
2015-03-03 01:44 - 2015-03-03 01:44 - 00000056 _____ () C:\Windows\setupact.log
2015-03-03 01:44 - 2015-03-03 01:44 - 00000000 _____ () C:\Windows\setuperr.log
2015-03-03 01:42 - 2015-03-08 01:27 - 00008949 _____ () C:\Windows\WindowsUpdate.log
2015-03-03 01:35 - 2015-03-03 02:28 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2015-03-03 01:35 - 2015-03-03 01:39 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-03-03 01:35 - 2015-03-03 01:35 - 00001397 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2015-03-03 01:35 - 2015-03-03 01:35 - 00001385 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2015-03-03 01:35 - 2015-03-03 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2015-03-03 01:35 - 2013-09-20 11:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2015-03-03 01:28 - 2015-03-03 01:34 - 00000000 ____D () C:\AdwCleaner
2015-03-03 01:24 - 2015-03-03 01:31 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\admin\Downloads\spybot-2.4.exe
2015-03-03 01:20 - 2015-03-03 01:21 - 02126848 _____ () C:\Users\admin\Downloads\AdwCleaner.exe
2015-03-03 01:19 - 2015-03-03 01:22 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\admin\Downloads\tdsskiller.exe
2015-03-02 21:30 - 2015-03-02 21:30 - 00000000 ____D () C:\Users\admin\Desktop\Old Firefox Data
2015-03-02 05:18 - 2012-10-23 18:40 - 02280568 _____ (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2015-03-02 05:18 - 2012-10-23 18:40 - 01690744 _____ (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2015-03-02 05:18 - 2012-10-23 18:40 - 00769144 _____ () C:\Windows\BDTSupport.dll
2015-03-02 05:18 - 2012-10-23 18:40 - 00150648 _____ (PC Tools) C:\Windows\SGDetectionTool.dll
2015-03-02 05:18 - 2012-10-23 18:40 - 00077144 _____ (PC Tools) C:\Windows\system32\Drivers\PCTBD64.sys
2015-03-02 05:18 - 2012-10-23 17:30 - 00003488 _____ () C:\Windows\UDB.zip
2015-03-02 05:18 - 2012-10-23 17:30 - 00000882 _____ () C:\Windows\RegSDImport.xml
2015-03-02 05:18 - 2012-10-23 17:30 - 00000879 _____ () C:\Windows\RegISSImport.xml
2015-03-02 05:18 - 2012-10-23 17:30 - 00000131 _____ () C:\Windows\IDB.zip
2015-03-02 04:06 - 2015-03-02 04:06 - 00001179 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2015-03-02 04:06 - 2015-03-02 04:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2015-03-02 04:04 - 2015-03-02 04:05 - 02396402 _____ () C:\Windows\system32\Drivers\Cat.DB
2015-03-02 04:04 - 2015-03-02 04:04 - 00002128 _____ () C:\Users\Public\Desktop\PC Tools Spyware Doctor with AntiVirus.lnk
2015-03-02 04:04 - 2015-03-02 04:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Tools Security
2015-03-02 04:04 - 2012-11-01 16:35 - 00253256 _____ (PC Tools) C:\Windows\system32\Drivers\PCTSD64.sys
2015-03-02 04:04 - 2012-11-01 16:35 - 00093600 _____ (PC Tools) C:\Windows\system32\Drivers\pctplsg64.sys
2015-03-02 04:04 - 2012-11-01 16:35 - 00087968 _____ (PC Tools) C:\Windows\system32\Drivers\pctplsm64.sys
2015-03-02 04:04 - 2012-11-01 16:35 - 00016392 _____ (PC Tools) C:\Windows\system32\Drivers\pctBTFix64.sys
2015-03-02 04:04 - 2012-10-31 15:21 - 00347016 _____ (PC Tools) C:\Windows\system32\Drivers\pctgntdi64.sys
2015-03-02 04:04 - 2012-10-31 15:21 - 00258424 _____ (PC Tools) C:\Windows\system32\Drivers\pctwfpfilter64.sys
2015-03-02 04:04 - 2012-10-22 17:38 - 00413448 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore64.sys
2015-03-02 04:04 - 2012-02-28 12:43 - 01096176 _____ (PC Tools) C:\Windows\system32\Drivers\pctEFA64.sys
2015-03-02 04:04 - 2012-02-28 12:43 - 00453896 _____ (PC Tools) C:\Windows\system32\Drivers\pctDS64.sys
2015-03-02 04:03 - 2015-03-02 22:27 - 00000000 ____D () C:\Program Files (x86)\PC Tools Security
2015-03-02 04:03 - 2015-03-02 04:04 - 00000000 ____D () C:\ProgramData\PC Tools
2015-03-02 03:49 - 2015-03-02 22:27 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2015-03-02 03:49 - 2015-03-02 03:50 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2015-03-02 03:49 - 2015-03-02 03:49 - 00001044 _____ () C:\Users\Public\Desktop\Spyware Terminator 2015.lnk
2015-03-02 03:49 - 2015-03-02 03:49 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Spyware Terminator
2015-03-02 03:49 - 2015-03-02 03:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2015
2015-03-01 12:25 - 2015-03-01 14:12 - 00014054 _____ () C:\Windows\system32\avgrep.txt
2015-03-01 05:11 - 2015-03-01 05:11 - 00002384 _____ () C:\Windows\system32\N1ServiceOff.ini
2015-03-01 05:10 - 2015-03-01 05:11 - 00000000 ____D () C:\Windows\NMsvc
2015-03-01 05:10 - 2015-03-01 05:10 - 00000000 ____D () C:\Windows\msservice
2015-03-01 05:10 - 2015-01-19 10:24 - 00370744 _____ (Nite Media, LLC) C:\Windows\system32\N1Service64.dll
2015-03-01 05:07 - 2015-03-01 05:07 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2015-03-01 05:05 - 2015-03-01 05:05 - 00000000 ____D () C:\Users\admin\AppData\Local\CrashRpt
2015-03-01 05:04 - 2015-03-01 05:04 - 00000310 _____ () C:\Users\admin\Downloads\RootkitRemover_20150301_040413.log
2015-03-01 05:04 - 2015-03-01 05:04 - 00000000 ____D () C:\Program Files (x86)\Win_Scan
2015-03-01 05:03 - 2015-03-01 05:04 - 00783120 _____ (McAfee, Inc.) C:\Users\admin\Downloads\rootkitremover.exe
2015-03-01 04:55 - 2015-03-01 04:55 - 00000000 ____D () C:\Users\admin\AppData\Roaming\OAS
2015-03-01 04:55 - 2015-03-01 04:55 - 00000000 ____D () C:\Program Files (x86)\fftasker
2015-03-01 04:53 - 2015-03-01 04:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-03-01 04:53 - 2015-03-01 04:53 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2015-02-28 01:01 - 2015-02-28 01:16 - 647327955 _____ () C:\Users\admin\Downloads\KlaraGoldBAB3.mp4
2015-02-27 23:24 - 2015-02-27 23:24 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-02-27 23:24 - 2015-02-27 23:24 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-02-27 23:24 - 2015-02-27 23:24 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-27 23:24 - 2015-02-27 23:24 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-02-27 23:23 - 2015-02-27 23:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-27 23:23 - 2015-02-27 23:23 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-27 23:23 - 2015-02-27 23:23 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-02-27 23:23 - 2015-02-27 23:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-02-27 23:23 - 2015-02-27 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-02-27 23:23 - 2015-02-27 23:23 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-02-27 23:23 - 2015-02-27 23:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-02-27 23:23 - 2015-02-27 23:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-02-27 23:22 - 2015-02-27 23:22 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-02-27 23:22 - 2015-02-27 23:22 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-02-27 23:22 - 2015-02-27 23:22 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-02-27 23:22 - 2015-02-27 23:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-02-27 23:22 - 2015-02-27 23:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-02-27 23:22 - 2015-02-27 23:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-02-27 23:22 - 2015-02-27 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-02-27 23:20 - 2015-02-27 23:20 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll
2015-02-27 23:20 - 2015-02-27 23:20 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-27 23:20 - 2015-02-27 23:20 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-27 23:20 - 2015-02-27 23:20 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll
2015-02-27 23:20 - 2015-02-27 23:20 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll
2015-02-27 23:20 - 2015-02-27 23:20 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll
2015-02-27 23:19 - 2015-02-27 23:19 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-02-27 23:19 - 2015-02-27 23:19 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-02-27 23:19 - 2015-02-27 23:19 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-02-27 23:19 - 2015-02-27 23:19 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-02-27 23:19 - 2015-02-27 23:19 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-02-27 23:19 - 2015-02-27 23:19 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-02-27 04:33 - 2015-02-27 04:54 - 68574687 _____ () C:\Users\admin\Downloads\Steve_Austins_Broken_Skull_Challenge_S02E02_Ladies_First.3gp
2015-02-27 04:32 - 2015-02-27 04:33 - 12358074 _____ () C:\Users\admin\Downloads\Steve_Austin_s_Broken_Skull_Challenge_Jan_11_Sneak.mp4
2015-02-27 04:31 - 2015-02-27 04:32 - 03763676 _____ () C:\Users\admin\Downloads\Police_Woman_Linda_Okello_To_Face_Disciplinary_Action_If_Found_To_Have_Been_Dressed_Improperly_Yo.3gp
2015-02-27 04:27 - 2015-02-27 04:31 - 60335694 _____ () C:\Users\admin\Downloads\Chelsea_Fans_Kick_Black_Man_Off_Of_Paris_Train.mp4
2015-02-27 04:23 - 2015-02-27 04:34 - 142684047 _____ () C:\Users\admin\Downloads\ISIS_Boosted_By_Rumsfeld_Cruz_Other_Troll-Feeders.mp4
2015-02-27 04:23 - 2015-02-27 04:27 - 54119079 _____ () C:\Users\admin\Downloads\Cindy_Crawford_s_Leaked_Photos_Deliver_Powerful_Message.mp4
2015-02-27 04:16 - 2015-02-27 04:23 - 77115227 _____ () C:\Users\admin\Downloads\Is_Rudy_Guiliani_A_Love-Truther_Or_Worse.mp4
2015-02-27 04:16 - 2015-02-27 04:22 - 65665672 _____ () C:\Users\admin\Downloads\Department_Of_Justice_Goes_After_Ferguson_Police_Department.mp4
2015-02-27 04:13 - 2015-02-27 04:16 - 29597125 _____ () C:\Users\admin\Downloads\Idiot_Racists_Paint_Ironic_Swastika_On_Hindu_Temple.mp4
2015-02-27 04:10 - 2015-02-27 04:16 - 60239354 _____ () C:\Users\admin\Downloads\Afroman_Punches_Female_Fan_In_The_Face_VIDEO.mp4
2015-02-27 04:05 - 2015-02-27 04:13 - 71555356 _____ () C:\Users\admin\Downloads\Body_Bullying_Causes_Iggy_Azalea_To_Quit_Social_Media.mp4
2015-02-27 04:00 - 2015-02-27 04:10 - 100823313 _____ () C:\Users\admin\Downloads\Rudy_Giuliani_What_I_Said_Isn_t_Racist_Obama_Had_A_White_Mother.mp4
2015-02-27 03:58 - 2015-02-27 04:05 - 65235712 _____ () C:\Users\admin\Downloads\Geraldo_Rivera_Thinks_Rap_Music_Is_Worse_Than_Racism.mp4
2015-02-27 03:51 - 2015-02-27 04:00 - 78487580 _____ () C:\Users\admin\Downloads\Hollywood_Blackballs_Mo_Nique_After_2010_Oscar_Win.mp4
2015-02-27 03:51 - 2015-02-27 03:58 - 63324429 _____ () C:\Users\admin\Downloads\Mother_Jones_Catches_Bill_O_Reilly_Lying_About_Falkland_Island_War_Coverage.mp4
2015-02-27 03:43 - 2015-02-27 03:51 - 42856858 _____ () C:\Users\admin\Downloads\Cop_Who_Stole_Nude_Pics_From_DUI_Suspect_Gets_What_He_Deserves.mp4
2015-02-27 03:37 - 2015-02-27 03:51 - 114215520 _____ () C:\Users\admin\Downloads\Company_Attempting_To_Regrow_Foreskin_Of_Circumcised_Men.mp4
2015-02-27 03:27 - 2015-02-27 03:37 - 72604990 _____ () C:\Users\admin\Downloads\Record_Number_Of_Exonerations_In_2014_REPORT.mp4
2015-02-27 03:26 - 2015-02-27 03:43 - 134695393 _____ () C:\Users\admin\Downloads\Racism_At_2015_Oscars_Conservatives_Whine_About_87th_Academy_Awards.mp4
2015-02-27 03:18 - 2015-02-27 03:27 - 59449554 _____ () C:\Users\admin\Downloads\Libtard_Hollywood_Blamed_For_American_Sniper_2015_Oscar_Snub.mp4
2015-02-27 03:13 - 2015-02-27 03:26 - 97320972 _____ () C:\Users\admin\Downloads\Bill_O_Reilly_Responds_To_Attacks_Over_Falkland_Islands_War_Coverage_Lies.mp4
2015-02-27 03:03 - 2015-02-27 03:18 - 126361986 _____ () C:\Users\admin\Downloads\REAL_Liberals_Do_Exist_And_We_Don_t_Agree_With_Them.mp4
2015-02-27 03:01 - 2015-03-08 04:39 - 00000000 ____D () C:\Users\admin\AppData\Roaming\vlc
2015-02-27 02:55 - 2015-02-27 03:03 - 70817076 _____ () C:\Users\admin\Downloads\Bill_O_Reilly_Attacks_New_York_Times_Reporter.mp4
2015-02-27 02:54 - 2015-02-27 03:13 - 148687041 _____ () C:\Users\admin\Downloads\Bill_O_Reilly_s_War_Zone_Footage_Released_By_CBS_News.mp4
2015-02-27 02:40 - 2015-02-27 02:55 - 92338260 _____ () C:\Users\admin\Downloads\The_Most_Mean-Spirited_2015_Oscar_Comment.mp4
2015-02-27 02:39 - 2015-02-27 02:54 - 90525927 _____ () C:\Users\admin\Downloads\Al_Sharpton_Hit_With_20_Billion_Lawsuit_Along_With_Comcast_And_Time_Warner.mp4
2015-02-27 02:31 - 2015-02-27 02:40 - 71689802 _____ () C:\Users\admin\Downloads\Secret_CIA_Black_Sites_In_American_Heartland_For_Disappearing_Citizens.mp4
2015-02-27 02:27 - 2015-02-27 02:39 - 91920913 _____ () C:\Users\admin\Downloads\O_Reilly_s_Lee_Harvey_Oswald_Lie_Proves_His_Lying_Goes_Back_Decades.mp4
2015-02-27 02:12 - 2015-02-27 02:27 - 82237595 _____ () C:\Users\admin\Downloads\The_Obama-Hate_Bubble_Is_FULL_Of_Stunning_Beliefs.mp4
2015-02-27 02:10 - 2015-02-27 02:31 - 118103143 _____ () C:\Users\admin\Downloads\Conservatives_Compete_To_Demonize_The_Poor_At_Annual_GOP_Clownfest.mp4
2015-02-27 01:54 - 2015-02-27 02:12 - 103096092 _____ () C:\Users\admin\Downloads\Olbermann_Taken_Off_Air_After_Calling_PSU_Students_Pitiful.mp4
2015-02-27 01:41 - 2015-02-27 02:28 - 24743106 _____ () C:\Users\admin\Downloads\vlc-2.1.5-win32.exe
2015-02-27 01:37 - 2015-02-27 02:10 - 152917406 _____ () C:\Users\admin\Downloads\Nuns_Shot_In_Head_Right_In_Front_Of_Bill_O_Reilly_s_Imagination.mp4
2015-02-27 01:30 - 2015-02-27 01:54 - 109069122 _____ () C:\Users\admin\Downloads\ISIS_Smashes_Priceless_Ancient_Statues_In_Gut-wrenching_Video.mp4
2015-02-27 01:21 - 2015-02-27 01:37 - 75230877 _____ () C:\Users\admin\Downloads\Bullets_Counted_In_Police_Shooting_Of_Fleeing_Man_Graphic_Video.mp4
2015-02-27 01:03 - 2015-02-27 01:15 - 676663728 _____ () C:\Users\admin\Downloads\KiaraMiaBAB3.mp4
2015-02-26 04:42 - 2015-02-26 04:50 - 643581107 _____ () C:\Users\admin\Downloads\AlexaNicoleBAB3.mp4
2015-02-25 02:48 - 2015-02-25 02:52 - 267253189 _____ () C:\Users\admin\Downloads\BLACKED_ANGELA-WHITE_480lP.mp4
2015-02-25 01:34 - 2015-03-07 04:54 - 00000232 _____ () C:\Users\admin\Desktop\2.txt
2015-02-25 01:18 - 2015-02-25 01:18 - 00002697 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-02-25 01:18 - 2015-02-25 01:18 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-02-25 01:18 - 2015-02-25 01:18 - 00000000 ____D () C:\Users\admin\AppData\Local\Skype
2015-02-25 01:18 - 2015-02-25 01:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-02-25 01:13 - 2015-02-25 01:14 - 01548384 _____ (Skype Technologies S.A.) C:\Users\admin\Downloads\SkypeSetup.exe
2015-02-24 01:25 - 2015-02-24 01:31 - 23844087 _____ () C:\Users\admin\Downloads\1234.m4v
2015-02-23 01:20 - 2015-02-23 01:32 - 386598637 _____ () C:\Users\admin\Downloads\_BangBus__Skyler_Luv__The_Titties_On_the_Bus_Go__Up_and_Down__Up_and_Down_-_18.02.15__rq.mp4
2015-02-22 17:05 - 2015-02-22 19:51 - 00164733 _____ () C:\Users\admin\Desktop\Presentation1.pptx
2015-02-19 04:15 - 2015-02-24 19:15 - 00001814 _____ () C:\Users\admin\Desktop\SUPERAntiSpyware Professional.lnk
2015-02-19 04:15 - 2015-02-19 04:15 - 00000000 ____D () C:\Users\admin\AppData\Roaming\SUPERAntiSpyware.com
2015-02-19 04:15 - 2015-02-19 04:15 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-02-19 04:15 - 2015-02-19 04:15 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-02-18 03:13 - 2015-02-18 03:27 - 51371559 _____ () C:\Users\admin\Downloads\Bible_Story_About_Man_Living_In_Whale_Is_True_Says_Fox_Historian.mp4
2015-02-18 02:47 - 2015-02-18 03:13 - 65284384 _____ () C:\Users\admin\Downloads\Mississippi_Lawmaker_Makes_Racist_Comments_Then_Claims_He_s_Not_Racist.mp4
2015-02-18 02:42 - 2015-02-18 03:26 - 124032845 _____ () C:\Users\admin\Downloads\The_History_Of_Lynchings_In_America._STUDY_Released.mp4
2015-02-18 02:31 - 2015-02-18 02:42 - 50047204 _____ () C:\Users\admin\Downloads\Texas_Woman_Doesn_t_Legally_Exist.mp4
2015-02-18 02:29 - 2015-02-18 02:46 - 76742294 _____ () C:\Users\admin\Downloads\How_One_Regular_Guy_Changed_Congress.mp4
2015-02-18 02:26 - 2015-02-18 02:31 - 28107501 _____ () C:\Users\admin\Downloads\What_Made_This_Teenager_Get_A_bleep_Reduction.mp4
2015-02-18 02:11 - 2015-02-18 02:26 - 66397006 _____ () C:\Users\admin\Downloads\Don_t_Go_To_Thailand_For_Plastic_Surgery.mp4
2015-02-18 02:04 - 2015-02-18 02:29 - 113749914 _____ () C:\Users\admin\Downloads\Former_Korean_Air_Exec_Sent_To_Jail_For_Onboard_Tantrum_Over_Nuts.mp4
2015-02-18 02:04 - 2015-02-18 02:11 - 25607556 _____ () C:\Users\admin\Downloads\Final_Judgment_America_s_Police_State.mp4
2015-02-17 03:22 - 2015-02-17 03:57 - 130331172 _____ () C:\Users\admin\Downloads\25_Strange_Phenomena_Within_This_Decade_That_Have_Yet_To_Be_Explained.mp4
2015-02-16 05:56 - 2015-02-16 06:00 - 57440964 _____ () C:\Users\admin\Downloads\DraftKings_Millionaire_SamENole.mp4
2015-02-16 05:50 - 2015-02-16 05:50 - 00000165 ____H () C:\Users\admin\Desktop\~$fantasyfootball-basketball.xlsx
2015-02-15 01:57 - 2015-03-01 03:32 - 00000000 ____D () C:\Users\admin\AppData\Roaming\DivX
2015-02-15 01:57 - 2015-02-15 01:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2015-02-15 01:57 - 2015-02-15 01:57 - 00000000 ____D () C:\Program Files\DivX
2015-02-15 01:51 - 2015-02-15 01:57 - 00000000 ____D () C:\Program Files (x86)\DivX
2015-02-15 01:42 - 2015-03-01 03:29 - 00000000 ____D () C:\ProgramData\DivX
2015-02-15 01:41 - 2015-02-15 01:41 - 01012544 _____ (DivX, LLC) C:\Users\admin\Downloads\DivXInstaller.exe
2015-02-14 00:22 - 2013-01-30 03:42 - 00385840 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmd.sys
2015-02-14 00:22 - 2013-01-30 03:42 - 00015664 _____ (DisplayLink Corp.) C:\Windows\system32\Drivers\dlkmdldr.sys
2015-02-14 00:21 - 2015-02-14 00:22 - 00000000 ____D () C:\Program Files\DisplayLink Graphics
2015-02-14 00:20 - 2015-02-14 00:21 - 00000000 ____D () C:\Program Files\DisplayLink Core Software
2015-02-14 00:20 - 2015-02-14 00:20 - 02081792 _____ (DisplayLink Corp.) C:\Windows\system32\DisplayLinkUsbCo64_7.0.41409.0.dll
2015-02-14 00:20 - 2015-02-14 00:20 - 00017408 _____ (http://libusb-win32.sourceforge.net) C:\Windows\system32\Drivers\DisplayLinkUsbPort_7.0.41409.0.sys
2015-02-14 00:20 - 2015-02-14 00:20 - 00000000 _____ () C:\Windows\SysWOW64\dlumd9.dll
2015-02-14 00:20 - 2015-02-14 00:20 - 00000000 _____ () C:\Windows\SysWOW64\dlumd11.dll
2015-02-14 00:20 - 2015-02-14 00:20 - 00000000 _____ () C:\Windows\SysWOW64\dlumd10.dll
2015-02-14 00:20 - 2015-02-14 00:20 - 00000000 _____ () C:\Windows\system32\dlumd9.dll
2015-02-14 00:20 - 2015-02-14 00:20 - 00000000 _____ () C:\Windows\system32\dlumd11.dll
2015-02-14 00:20 - 2015-02-14 00:20 - 00000000 _____ () C:\Windows\system32\dlumd10.dll
2015-02-13 16:47 - 2015-02-13 16:47 - 02768290 _____ () C:\Users\admin\Downloads\Mofuggin_green_light_lol_threesixmafia_go_gangsta_-_Keek_-_S.mp4
2015-02-13 16:46 - 2015-02-13 16:47 - 03759686 _____ () C:\Users\admin\Downloads\Keek_-_Share_a_Peek_Into_the_World.mp4
2015-02-13 14:00 - 2015-02-13 14:11 - 00000000 ____D () C:\Users\admin\Desktop\2015_02_13
2015-02-13 01:03 - 2015-02-13 01:05 - 16842745 _____ () C:\Users\admin\Downloads\YouPorn_20-_20Yummy_20nipples_20on_20hot_20chick.mp4
2015-02-13 01:02 - 2015-02-13 01:15 - 51087643 _____ () C:\Users\admin\Downloads\xvideos.com_a24d7c5c422b547230c24bd560fd2f1d.flv
2015-02-12 03:39 - 2015-02-12 03:39 - 01291370 _____ () C:\Users\admin\Downloads\10926908_1577398039141008_242678242_n.mp4
2015-02-12 03:37 - 2015-02-12 03:41 - 68850192 _____ () C:\Users\admin\Downloads\Eric_Bolling_Christians_Never_Kill_In_The_Name_Of_Religion.mp4
2015-02-12 03:31 - 2015-02-12 03:37 - 88375066 _____ () C:\Users\admin\Downloads\Tucker_Carlson_Christians_Ended_Slavery_Jim_Crow.mp4
2015-02-12 03:29 - 2015-02-12 03:39 - 137992051 _____ () C:\Users\admin\Downloads\Christian_Pundits_vs._Obama_s_National_Prayer_Breakfast_Speech.mp4
2015-02-12 03:25 - 2015-02-12 03:30 - 70595413 _____ () C:\Users\admin\Downloads\Republican_Mega-Donor_Buys_Legislation_Banning_Online_Gambling.mp4
2015-02-12 03:24 - 2015-02-12 03:29 - 70196006 _____ () C:\Users\admin\Downloads\Family_Asks_Cops_To_Check_On_74-Year-Old_Now_He_s_Dead.mp4
2015-02-12 03:19 - 2015-02-12 03:25 - 94768680 _____ () C:\Users\admin\Downloads\Obama_Opposed_Gay_Marriage_For_The_Worst_Reason_Of_All.mp4
2015-02-12 03:17 - 2015-02-12 03:24 - 103226823 _____ () C:\Users\admin\Downloads\Verbal_Rape_Did_Obama_Actually_Do_It.mp4
2015-02-12 03:12 - 2015-02-12 03:19 - 100109100 _____ () C:\Users\admin\Downloads\Kanye_Storms_The_Stage_In_Defense_Of_Beyonce_At_2015_Grammys.mp4
2015-02-12 03:12 - 2015-02-12 03:17 - 70159734 _____ () C:\Users\admin\Downloads\Cenk_s_Final_Judgment_The_Last_Play_of_Super_Bowl_XLIX.mp4
2015-02-12 03:05 - 2015-02-12 03:12 - 69020581 _____ () C:\Users\admin\Downloads\Alcohol_Considered_A_Weapon_In_Rape_Cases.mp4
2015-02-12 03:03 - 2015-02-12 03:12 - 83844475 _____ () C:\Users\admin\Downloads\Orgies_Prostitutes_And_Naked_Socialites._Lust_is_no_crime.mp4
2015-02-12 02:58 - 2015-02-12 03:05 - 81430512 _____ () C:\Users\admin\Downloads\Sluts_Gays_Jeb_Bush_s_New_Tech_Wiz_In_Trouble_For_Ancient_Tweets.mp4
2015-02-12 02:57 - 2015-02-12 03:03 - 58731533 _____ () C:\Users\admin\Downloads\State_Orders_Man_To_Support_Kids_That_Aren_t_His.mp4
2015-02-12 02:50 - 2015-02-12 02:58 - 75876689 _____ () C:\Users\admin\Downloads\OBGYN_Helps_Women_Find_And_Stimulate_G-Spot.mp4
2015-02-12 02:50 - 2015-02-12 02:57 - 69653300 _____ () C:\Users\admin\Downloads\Limbaugh_Reaches_New_Low_With_Weird_Rape_Comments.mp4
2015-02-12 02:42 - 2015-02-12 02:50 - 87034981 _____ () C:\Users\admin\Downloads\Brian_Williams_Suspended_Why_You_Shouldn_t_Give_A_Flying_F_ck.mp4
2015-02-12 02:36 - 2015-02-12 02:50 - 90700545 _____ () C:\Users\admin\Downloads\Killing_of_Muslim_Students_Raises_Questions_But_One_Powerful_Fact_Is_Clear.mp4
2015-02-12 02:27 - 2015-02-12 02:42 - 89821296 _____ () C:\Users\admin\Downloads\Conservatives_Cheer_ISIS_Killing_Of_American_Kayla_Mueller.mp4
2015-02-12 02:27 - 2015-02-12 02:36 - 38095855 _____ () C:\Users\admin\Downloads\Game_over._Jeb_Bush_Tech_Officer_Quits_After_MORE_Dirt_Is_Unearthed.mp4
2015-02-12 02:25 - 2015-02-12 03:16 - 1710378533 _____ () C:\Users\admin\Downloads\Blondie_Fesser_-_Public_Bang.mp4
2015-02-11 04:17 - 2015-02-11 04:17 - 00231507 _____ () C:\Users\admin\Downloads\magnificent-butt.gif.webm
2015-02-10 02:08 - 2015-02-10 02:21 - 246688836 _____ () C:\Users\admin\Downloads\Last_Week_Tonight_with_John_Oliver_Marketing_to_Doctors_HBO.mp4
2015-02-09 02:08 - 2015-02-09 02:30 - 106180636 _____ () C:\Users\admin\Downloads\Fox_News_Has_A_Wargasm_Over_King_Abdullah_In_Flight_Suit.mp4
2015-02-09 01:57 - 2015-02-09 02:23 - 110785157 _____ () C:\Users\admin\Downloads\America_s_No-Go_Zones_If_You_re_Black.mp4
2015-02-09 01:49 - 2015-02-09 02:08 - 73444171 _____ () C:\Users\admin\Downloads\Man_Staring_At_Phone_Misses_Amazing_Moment.mp4
2015-02-09 01:31 - 2015-02-09 01:57 - 111940747 _____ () C:\Users\admin\Downloads\Harvard_Bans_This_Kind_Of_Sex.mp4
2015-02-09 01:28 - 2015-02-09 01:49 - 91692297 _____ () C:\Users\admin\Downloads\Arizona_Governor_s_Budget_Plan_Would_Fund_The_School_to_Prison_Pipeline.mp4
2015-02-09 01:11 - 2015-02-09 01:31 - 77204082 _____ () C:\Users\admin\Downloads\Jeb_Bush_Was_A_Weird_Stoner_Bully_In_College.mp4
2015-02-09 01:11 - 2015-02-09 01:28 - 68506616 _____ () C:\Users\admin\Downloads\Must_See_TYT_Network_Acronym_TV_The_Richard_Fowler_Show_A_Total_Disruption_Secular_Talk.mp4
2015-02-08 03:13 - 2015-02-08 03:20 - 34889859 _____ () C:\Users\admin\Downloads\xvideos.com_436e42cd2a080a12c9f1fa19fc0ab7b2.flv
2015-02-07 01:30 - 2015-02-07 01:30 - 00002152 _____ () C:\Users\Public\Desktop\Driver Booster 2.lnk
2015-02-07 01:15 - 2015-02-07 01:15 - 00942808 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2015-02-07 01:15 - 2015-02-07 01:15 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-02-07 01:09 - 2015-02-07 01:09 - 00000779 _____ () C:\Users\admin\.pia_manager_crash.log
2015-02-07 00:27 - 2015-02-07 00:27 - 00000000 ____D () C:\ProgramData\Intuit
2015-02-07 00:27 - 2015-02-07 00:27 - 00000000 ____D () C:\Program Files (x86)\TurboTax

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-09 01:00 - 2014-11-18 12:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-09 00:56 - 2014-09-06 05:12 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Skype
2015-03-09 00:18 - 2014-08-22 13:18 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-09 00:07 - 2014-08-22 00:37 - 00000000 ____D () C:\Users\admin\AppData\Roaming\uTorrent
2015-03-09 00:03 - 2014-08-22 00:37 - 00000000 ____D () C:\Program Files\PeerBlock
2015-03-08 23:28 - 2014-08-22 14:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-08 14:17 - 2014-08-21 15:11 - 00066188 _____ () C:\Users\admin\Desktop\weqqww.txt
2015-03-08 10:02 - 2014-08-21 05:25 - 00000422 _____ () C:\Windows\Tasks\SystemToolsDailyTest.job
2015-03-08 10:01 - 2014-08-21 05:25 - 00000564 _____ () C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2015-03-08 10:00 - 2014-08-22 10:00 - 00003488 _____ () C:\Windows\System32\Tasks\PCDEventLauncher
2015-03-08 10:00 - 2014-08-21 05:25 - 00003448 _____ () C:\Windows\System32\Tasks\SystemToolsDailyTest
2015-03-08 05:48 - 2014-10-15 00:01 - 00000000 ____D () C:\Users\admin\Desktop\American Horror Story S04E01 HDTV x264-LOL[ettv]
2015-03-08 04:35 - 2014-08-22 02:38 - 00000000 ____D () C:\New Folder4
2015-03-08 02:09 - 2014-09-11 01:57 - 00000000 ____D () C:\Users\admin\AppData\Local\Adobe
2015-03-07 20:18 - 2014-08-23 14:10 - 00000000 ____D () C:\Users\admin\AppData\Local\CrashDumps
2015-03-07 15:08 - 2014-08-21 15:11 - 00020340 _____ () C:\Users\admin\Desktop\scholarships.txt
2015-03-06 03:33 - 2014-08-21 15:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-05 21:43 - 2009-07-14 00:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-05 21:43 - 2009-07-14 00:45 - 00021296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-05 01:28 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-04 01:44 - 2014-12-23 15:50 - 00002187 _____ () C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-03-03 02:29 - 2014-08-21 05:26 - 00000000 ____D () C:\Users\admin\AppData\Local\VirtualStore
2015-03-03 01:54 - 2012-03-21 23:58 - 00000000 ____D () C:\ProgramData\Temp
2015-03-03 01:44 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-03 00:02 - 2014-08-22 03:04 - 00000000 ____D () C:\Users\admin\dwhelper
2015-03-02 23:34 - 2012-03-22 00:02 - 00000000 ____D () C:\Windows\PCHEALTH
2015-03-02 22:27 - 2014-08-22 14:51 - 00000000 ____D () C:\Users\admin\AppData\Roaming\ProductData
2015-03-02 22:27 - 2014-08-21 05:23 - 00000000 ____D () C:\Users\admin
2015-03-02 22:27 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\registration
2015-03-02 04:11 - 2012-03-22 00:12 - 00000000 ____D () C:\ProgramData\Sonic
2015-03-02 04:06 - 2014-08-22 14:48 - 00000000 ____D () C:\Users\admin\AppData\Roaming\IObit
2015-03-02 04:06 - 2014-08-22 14:47 - 00000000 ____D () C:\ProgramData\IObit
2015-03-02 04:06 - 2014-08-22 14:47 - 00000000 ____D () C:\Program Files (x86)\IObit
2015-03-01 05:46 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat
2015-03-01 05:11 - 2015-01-19 10:24 - 00004864 _____ () C:\Windows\SysWOW64\N1Service.ini
2015-03-01 05:11 - 2015-01-19 10:24 - 00002384 _____ () C:\Windows\SysWOW64\N1ServiceOff.ini
2015-03-01 05:08 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2015-03-01 02:59 - 2014-08-23 03:53 - 00000000 ____D () C:\Users\admin\AppData\Roaming\Vso
2015-03-01 02:59 - 2014-08-23 03:53 - 00000000 ____D () C:\ProgramData\VSO
2015-02-28 15:09 - 2014-08-23 03:56 - 00000000 ____D () C:\Users\admin\Documents\ConvertXtoDVD
2015-02-28 04:43 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2015-02-27 23:32 - 2009-07-14 00:45 - 05168088 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-27 23:27 - 2014-08-26 03:03 - 81412096 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2015-02-27 23:27 - 2014-08-26 03:03 - 00299008 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2015-02-27 23:27 - 2014-08-26 03:03 - 00061440 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2015-02-27 23:27 - 2014-08-26 03:03 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2015-02-27 23:26 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing
2015-02-27 23:17 - 2014-09-03 00:43 - 00000000 ___RD () C:\Users\admin\Desktop\stuff
2015-02-26 16:21 - 2015-01-15 01:10 - 00000000 ____D () C:\Users\admin\Desktop\Tor Browser
2015-02-26 13:59 - 2014-08-22 14:50 - 00000000 ____D () C:\ProgramData\ProductData
2015-02-25 01:18 - 2012-03-21 23:56 - 00000000 ____D () C:\ProgramData\Skype
2015-02-19 04:16 - 2014-08-23 04:08 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-02-18 03:28 - 2014-11-13 15:50 - 00134058 _____ () C:\Users\admin\Desktop\fantasyfootball-basketball.xlsx
2015-02-07 01:30 - 2014-12-23 15:57 - 00003158 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2015-02-07 01:30 - 2014-12-23 15:57 - 00002854 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (admin)
2015-02-07 01:30 - 2014-12-23 15:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-02-07 01:15 - 2012-03-22 01:01 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2015-02-07 00:27 - 2014-08-21 05:23 - 00140112 _____ () C:\Users\admin\AppData\Local\GDIPFONTCACHEV1.DAT

==================== Files in the root of some directories =======

2014-08-23 03:53 - 2014-08-23 03:53 - 0099384 _____ () C:\Users\admin\AppData\Roaming\inst.exe
2014-08-23 03:53 - 2014-08-23 03:53 - 0007859 _____ () C:\Users\admin\AppData\Roaming\pcouffin.cat
2014-08-23 03:53 - 2014-08-23 03:53 - 0001167 _____ () C:\Users\admin\AppData\Roaming\pcouffin.inf
2014-08-23 03:53 - 2014-08-23 03:53 - 0000055 _____ () C:\Users\admin\AppData\Roaming\pcouffin.log
2014-08-23 03:53 - 2014-08-23 03:53 - 0082816 _____ (VSO Software) C:\Users\admin\AppData\Roaming\pcouffin.sys

Some content of TEMP:
====================
C:\Users\admin\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\admin\AppData\Local\Temp\GC_PCTOOLS.exe
C:\Users\admin\AppData\Local\Temp\Quarantine.exe
C:\Users\admin\AppData\Local\Temp\sqlite3.dll


Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\dlumd10.dll
C:\Windows\SysWOW64\dlumd11.dll
C:\Windows\SysWOW64\dlumd9.dll
C:\Windows\System32\dlumd10.dll
C:\Windows\System32\dlumd11.dll
C:\Windows\System32\dlumd9.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-05 09:04

==================== End Of Log ============================



#4 amped323

amped323
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 09 March 2015 - 12:09 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-03-2015 03
Ran by admin at 2015-03-09 01:06:31
Running from C:\Users\admin\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: PC Tools Spyware Doctor with AntiVirus (Disabled - Out of date) {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: PC Tools Spyware Doctor with AntiVirus (Disabled - Out of date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}
AS: IObit Malware Fighter (Disabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2874010073-1328126794-2967002207-1000\...\uTorrent) (Version: 3.4.2.37951 - BitTorrent Inc.)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Advanced SystemCare 8 (HKLM-x32\...\Advanced SystemCare 8_is1) (Version: 8.0.3 - IObit)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4800 - AVG Technologies)
AVG 2014 (Version: 14.0.4257 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4800 - AVG Technologies) Hidden
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3 - Avid Technology, Inc.)
Avid HD Driver (x64) (HKLM\...\{658E112A-8776-4430-A275-D9248732DFB9}) (Version: 10.3 - Avid Technology, Inc.)
Avid Pro Tools (HKLM-x32\...\{8E60BB71-7EF3-42ED-9F10-AA041F25841A}) (Version: 10.3 - Avid Technology, Inc.)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden
Browser Guard 4.0 (HKLM-x32\...\Browser Defender_is1) (Version: 4.0.0.1884 - PC Tools)
Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Camtasia Studio 8 (HKLM-x32\...\{B9691991-64D3-435B-8A83-69CC21016936}) (Version: 8.4.0.1699 - TechSmith Corporation)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MG5200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5200_series) (Version:  - )
Canon MG5200 series User Registration (HKLM-x32\...\Canon MG5200 series User Registration) (Version:  - )
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.4.0 - Conexant)
Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2321 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.2321 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Digital Delivery (HKLM-x32\...\{AFC08A81-D3C5-46F4-8F08-876E4BA606EA}) (Version: 1.7.4502.0 - Dell Products, LP)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)
Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)
Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.65 - ArcSoft)
Dell Product Registration (HKLM-x32\...\{2A0F2CC5-3065-492C-8380-B03AA7106B1A}) (Version: 1.1.3 - Dell Inc.)
Dell Stage (HKLM-x32\...\{0F99CA59-7CB4-4167-A43A-4B1D5E584281}) (Version: 1.6.301.0 - Fingertapps)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5907.16 - Dell Inc.)
Dell Support Center (Version: 3.1.5907.16 - PC-Doctor, Inc.) Hidden
Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2214 - CyberLink Corp.)
Dell VideoStage  (x32 Version: 1.3.0.2214 - CyberLink Corp.) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden
DisplayLink Core Software (HKLM\...\{0187971E-7757-4F37-95C0-ACE630ECBFD9}) (Version: 7.1.45125.0 - DisplayLink Corp.)
DisplayLink Graphics (HKLM\...\{D7865209-518D-472C-AF69-272056E748E0}) (Version: 7.1.45135.0 - DisplayLink Corp.)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
Driver Booster 2.1 (HKLM-x32\...\Driver Booster_is1) (Version: 2.1 - IObit)
DVDFab 9.1.2.2 (08/01/2014) (HKLM-x32\...\DVDFab 9_is1) (Version:  - Fengtao Software Inc.)
Escape Whisper Valley ™ (x32 Version: 2.2.0.95 - WildTangent) Hidden
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
FFTasker Uninstall (HKLM-x32\...\FFTasker) (Version:  - )
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.3.815 - Foxit Corporation)
High-Definition Video Playback (x32 Version: 7.3.10000.0.0 - Nero AG) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
IObit Malware Fighter 3 (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 3.0 - IObit)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java 7 Update 72 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417072FF}) (Version: 7.0.720 - Oracle)
Java 7 Update 72 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217072FF}) (Version: 7.0.720 - Oracle)
Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.0.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.1.1.1524 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.1.1.1524 - PACE Anti-Piracy, Inc.) Hidden
License Support (x32 Version: 1.1.0.0843 - PACE Anti-Piracy, Inc.) Hidden
Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Network Manager Suite (HKLM-x32\...\Network Manager Suite) (Version:  - Guardian Technologies)
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PC Tools Spyware Doctor with AntiVirus 9.1 (HKLM-x32\...\Spyware Doctor) (Version: 9.1 - PC Tools)
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoShowExpress (x32 Version: 2.0.063 - Sonic Solutions) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden
Roxio Creator Starter (HKLM-x32\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.77.0 - Roxio)
Roxio File Backup (Version: 1.3.2 - Roxio) Hidden
Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version:  - Microsoft) Hidden
Skype™ 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Sonic CinePlayer Decoder Pack (x32 Version: 4.3.0 - Sonic Solutions) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyware Terminator 2015 (HKLM-x32\...\{56736259-613E-4A3B-B428-6235F2E76F44}_is1) (Version: 3.0.0.101 - Crawler Group)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)
SyncUP (x32 Version: 1.12.11100.9.104 - Nero AG) Hidden
TrustedID (HKLM-x32\...\{C16A92EF-017B-4839-9C75-FBADB5A1FA27}) (Version: 5.0 - TrustedID)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
vReveal 3 (HKLM-x32\...\vReveal 3) (Version:  - MotionDSP)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
Wedding Dash - Ready, Aim, Love! (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

01-03-2015 06:24:12 Scheduled Checkpoint
02-03-2015 18:49:01 Windows Backup
02-03-2015 22:23:59 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2015-03-02 04:09 - 00001026 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost127.0.0.1       is360.iobit.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10A235DB-B748-4B1C-A1AF-2D06930B4C4E} - System32\Tasks\Driver Booster SkipUAC (admin) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-01-07] (IObit)
Task: {190F6796-C1BD-4982-AD8C-CEA9405F18D9} - System32\Tasks\ASC8_SkipUac_admin => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASC.exe [2014-12-10] (IObit)
Task: {42C66738-31B9-48A7-9E10-275F936AC544} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {50239FD2-A850-4270-BA04-77DEE2CD48BA} - System32\Tasks\Private Internet Access Startup => C:\Program Files\pia_manager\pia_manager.exe [2014-11-09] ()
Task: {510463B8-64AE-4B87-8D6D-B299A59CF276} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {754D86BE-192F-4430-A474-DAE9AA55BF11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {90B8F457-D5F8-4213-AE53-F16A8C1992AF} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-12-14] (PC-Doctor, Inc.)
Task: {9CE10867-EFE5-492F-B2EC-61786BB8DAF6} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2011-12-14] (PC-Doctor, Inc.)
Task: {9F8DC8A3-2037-4F5F-A722-E1101A3E036F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {A41E8FD3-A0D1-4F20-A113-89F77BD03BAB} - System32\Tasks\{103ED42C-1D55-4BBA-9EA4-3D566CB3B147} => pcalua.exe -a "C:\Program Files (x86)\IObit\Advanced SystemCare 7\SecurityHole_Backup\KB2467173.exe" -d C:\Windows\system32 -c /quiet /norestart
Task: {A710E5BC-F43A-4C96-BF1D-59EAD79FF527} - System32\Tasks\AdobeAAMUpdater-1.0-admin-PC-admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {AFDE12D7-C243-4D55-A947-A2F9F57009D7} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-12-09] (IObit)
Task: {B286717C-1256-486F-A5DA-AB2F57F0DB40} - System32\Tasks\Microsoft\Windows\MobilePC\DisplayLink TMM Control
Task: {B7B57D6D-5230-4DAC-B503-8BC419174A87} - \Installer_iwebar No Task File <==== ATTENTION
Task: {E602085A-6046-4CFF-A182-FED5DEDD9AAA} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {EA445C3F-B731-415C-8FE3-77B899DA169D} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {EF593162-F864-4A58-8BF2-6C20E9AF6781} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-12-14] (PC-Doctor, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe

==================== Loaded Modules (whitelisted) ==============

2014-11-12 18:17 - 2014-11-12 18:17 - 08897696 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-23 03:54 - 2012-09-11 23:14 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-12-23 15:50 - 2014-07-11 17:04 - 01106720 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\RealTimeProtector.exe
2012-03-22 01:01 - 2011-01-27 11:11 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2014-01-10 01:26 - 2014-01-10 01:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
1999-12-31 20:00 - 2015-02-26 16:21 - 01966080 _____ () C:\Users\admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe
2014-08-22 00:20 - 2014-11-09 04:29 - 08817658 _____ () C:\Program Files\pia_manager\pia_manager.exe
2014-08-22 00:20 - 2014-11-09 04:29 - 00184320 _____ () C:\Program Files\pia_manager\pia_tray\pia_tray.exe
2014-08-22 00:20 - 2014-11-09 04:29 - 00690176 _____ () C:\Program Files\pia_manager\openvpn.exe
2014-08-22 00:20 - 2014-11-09 04:29 - 00190317 _____ () C:\Program Files\pia_manager\liblzo2-2.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00108441 _____ () C:\Program Files\pia_manager\libpkcs11-helper-1.dll
2014-12-22 05:13 - 2014-12-22 05:13 - 01874952 _____ () C:\Program Files (x86)\DivX\DivX Player\DivX Player.exe
2014-12-23 15:50 - 2013-10-25 13:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\sqlite3.dll
2015-03-02 04:06 - 2015-01-09 19:46 - 00517408 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\sqlite3.dll
2014-11-12 18:17 - 2014-11-12 18:17 - 08897696 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-03-03 01:35 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-03-03 01:35 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-03-03 01:35 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-03 01:35 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-03-03 01:35 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-12-23 15:50 - 2013-01-15 19:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madExcept_.bpl
2014-12-23 15:50 - 2013-01-15 19:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madBasic_.bpl
2014-12-23 15:50 - 2013-01-15 19:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\madDisAsm_.bpl
2015-01-19 10:24 - 2015-01-19 10:24 - 00847872 _____ () C:\Windows\nmsvc\nmi.dll
2014-12-23 15:50 - 2013-01-15 19:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\webres.dll
2014-12-23 15:50 - 2014-12-10 10:14 - 01284896 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\Scan.dll
2014-12-23 15:50 - 2014-10-16 11:26 - 00622880 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 8\ProductStatistics.dll
2014-01-10 01:28 - 2014-01-10 01:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2015-02-05 05:00 - 2015-02-05 05:00 - 16852144 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00113171 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlc.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 02396691 _____ () C:\Program Files (x86)\VideoLAN\VLC\libvlccore.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00268307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00031251 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 11148307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 01248787 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00066579 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 02043411 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00100371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00244243 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00076307 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00045587 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00060947 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00531475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00708627 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00114195 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00040467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00014867 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00133139 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 01512467 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00296979 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00054291 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00038419 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00189971 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00292371 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00017939 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 01280019 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00018451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00336403 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00344595 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00198675 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00027155 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00015891 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 01393171 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00146451 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00022035 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00733203 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00026131 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00171027 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00019475 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 10447379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00746515 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00026643 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00587283 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00113683 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00027667 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00019987 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00053779 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00016915 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00032275 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00020499 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00017427 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00015379 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00068115 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00032275 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\video_filter\libadjust_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00013843 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 00018963 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2014-07-22 19:29 - 2014-07-22 19:29 - 01496083 _____ () C:\Program Files (x86)\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 00091026 _____ () C:\Users\admin\Desktop\Tor Browser\Browser\libssp-0.dll
1999-12-31 20:00 - 2015-02-26 16:21 - 05056526 _____ () C:\Users\admin\Desktop\Tor Browser\Browser\mozjs.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 00714452 _____ () C:\Users\admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\libevent-2-0-5.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 00091026 _____ () C:\Users\admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\libssp-0.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 00517814 _____ () C:\Users\admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\libgcc_s_sjlj-1.dll
1999-12-31 20:00 - 1999-12-31 20:00 - 00110592 _____ () C:\Users\admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\zlib1.dll
2015-03-08 13:48 - 2015-03-08 13:48 - 00012800 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00009728 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00014848 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00094208 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\src\rgloader\rgloader193.mswin.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00009216 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00094208 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00126976 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00087552 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00016384 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00127316 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\bin\libffi-6.dll
2015-03-08 13:48 - 2015-03-08 13:48 - 00008704 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00013312 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00095744 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00026624 _____ () C:\Users\admin\AppData\Local\Temp\ocrAD72.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00012800 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\encdb.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00009728 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\iso_8859_1.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00014848 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\transdb.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00094208 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\src\rgloader\rgloader193.mswin.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00094208 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\site_ruby\1.9.1\rgloader\rgloader193.mswin.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00118784 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\socket.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00069120 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\zlib.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00083968 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\bin\zlib1.dll
2015-03-08 13:48 - 2015-03-08 13:48 - 00026624 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\stringio.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00275968 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\openssl.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00015360 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\digest.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00008192 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\fcntl.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00009216 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\etc.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00023552 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\parser.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00008704 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16be.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00008704 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_16le.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00008704 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32be.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00008704 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\utf_32le.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00036352 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\json\ext\generator.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00126976 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\win32ole.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00087552 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\dl.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00016384 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\fiddle.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00127316 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\bin\libffi-6.dll
2015-03-08 13:48 - 2015-03-08 13:48 - 00013312 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\utf_16_32.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00095744 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\1.9.1\i386-mingw32\enc\trans\single_byte.so
2015-03-08 13:48 - 2015-03-08 13:48 - 00026624 _____ () C:\Users\admin\AppData\Local\Temp\ocrB38A.tmp\lib\ruby\gems\1.9.1\gems\win32-api-1.5.0-universal-mingw32\lib\win32\ruby19\win32\api.so
2014-08-22 00:20 - 2014-11-09 04:29 - 00815104 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\khost.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 01198592 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoFoundation.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00745472 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\CFLite.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00059904 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\zlib1.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 01234944 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\libxml2.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00200704 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiapp\1.2.0.RC6d\tiappmodule.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00290816 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoUtil.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00511488 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoXML.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00180224 _____ () C:\Program Files\pia_manager\pia_tray\modules\tifilesystem\1.2.0.RC6d\tifilesystemmodule.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00344064 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiui\1.2.0.RC6d\tiuimodule.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00368640 _____ () C:\Program Files\pia_manager\pia_tray\modules\tinetwork\1.2.0.RC6d\tinetworkmodule.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00642048 _____ () C:\Program Files\pia_manager\pia_tray\runtime\1.2.0.RC6d\PocoNet.dll
2014-08-22 00:20 - 2014-11-09 04:29 - 00217088 _____ () C:\Program Files\pia_manager\pia_tray\modules\tiprocess\1.2.0.RC6d\tiprocessmodule.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 02565640 _____ () C:\Program Files (x86)\DivX\DivX Player\DivX Player.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00817160 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXLibrary.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00461832 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXAccountViewPlugin.dll
2014-12-22 05:27 - 2014-12-22 05:27 - 03049480 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDCFServicesPlugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00682504 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDFXAudioPlugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00166408 _____ () C:\Program Files (x86)\DivX\Codecs\DFXAudioTransform.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 02106888 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlayerPlugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00778760 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXPlaybackServicesPlugin.dll
2014-12-17 04:06 - 2014-12-17 04:06 - 00916488 _____ () C:\Program Files (x86)\DivX\Codecs\DSE_Control.dll
2014-12-17 04:24 - 2014-12-17 04:24 - 00796168 _____ () C:\Program Files (x86)\DivX\Codecs\DivXMP4Source.dll
2014-12-17 04:52 - 2014-12-17 04:52 - 05632512 _____ () C:\Program Files (x86)\DivX\Codecs\DMFContainer.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00350216 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerPlugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00420872 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXMediaManagerV2Plugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00054792 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLicenseWriterPlugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00429064 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXBannerAdPlugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00504840 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDownloadManagerPlugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00392712 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXTicketManagerPlugin.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00829960 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXLibraryPanePlugin.dll
2014-12-17 04:10 - 2014-12-17 04:10 - 00689160 _____ () C:\Program Files (x86)\DivX\Codecs\Direct3DVideoOutput.dll
2014-12-22 05:12 - 2014-12-22 05:12 - 00646664 _____ () C:\Program Files (x86)\DivX\DivX Player\DPXPlugins\DPXDevicePanePlugin.dll
2014-12-17 04:19 - 2014-12-17 04:19 - 00079880 _____ () C:\Program Files (x86)\DivX\Codecs\DivXDeinterlaceFilter.dll
2014-12-17 04:15 - 2014-12-17 04:15 - 00116232 _____ () C:\Program Files (x86)\DivX\Codecs\XA2AudioOutput.dll
2014-12-17 04:11 - 2014-12-17 04:11 - 00108040 _____ () C:\Program Files (x86)\DivX\Codecs\DivXAVCDecodeWrapper.dll
2014-12-17 04:16 - 2014-12-17 04:16 - 00419848 _____ () C:\Program Files (x86)\DivX\Codecs\DivXAACDecode.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:890CC2F3
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\N1Service => ""="service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2874010073-1328126794-2967002207-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\admin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.222.18.222 - 209.222.18.218

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: AccuWeatherWidget => "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\start.umj" --startup
MSCONFIG\startupreg: Adobe ARM =>
MSCONFIG\startupreg: Adobe Reader Speed Launcher =>
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenuEx => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
MSCONFIG\startupreg: Dell DataSafe Online =>
MSCONFIG\startupreg: Dell Registration => C:\Program Files (x86)\System Registration\prodreg.exe /boot
MSCONFIG\startupreg: DellStage => "C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe" "C:\Program Files (x86)\Dell Stage\Dell Stage\start.umj" --startup
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: ISTray => "C:\Program Files (x86)\PC Tools Security\pctsGui.exe" /hideGUI
MSCONFIG\startupreg: NeroLauncher => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: SpywareTerminatorShield => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Accounts: =============================

46D8E726C29C4079B3E9 (S-1-5-21-2874010073-1328126794-2967002207-1003 - Limited - Enabled)
admin (S-1-5-21-2874010073-1328126794-2967002207-1000 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-2874010073-1328126794-2967002207-500 - Administrator - Disabled)
Guest (S-1-5-21-2874010073-1328126794-2967002207-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2874010073-1328126794-2967002207-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/08/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location G:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

Error: (03/07/2015 08:18:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.1.5542, time stamp: 0x54f851c0
Faulting module name: mozalloc.dll, version: 36.0.1.5542, time stamp: 0x54f8437e
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x2b08
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (03/06/2015 08:57:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BDTUpdateService.exe, version: 4.0.0.1884, time stamp: 0x50863175
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x00039342
Faulting process id: 0x9d4
Faulting application start time: 0xBDTUpdateService.exe0
Faulting application path: BDTUpdateService.exe1
Faulting module path: BDTUpdateService.exe2
Report Id: BDTUpdateService.exe3

Error: (03/06/2015 06:30:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.1.5542, time stamp: 0x54f851c0
Faulting module name: mozalloc.dll, version: 36.0.1.5542, time stamp: 0x54f8437e
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x2314
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (03/06/2015 03:33:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 36.0.0.5531, time stamp: 0x54eb029a
Faulting module name: mozalloc.dll, version: 36.0.0.5531, time stamp: 0x54eaf3b7
Exception code: 0x80000003
Fault offset: 0x00001e02
Faulting process id: 0x2574
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3

Error: (03/05/2015 09:06:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (03/05/2015 03:30:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: igd10umd64.dll, version: 9.17.10.3517, time stamp: 0x532b0caa
Exception code: 0xc0000005
Fault offset: 0x000000000026f8c7
Faulting process id: 0x190c
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (03/05/2015 03:29:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: igd10umd64.dll, version: 9.17.10.3517, time stamp: 0x532b0caa
Exception code: 0xc0000005
Fault offset: 0x000000000026f8c7
Faulting process id: 0x1ae0
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (03/05/2015 03:25:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: igd10umd64.dll, version: 9.17.10.3517, time stamp: 0x532b0caa
Exception code: 0xc0000005
Fault offset: 0x000000000026f8c7
Faulting process id: 0x1564
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3

Error: (03/05/2015 03:24:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Dwm.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc541
Faulting module name: igd10umd64.dll, version: 9.17.10.3517, time stamp: 0x532b0caa
Exception code: 0xc0000005
Fault offset: 0x000000000026f8c7
Faulting process id: 0x2428
Faulting application start time: 0xDwm.exe0
Faulting application path: Dwm.exe1
Faulting module path: Dwm.exe2
Report Id: Dwm.exe3


System errors:
=============
Error: (03/07/2015 08:13:06 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.

Error: (03/07/2015 08:13:06 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/07/2015 08:13:03 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.

Error: (03/06/2015 08:57:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Browser Defender Update Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/03/2015 01:47:48 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/03/2015 01:46:06 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the N1Service service, but this action failed with the following error:
%%1056

Error: (03/03/2015 01:45:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The N1Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 200 milliseconds: Restart the service.

Error: (03/03/2015 01:45:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (03/03/2015 01:45:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (03/03/2015 01:34:31 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Media Player Network Sharing Service service, but this action failed with the following error:
%%1056


Microsoft Office Sessions:
=========================
Error: (03/08/2015 07:00:01 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: G:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

Error: (03/07/2015 08:18:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.1.554254f851c0mozalloc.dll36.0.1.554254f8437e8000000300001e022b0801d0585d497c08f1C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dlla618cd94-c528-11e4-8610-d4bed9c2a7a3

Error: (03/06/2015 08:57:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BDTUpdateService.exe4.0.0.188450863175ole32.dll6.1.7601.175144ce7b96fc0000005000393429d401d055751e43f224C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exeC:\Windows\syswow64\ole32.dlldf663ca8-c464-11e4-8610-d4bed9c2a7a3

Error: (03/06/2015 06:30:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.1.554254f851c0mozalloc.dll36.0.1.554254f8437e8000000300001e02231401d057e03c7e4393C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll5feda50d-c450-11e4-8610-d4bed9c2a7a3

Error: (03/06/2015 03:33:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe36.0.0.553154eb029amozalloc.dll36.0.0.553154eaf3b78000000300001e02257401d057cc871afa38C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll069bb962-c3d3-11e4-8610-d4bed9c2a7a3

Error: (03/05/2015 09:06:57 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\Program Files (x86)\Cozi Express\CoziExpress.exe

Error: (03/05/2015 03:30:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dwm.exe6.1.7600.163854a5bc541igd10umd64.dll9.17.10.3517532b0caac0000005000000000026f8c7190c01d057161cdd5911C:\Windows\system32\Dwm.exeC:\Windows\system32\igd10umd64.dll6ed73d64-c309-11e4-8610-d4bed9c2a7a3

Error: (03/05/2015 03:29:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dwm.exe6.1.7600.163854a5bc541igd10umd64.dll9.17.10.3517532b0caac0000005000000000026f8c71ae001d0571591b02c7fC:\Windows\system32\Dwm.exeC:\Windows\system32\igd10umd64.dll57b3e598-c309-11e4-8610-d4bed9c2a7a3

Error: (03/05/2015 03:25:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dwm.exe6.1.7600.163854a5bc541igd10umd64.dll9.17.10.3517532b0caac0000005000000000026f8c7156401d05715694730f5C:\Windows\system32\Dwm.exeC:\Windows\system32\igd10umd64.dllcefe03d5-c308-11e4-8610-d4bed9c2a7a3

Error: (03/05/2015 03:24:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Dwm.exe6.1.7600.163854a5bc541igd10umd64.dll9.17.10.3517532b0caac0000005000000000026f8c7242801d057153a709b53C:\Windows\system32\Dwm.exeC:\Windows\system32\igd10umd64.dlla666f2be-c308-11e4-8610-d4bed9c2a7a3


==================== Memory info ===========================

Processor: Intel® Core™ i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 65%
Total physical RAM: 8104.63 MB
Available physical RAM: 2816.16 MB
Total Pagefile: 16207.45 MB
Available Pagefile: 10357.62 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:916.66 GB) (Free:158.47 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 915581D8)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=916.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:06 PM

Posted 09 March 2015 - 06:49 AM

Hi,
 
 
warning.gif P2P Warning

Going over your logs I noticed that you have µTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via  hidden2.png > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

warning.gif Multiple Anti-Virus Software

I see that you're running more than one antivirus program at the same time.
This is a bad idea.
Using more than one AV will not give you any better protection, but may cause interferences between them, slow your machine or even completely block your OS. You should choose only one to stay, and remove any others.

  • Please download and install revouninstaller.pngRevo Uninstaller Free
    note: there is no need to click anything on that page, the download will start automatically
  • Double click Revo Uninstaller to run it
  • From the list of programs double click on the listed program(s), or anything similar, to remove it:
    IObit Malware Fighter
    PC Tools Spyware Doctor with AntiVirus
    Spybot - Search & Destroy
    Spyware Terminator 2015
    
  • When prompted if you want to uninstall click Yes
  • Be sure the Moderate option is selected then click Next
  • The program will run, If prompted again click Yes
  • When the built-in uninstaller is finished click on Next
  • Once the program has searched for leftovers click Next
  • Check the items in bold only on the list then click Delete
    note: you may have to expand some folders by clicking the "+" mark
  • When prompted click on Yes and then on Next
  • Put a check on any folders that are found and select Delete
  • When prompted select Yes then Next
  • Once done click Finish

Note:
https://forums.malwarebytes.org/index.php?/topic/29681-iobit-steals-malwarebytes-intellectual-property/

 

Step 1


Please downloadesetlogo.png Online Scanner and save it to your Desktop.

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 amped323

amped323
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 11 March 2015 - 02:56 AM

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetCan not open internetESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=668c5876a01b5541850db6a7ca3089aa
# engine=22851
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-03-11 07:53:02
# local_time=2015-03-11 03:53:02 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG Internet Security 2014'
# compatibility_mode=1049 16777213 100 100 0 112251166 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 15384188 177603832 0 0
# scanned=427427
# found=43
# cleaned=0
# scan_time=9977
sh=399FD9129A4B94F08EE61C7FD337684E635199AF ft=0 fh=0000000000000000 vn="BAT/HostsChanger.A potentially unsafe application" ac=I fn="C:\$RECYCLE.BIN\S-1-5-21-2874010073-1328126794-2967002207-1000\$R5L8ATB\Block.cmd"
sh=EE2D8A0C16CB4F60E07AD30BC8F4AF2D25E4FF62 ft=1 fh=c2a60ef126908cf5 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSS.exe"
sh=24A108C48173FDD9962F7CC3D4DB4B852D864838 ft=1 fh=0501d0dc4c9a869f vn="a variant of Win32/Systweak.N potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSHelper.dll"
sh=915239C2678EFCE5C2E45012595BEA0C050864B4 ft=1 fh=9ca6c4d86ffea4d8 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSPrivacyProtector.exe"
sh=67A75BAA7A5BBB2EEEBB99D490F00F82D0BB1E09 ft=1 fh=5d5a0ac2ab2c0a85 vn="a variant of Win32/Systweak potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe"
sh=2C09414F7BCF16F3C9A358B5CCD4492EF7EEF08E ft=1 fh=5545a1a02bc092d6 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegistryOptimizer.exe"
sh=322DCE4CCA5EB266FFEDD900C6D628769AD18300 ft=1 fh=b3d66e50f9e4f6b1 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSSystemCleaner.exe"
sh=3C89C07645581D518DAA548991C4C5F22E18B9F5 ft=1 fh=d4b9f893421a29c8 vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\ProgramData\IObit\ASCDownloader\ASCSetup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Installcr_10123\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Installiwebar_725\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_10467\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_10473\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_10618\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_11851\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_13639\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_15223\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_16885\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_17616\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_18742\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_18836\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_20424\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_20888\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_20935\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_2302\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_24288\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_25627\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_26549\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_2839\DCytdieamo_amodc_setup.exe"
sh=1B6A3BEB339EDCB36344EA3D46FABF6AE48BF4D0 ft=1 fh=2c9ca9b029e71fa3 vn="a variant of Win32/SpeedBit.E potentially unwanted application" ac=I fn="C:\Users\admin\AppData\Local\Installer\Install_9089\DCytdieamo_amodc_setup.exe"
sh=D0081B41492A8FDAA93D5F58833239FF8D11F5B9 ft=0 fh=0000000000000000 vn="BAT/Qhost.NTI trojan" ac=I fn="C:\Users\admin\Desktop\downloads\FolderLock 7.2+Serial [Full]\FolderLock 7.2+Serial [Full].zip"
sh=CF577009B9163C26A86AB2178B8EB0725AA84512 ft=1 fh=4f912b3c7fae1da5 vn="Win32/MyPCBackup.C potentially unwanted application" ac=I fn="C:\Users\admin\Desktop\downloads\IObit Malware Fighter 3 PRO + Serial Key\IMF_v3.0.2.25.exe"
sh=3DAC46115299FEB54BB2FE6F81B4A3C222FA2205 ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="C:\Users\admin\Desktop\New Folder\utwit\photoblog\footer.php"
sh=45D174C77A3E1485F91E7E187447934898DADB7E ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="C:\Users\admin\Desktop\New Folder\utwit\prairie\footer.php"
sh=1D0DC707A2F748F0B0E529DF1E7542EF55B0C01C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AB trojan" ac=I fn="C:\Users\admin\Desktop\New Folder\utwit\rhea\footer.php"
sh=D45EF74E5561D6F7FD82086970DFCC29BD702AE8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit.A potentially unwanted application" ac=I fn="C:\Users\admin\Desktop\transfer\backupofcdrivestuff=10=9=10\daap\IBP - Arelis v9.7.1.zip"
sh=BE2BA1C578248C71E21460CF31AC63722A2DE039 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F potentially unwanted application" ac=I fn="C:\Users\admin\Desktop\transfer\backupofcdrivestuff=10=9=10\daap\link-cloak-aff-pro.zip"
sh=684077DF02AE3EA04D339F74263B0F9F259638B2 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F potentially unwanted application" ac=I fn="C:\Users\admin\Desktop\transfer\backupofcdrivestuff=10=9=10\daap\blackhat\darkspark-10-f1679b563b0bf26a2e6fe844f.zip"
sh=8AFF2990FC7067AB44502529FE1A18E5F4308045 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F potentially unwanted application" ac=I fn="C:\Users\admin\Desktop\transfer\backupofcdrivestuff=10=9=10\daap\stuff\articler\articler.php"
sh=39F6F0C7A420DB8D8FA56FFA351C75A6332B9A22 ft=1 fh=296f10d3b687a7f8 vn="a variant of Win32/CCProxy potentially unsafe application" ac=I fn="C:\Users\admin\Desktop\transfer\backupofcdrivestuff=10=9=10\utilities\Top 10 IP Utilities All-In-One Team Pachino.exe"
sh=8AFF2990FC7067AB44502529FE1A18E5F4308045 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F potentially unwanted application" ac=I fn="C:\Users\admin\Desktop\transfer\cdrivebackup\articler\articler.php"
sh=F8077DD45F59D8964156896E305312CD109D75F8 ft=1 fh=07b2413872c62cbb vn="a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application" ac=I fn="C:\Users\admin\Desktop\transfer\cdrivestuff\programstokeep\Trend Micro\HijackThis\backups\backup-20091215-114514-940.dll"
sh=3C89C07645581D518DAA548991C4C5F22E18B9F5 ft=1 fh=d4b9f893421a29c8 vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\Users\All Users\IObit\ASCDownloader\ASCSetup.exe"
sh=9CE317C3749C254138FB6F1995A7580894F5F8D6 ft=0 fh=0000000000000000 vn="a variant of Win32/Systweak.L potentially unwanted application" ac=I fn="C:\WINDOWS\Installer\2bfd4cd.msi"
 



#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:06 PM

Posted 11 March 2015 - 03:07 PM

Step 1

Upload File(s) to
virustotal.png
I want you to upload the following file(s) to an online virus-scanner to scan.

  • Click the Choose File button.
  • Please copy/paste the following text into the 'File name:' box:
    C:\Windows\system32\N1Service64.dll
    
  • Click Open then click the Scan it! button just below.
  • This will scan the file. Please be patient.
  • If you get a message saying File already analyzed: click Reanalyse
  • Copy and Paste the link of the result page in your reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 amped323

amped323
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:06 PM

Posted 11 March 2015 - 06:20 PM

https://www.virustotal.com/en/file/c0b29ae51c170eeff049ef4a8e67355eee25a983afccee303d60e1cffc2a4931/analysis/1426115956/



#9 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:06 PM

Posted 12 March 2015 - 01:30 PM

Thank you!

Step 1

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following options are checked:
    opt.PNG
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:07:06 PM

Posted 17 March 2015 - 04:56 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users