jaiz

Honorary Members

View Profile See their activity

Posts
134
Joined
May 14, 2013
Last visited
March 13, 2014

Content Type

All Activity

Events

Profiles

Forums

Topics
Posts

Everything posted by jaiz

BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014 Ran by Jeremy at 2014-03-13 02:10:22 Running from C:\Users\Jeremy\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AAMS Auto Audio Mastering System V2.5 (HKLM-x32\...\AAMS Auto Audio Mastering System V2.5) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems) Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated) Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version: - ) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.) Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated) Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated) Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated) Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 Content (HKLM-x32\...\Adobe Premiere Elements 10 Content) (Version: 10.0 - Adobe Systems Incorporated) Adobe Premiere Elements 10 Content (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 HD Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 HD Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 HD Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) AIM for Windows (HKCU\...\AIM) (Version: - AOL Inc.) AIPL WarmTone DX v2.2 (HKLM-x32\...\AIPL WarmTone DX v2.2) (Version: - ) Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version: - ) Antares Microphone Modeler - ZONE (HKLM-x32\...\Antares Microphone Modeler - ZONE) (Version: - ) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software) Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo) Blaine's Alias Title (HKLM\...\{2758AEE7-EDC9-49B6-9498-7FF378944F3C}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Bloom/Negative Effects (HKLM\...\{4FC89A20-FA00-4AD7-B5E6-AC64E67C4273}) (Version: 1.1.0 - Blaine's Movie Maker Blog) Blaine's Cartoonify Effects (HKLM\...\{442935B7-87F8-4D86-9E76-41F5A0D82132}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Color Fade Effects (HKLM\...\{1A2D9795-4979-447B-BB34-B8DE7A45B8CE}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Contrast Effects (HKLM\...\{B9BB9850-4A9F-4D16-8089-82EDA9F69650}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Custom Dreamy Look Title (HKLM\...\{36F14E9E-3F89-43EF-948D-D4E1A9021508}) (Version: 2.0.1 - Blaine's Movie Maker Blog) Blaine's Custom Speed Effects (HKLM\...\{35F7B5BB-670F-4E71-9ED2-C772F17B3C8F}) (Version: 2.0.1 - Blaine's Movie Maker Blog) Blaine's Film Looks Effects (HKLM\...\{95BCCCA2-447E-4F8F-A4C5-49D5700BE627}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Letterbox Effects (HKLM\...\{53EE9AAB-CD12-454C-BDD8-32BDC289757F}) (Version: 1.0.3 - Blaine's Movie Maker Blog) Blaine's Pixelate Effects (HKLM\...\{299687D9-4E2A-41F5-84B4-2145AD3A866A}) (Version: 1.0.2 - Blaine's Movie Maker Blog) Blaine's TV Signal Effects (HKLM\...\{344B6293-5ED2-4091-A574-8D5D14D65AB3}) (Version: 1.0.0 - Blaine's Movie Maker Blog) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬) Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.) Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon MG2200 series User Registration (HKLM-x32\...\Canon MG2200 series User Registration) (Version: - Canon Inc.‎) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSELPH110HS_IXUS125HS) (Version: 1.0.0.7 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.1.1.19 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3099 - CDBurnerXP) ClickFix Lite for Adobe Audition version 3.04 (remove only) (HKLM-x32\...\ClickFix Lite for Adobe Audition version 3.04) (Version: - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.4.0 - Conexant) ContaCam (HKLM-x32\...\ContaCam) (Version: 4.0.5 - Contaware.com) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.) Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) EULAlyzer 2.2 (HKLM-x32\...\EULAlyzer_is1) (Version: 2.2.0 - BrightFort LLC) Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) FastStone Capture 6.8 (HKLM-x32\...\FastStone Capture) (Version: 6.8 - FastStone Soft) Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.5.9 - Telerik) FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse) foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski) Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright© 2005-2013 FreeSoundRecorder Technologies, Inc.) FreeUndelete 2.1.36867.1 (HKLM-x32\...\{0F5ADA2F-C0B2-4AD6-8FF7-7DFA9D6B4CBA}) (Version: 2.1.36867.1 - Recoveronix) GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.) GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.24.000 - Runtime Software) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.) Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - ) HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan) iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 10.1.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - ) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.) LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation) Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden MixMeister Studio 7.2.2 (HKLM-x32\...\MixMeister Studio 7.2.2_is1) (Version: - ) Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation) Moyea FLV to Video Converter Pro version 1.29.2.11 (HKLM-x32\...\{A777CB31-A5EC-4E32-A462-2E24F45D4D4F}_is1) (Version: - ) Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) Mp3 Song Plays Increaser (HKLM-x32\...\{FBC0353C-CAFA-4648-91BC-9299774A80E8}) (Version: 1.0.3 - mp3songplays.com) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OLYMPUS Master 2 (HKLM-x32\...\{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}) (Version: 1.0.13 - OLYMPUS IMAGING CORP.) Paltalk Messenger 11.2 (HKLM-x32\...\Paltalk Messenger) (Version: 11.2.0 - AVM Software Inc.) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software) Recuva (HKLM\...\Recuva) (Version: 1.37 - Piriform) Sandboxie 4.04 (64-bit) (HKLM\...\Sandboxie) (Version: 4.04 - Sandboxie Holdings, LLC) Share YouTube Videos version 1 (HKLM-x32\...\{55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1) (Version: 1 - ) Simple Search-Replace (HKLM-x32\...\{85BEDB91-5AB4-4066-8946-4EE980950F82}) (Version: 1.08.0000 - RJL Software, Inc.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.) SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.) SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden Sonic Foundry ACID 4.0e (HKLM-x32\...\{9B7DE025-A6AF-446B-86BE-3BD9604B498A}) (Version: 4.0.408 - Sonic Foundry) Sony Sound Forge 7.0 (HKLM-x32\...\{0712667C-A171-49AE-A098-4ACDA28625F8}) (Version: 7.0.214 - Sony) Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB) SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com) System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer) Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation) Universal Audio v4.4.0 Native (HKLM-x32\...\Universal Audio v4.4.0 Native) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft) Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft) Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{8F32B14E-F85E-482C-BF8C-C04E1A5ADE4F}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft) Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft) Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR) Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version: - ) Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version: - ) Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 03-03-2014 13:10:17 Windows Modules Installer 03-03-2014 13:20:12 Windows Update 07-03-2014 19:55:46 Windows Update 08-03-2014 18:05:48 Revo Uninstaller's restore point - VLC media player 2.1.2 13-03-2014 00:26:14 Windows Update ==================== Hosts content: ========================== 2012-02-03 07:35 - 2014-02-25 11:43 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {000BB44C-CE99-4636-893C-73FD773565F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd) Task: {1F98F092-786D-4758-93FA-BB2417F803F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.) Task: {45063B76-A9B1-4603-9713-97C6707EF7C9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-16] (AVAST Software) Task: {683E96DA-D02F-49A0-B2C5-92EE1ABC6674} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.) Task: {68FD1AED-AB87-4272-804A-71E26C6C771A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMLJLMNJHMNJJMNJNJCNLJMJHMLMCNLMMJJJNJCNHMJMKJKJCNNJNJKMGMMJNJNJHMHMJJGMKJJNJICMIMCNGMCNPMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMLMJNHICMEKMICNJJCKJNBJCMFLKJNIKJCJGIJNKJCMJNNICMJNDJCMKJBJ" Task: {72AC25D4-AFF2-4C7F-83D2-00CCA50383AB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {77F35599-F36B-4ED7-B88D-EAF50A444D3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.) Task: {C0D1F864-CDC5-4232-974C-01C2003C9936} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe Task: {EE44E6C4-F4D7-46EB-B9D2-0080B4AEE915} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-08] (Adobe Systems Incorporated) Task: {F0EFFE04-2F5C-4341-8D1C-D8FC357FF2C9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll 2012-01-20 18:07 - 2011-01-27 11:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-11-08 03:48 - 2013-11-08 03:48 - 01279512 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe 2014-01-27 09:04 - 2014-03-09 18:45 - 01094144 _____ () C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe 2011-12-02 11:07 - 2011-12-02 11:07 - 02046976 _____ () C:\Program Files (x86)\foobar2000\foobar2000.exe 2014-03-09 05:58 - 2014-03-09 05:17 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030900\algo.dll 2014-03-12 16:04 - 2014-03-12 15:20 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14031201\algo.dll 2013-12-15 15:26 - 2013-12-15 15:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2013-04-11 20:58 - 2014-02-14 10:09 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-02-28 05:52 - 2014-03-08 13:53 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll 2013-11-18 06:11 - 2013-11-14 14:00 - 01235456 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-55.dll 2013-11-18 06:11 - 2013-11-14 14:00 - 08113152 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-55.dll 2013-11-18 06:11 - 2013-11-14 14:00 - 00358912 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-52.dll 2013-11-18 06:11 - 2013-11-14 14:00 - 00235008 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\libbluray.dll 2013-11-18 06:11 - 2013-11-14 14:00 - 00385024 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll 2013-11-18 06:11 - 2013-11-14 14:00 - 00212480 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll 2013-11-18 06:11 - 2013-11-14 14:00 - 00120832 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avresample-lav-1.dll 2010-04-21 08:48 - 2010-04-21 08:48 - 00066560 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll 2011-12-02 11:04 - 2011-12-02 11:04 - 00148480 _____ () C:\Program Files (x86)\foobar2000\shared.dll 2011-12-02 11:06 - 2011-12-02 11:06 - 00299008 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll 2011-12-02 11:06 - 2011-12-02 11:06 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll 2011-12-02 11:05 - 2011-12-02 11:05 - 00171008 _____ () C:\Program Files (x86)\foobar2000\components\foo_unpack.dll 2011-12-02 11:05 - 2011-12-02 11:05 - 00483840 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll 2012-02-03 05:27 - 2011-02-24 13:13 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_monkey.dll 2011-12-02 11:06 - 2011-12-02 11:06 - 01130496 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll 2011-12-02 11:06 - 2011-12-02 11:06 - 00365056 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll 2011-12-02 11:05 - 2011-12-02 11:05 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_fileops.dll 2011-12-02 11:05 - 2011-12-02 11:05 - 00283136 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll 2011-12-02 11:05 - 2011-12-02 11:05 - 01483264 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll 2011-12-02 11:05 - 2011-12-02 11:05 - 00237568 _____ () C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll 2013-11-08 02:47 - 2013-11-08 02:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\..\cef\hitleap-viewer-browser.exe 2013-11-08 02:47 - 2013-11-08 02:47 - 36561408 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\libcef.dll 2013-11-08 02:47 - 2013-11-08 02:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe 2013-11-08 02:47 - 2013-11-08 02:47 - 00862208 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:5C321E34 ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: !SASCORE => 2 MSCONFIG\Services: Adobe LM Service => 3 MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: BstHdAndroidSvc => 2 MSCONFIG\Services: BstHdLogRotatorSvc => 2 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: ICCS => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: iPod Service => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: SbieSvc => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: TeamViewer8 => 2 MSCONFIG\Services: TeamViewer9 => 2 MSCONFIG\Services: UMVPFSrv => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk => C:\Windows\pss\ImageBrowser EX Agent.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MailWasher.lnk => C:\Windows\pss\MailWasher.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tube Bot.lnk => C:\Windows\pss\Tube Bot.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_10354613.lnk => C:\Windows\pss\_uninst_10354613.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_24441005.lnk => C:\Windows\pss\_uninst_24441005.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_51818170.lnk => C:\Windows\pss\_uninst_51818170.lnk.Startup MSCONFIG\startupreg: AddMeFastBotv4.exe => D:\- Jeremy\- Programs\- Website Tools\- Bots\AddMeFastBotv4.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jeremy\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BrowseForTheCause => C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe MSCONFIG\startupreg: BrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\BrowserSyncSetup.exe"repair update startup MSCONFIG\startupreg: CAHeadless => C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon MSCONFIG\startupreg: ContaCam => C:\Program Files (x86)\ContaCam\ContaCam.exe MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe MSCONFIG\startupreg: EV_Autowatcher_Download-Carbon0x => C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe MSCONFIG\startupreg: Facebook Update => "C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe" MSCONFIG\startupreg: Google Update => "C:\Users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: GoogleChromeAutoLaunch_6D3B45FEBE36B822DCB3796A57AA2386 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: IEBrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\IE\IEBrowserSync.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart MSCONFIG\startupreg: Pinger => "C:\Program Files (x86)\Pinger\Pinger.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe" MSCONFIG\startupreg: Spotify => "C:\Users\Jeremy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: ThreadManager.exe => C:\Program Files (x86)\Thread Manager\ThreadManager.exe MSCONFIG\startupreg: urlspace => C:\Users\Jeremy\Desktop\Market\When Asleep\jingling.exe -h ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (03/12/2014 10:28:40 PM) (Source: Application Error) (User: ) Description: Faulting application name: ReverbNationPromoter.exe, version: 2.0.1.0, time stamp: 0x5211d86c Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677 Exception code: 0xe0434f4d Fault offset: 0x000000000000940d Faulting process id: 0x%9 Faulting application start time: 0xReverbNationPromoter.exe0 Faulting application path: ReverbNationPromoter.exe1 Faulting module path: ReverbNationPromoter.exe2 Report Id: ReverbNationPromoter.exe3 Error: (03/12/2014 10:28:23 PM) (Source: Application Error) (User: ) Description: Faulting application name: ReverbNationPromoter.exe, version: 2.0.1.0, time stamp: 0x5211d86c Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677 Exception code: 0xe0434f4d Fault offset: 0x000000000000940d Faulting process id: 0x%9 Faulting application start time: 0xReverbNationPromoter.exe0 Faulting application path: ReverbNationPromoter.exe1 Faulting module path: ReverbNationPromoter.exe2 Report Id: ReverbNationPromoter.exe3 Error: (03/12/2014 10:28:17 PM) (Source: Application Error) (User: ) Description: Faulting application name: ReverbNationPromoter.exe, version: 2.0.1.0, time stamp: 0x5211d86c Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677 Exception code: 0xe0434f4d Fault offset: 0x000000000000940d Faulting process id: 0x%9 Faulting application start time: 0xReverbNationPromoter.exe0 Faulting application path: ReverbNationPromoter.exe1 Faulting module path: ReverbNationPromoter.exe2 Report Id: ReverbNationPromoter.exe3 Error: (03/09/2014 10:34:16 AM) (Source: Application Hang) (User: ) Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1f10 Start Time: 01cf3ba43994e85c Termination Time: 102 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: dc5d1a36-a797-11e3-8582-d067e52c8165 Error: (03/09/2014 01:17:13 AM) (Source: Application Hang) (User: ) Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 15f0 Start Time: 01cf3af7ea13a236 Termination Time: 89 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: 0fdb6ea9-a74a-11e3-8582-d067e52c8165 Error: (03/08/2014 02:15:02 PM) (Source: MsiInstaller) (User: Jeremy-PC) Description: Product: Adobe AIR -- Error 1714. The older version of Adobe AIR cannot be removed. Contact your technical support group. System Error 1612. Error: (03/08/2014 00:53:23 PM) (Source: Application Error) (User: ) Description: Faulting application name: plugin-container.exe, version: 22.0.0.4916, time stamp: 0x51bf939f Faulting module name: NPSWF32_12_0_0_70.dll, version: 12.0.0.70, time stamp: 0x530164e1 Exception code: 0x80000003 Fault offset: 0x0034764d Faulting process id: 0x1528 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (03/08/2014 00:15:45 PM) (Source: Application Hang) (User: ) Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: e10 Start Time: 01cf3a4e378c310f Termination Time: 299 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: e15078fd-a6dc-11e3-8582-d067e52c8165 Error: (03/04/2014 07:11:39 PM) (Source: Application Error) (User: ) Description: Faulting application name: plugin-container.exe, version: 27.0.1.5156, time stamp: 0x52fc0fcf Faulting module name: mozalloc.dll, version: 27.0.1.5156, time stamp: 0x52fbe972 Exception code: 0x80000003 Fault offset: 0x0000119c Faulting process id: 0x169c Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (03/04/2014 07:11:39 PM) (Source: Application Hang) (User: ) Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 147c Start Time: 01cf37b69d422d22 Termination Time: 85 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: 5211460e-a3f2-11e3-85b5-d067e52c8165 System errors: ============= Error: (03/05/2014 11:21:55 PM) (Source: DCOM) (User: ) Description: {0002DF01-0000-0000-C000-000000000046} Error: (03/04/2014 10:36:23 PM) (Source: DCOM) (User: ) Description: {0002DF01-0000-0000-C000-000000000046} Error: (03/04/2014 10:09:05 PM) (Source: DCOM) (User: Jeremy-PC) Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jeremy-PCJeremyS-1-5-21-4055183432-471262313-3685020261-1000LocalHost (Using LRPC) Error: (03/04/2014 10:02:54 PM) (Source: DCOM) (User: Jeremy-PC) Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jeremy-PCJeremyS-1-5-21-4055183432-471262313-3685020261-1000LocalHost (Using LRPC) Error: (03/03/2014 09:27:45 PM) (Source: DCOM) (User: ) Description: {0002DF01-0000-0000-C000-000000000046} Error: (03/03/2014 09:11:30 PM) (Source: WMPNetworkSvc) (User: ) Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. Error: (03/03/2014 09:29:11 AM) (Source: DCOM) (User: ) Description: {0002DF01-0000-0000-C000-000000000046} Error: (03/02/2014 11:23:01 AM) (Source: Service Control Manager) (User: ) Description: The ScRegSetValueExW call failed for Start with the following error: %%5 Error: (03/02/2014 11:22:37 AM) (Source: Service Control Manager) (User: ) Description: The ScRegSetValueExW call failed for Start with the following error: %%5 Error: (03/02/2014 11:22:14 AM) (Source: Service Control Manager) (User: ) Description: The ScRegSetValueExW call failed for Start with the following error: %%5 Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-10-06 01:34:22.151 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-06 01:34:22.098 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-06 01:34:22.044 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-06 01:34:21.990 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-09 15:23:06.934 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-09 15:23:06.888 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-09 15:23:06.841 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-09 15:23:06.795 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-06-27 11:19:20.910 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-06-27 11:19:20.872 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 78% Total physical RAM: 6056.63 MB Available physical RAM: 1322.84 MB Total Pagefile: 12111.44 MB Available Pagefile: 6439.19 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:249.62 GB) NTFS Drive d: (Files) (Fixed) (Total:931.51 GB) (Free:88.48 GB) NTFS Drive e: (Media) (Fixed) (Total:931.51 GB) (Free:139.61 GB) NTFS Drive f: (Backup) (Fixed) (Total:2794.52 GB) (Free:0.01 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 3468B252) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 9D4CFAAC) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 34ECB17F) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 4. ==================== End Of Log ============================
- March 13, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014 Ran by Jeremy (administrator) on JEREMY-PC on 13-03-2014 02:09:06 Running from C:\Users\Jeremy\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe (Microsoft Corporation) C:\Windows\helppane.exe (Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe () C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe (XorBots.com) D:\- Jeremy\- Programs\- Website Tools\- Bots\Reverbnationpromotor-crackedby-hotcrack\ReverbNationPromoter.exe (MPC-HC Team) C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (Adobe Systems®, Incorporated) C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe () C:\Program Files (x86)\foobar2000\foobar2000.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-16] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]107.6.133.8,23.23.180.210 FireFox: ======== FF ProfilePath: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789 FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Extension: iMacros for Firefox - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-02-18] FF Extension: DownloadHelper - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-02-20] FF Extension: Block site - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-11-23] FF Extension: X-notifier - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013-09-21] FF Extension: ReloadEvery - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-02-21] FF Extension: Download YouTube Videos as MP4 - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-20] FF Extension: Adblock Plus - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21] FF Extension: Greasemonkey - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-06] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-24] FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-02-09] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08] Chrome: ======= CHR HomePage: CHR Extension: (Easy Auto Refresh) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2014-02-21] CHR Extension: (Google Docs) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16] CHR Extension: (Google Drive) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16] CHR Extension: (YouTube) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16] CHR Extension: (Nanny for Google Chrome ) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno [2014-02-21] CHR Extension: (Google Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16] CHR Extension: (iMacros for Chrome) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2014-02-17] CHR Extension: (avast! Online Security) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-21] CHR Extension: (Website Blocker (Beta)) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-02-21] CHR Extension: (Google Wallet) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16] CHR Extension: (Gmail) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16] CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Jeremy\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2014-02-16] ==================== Services (Whitelisted) ================= S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-20] (Adobe Systems) S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-16] (AVAST Software) S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.) S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.) S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC) S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X] S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X] ==================== Drivers (Whitelisted) ==================== S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-16] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-15] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-16] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-16] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-16] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-05] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-03] (DT Soft Ltd) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC) R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc) R3 VSTWinDriver6; C:\Windows\System32\drivers\VSTwindrvr6.sys [252928 2008-07-03] (Jungo) U3 DfSdkS; S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-03-12 21:58 - 2014-03-12 21:58 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\ReverbNationPromoter 2014-03-12 05:12 - 2014-03-12 05:12 - 04822473 _____ (Tim Kosse) C:\Users\Jeremy\Desktop\FileZilla_3.7.4.1_win32-setup.exe 2014-03-11 14:03 - 2014-03-11 14:05 - 00000000 ____D () C:\Users\Jeremy\Desktop\The Jiggy Jaguar Show 2014-03-09 10:50 - 2014-03-12 23:19 - 00000616 _____ () C:\Windows\setupact.log 2014-03-09 10:50 - 2014-03-09 10:50 - 00007940 _____ () C:\Windows\PFRO.log 2014-03-09 10:50 - 2014-03-09 10:50 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-09 10:40 - 2014-03-09 10:40 - 04765152 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup411.exe 2014-03-08 12:11 - 2014-03-08 12:11 - 00003136 _____ () C:\Windows\System32\Tasks\{BAEC0EE1-2A3E-4685-AEEB-26CA549B00A2} 2014-03-08 12:08 - 2014-03-08 12:08 - 01883792 _____ (Irfan Skiljan) C:\Users\Jeremy\Desktop\iview437_setup.exe 2014-03-05 07:07 - 2014-03-05 07:07 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher 2014-03-03 21:24 - 2014-03-03 21:24 - 00000033 _____ () C:\Users\Jeremy\Desktop\For jiggyjaguar.txt 2014-02-28 06:00 - 2014-01-08 22:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-02-28 06:00 - 2014-01-03 18:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-02-25 11:49 - 2014-02-25 11:49 - 00000020 ___SH () C:\Users\Jeremy\ntuser.ini 2014-02-25 11:12 - 2014-02-25 11:47 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2014-02-25 11:01 - 2014-02-25 11:01 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JEREMY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat 2014-02-25 10:59 - 2014-02-25 10:59 - 00000000 ____D () C:\RegBackup 2014-02-25 10:56 - 2014-02-25 10:57 - 00000000 ____D () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair 2014-02-25 10:56 - 2014-02-25 10:56 - 03089596 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio.zip 2014-02-23 11:13 - 2014-02-23 11:13 - 00018305 _____ () C:\Users\Jeremy\Desktop\ESET SCAN.txt 2014-02-22 05:51 - 2014-02-22 05:51 - 00009366 _____ () C:\Users\Jeremy\Desktop\hijackthis.log 2014-02-22 05:49 - 2014-02-22 05:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy\Desktop\HijackThis.exe 2014-02-22 04:40 - 2014-02-22 04:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-02-22 04:40 - 2014-02-22 04:39 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-02-22 04:40 - 2014-02-22 04:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-02-22 04:40 - 2014-02-22 04:39 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-02-22 02:50 - 2014-02-22 02:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-02-21 04:59 - 2014-02-06 08:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-21 04:59 - 2014-02-06 07:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-21 04:59 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-21 04:59 - 2014-02-06 07:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-21 04:59 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-21 04:59 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-21 04:59 - 2014-02-06 06:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-21 04:59 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-21 04:59 - 2014-02-06 06:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-21 04:59 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-21 04:59 - 2014-02-06 06:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-21 04:59 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-21 04:59 - 2014-02-06 06:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-21 04:59 - 2014-02-06 06:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-21 04:59 - 2014-02-06 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-21 04:59 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-21 04:59 - 2014-02-06 06:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-21 04:59 - 2014-02-06 06:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-21 04:59 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-21 04:59 - 2014-02-06 05:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-21 04:59 - 2014-02-06 05:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-21 04:59 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-21 04:59 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-21 04:59 - 2014-02-06 05:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-21 04:59 - 2014-02-06 05:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-21 04:59 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-21 04:59 - 2014-02-06 05:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-21 04:59 - 2014-02-06 05:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-21 04:59 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-21 04:59 - 2014-02-06 05:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-21 04:59 - 2014-02-06 05:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-21 04:59 - 2014-02-06 05:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-21 04:59 - 2014-02-06 05:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-21 04:59 - 2014-02-06 05:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-21 04:59 - 2014-02-06 04:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-21 04:59 - 2014-02-06 04:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-21 04:59 - 2014-02-06 04:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-21 04:59 - 2014-02-06 04:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-21 04:59 - 2014-02-06 04:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-21 04:59 - 2013-12-21 05:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-21 04:59 - 2013-12-21 04:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-20 07:29 - 2014-02-20 07:29 - 00000000 ____D () C:\_OTL 2014-02-18 22:25 - 2014-02-18 22:33 - 00124930 _____ () C:\Users\Jeremy\Desktop\Extras.Txt 2014-02-18 22:25 - 2014-02-18 22:25 - 00115186 _____ () C:\Users\Jeremy\Desktop\OTL.Txt 2014-02-18 22:16 - 2014-02-18 22:16 - 00602112 _____ (OldTimer Tools) C:\Users\Jeremy\Desktop\OTL.exe 2014-02-18 15:33 - 2014-02-18 15:50 - 00000000 ____D () C:\Users\Jeremy\Desktop\RK_Quarantine 2014-02-18 15:33 - 2014-02-18 15:33 - 04408320 _____ () C:\Users\Jeremy\Desktop\RogueKillerX64.exe 2014-02-18 08:56 - 2014-02-18 08:57 - 00000000 ____D () C:\ProgramData\CanonIJMIG 2014-02-18 08:53 - 2014-02-18 08:57 - 00000000 ____D () C:\ProgramData\CanonIJScan 2014-02-16 22:28 - 2014-02-16 22:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\FRST-OlderVersion 2014-02-16 03:30 - 2014-02-28 05:42 - 00059422 _____ () C:\Users\Jeremy\Desktop\Addition.txt 2014-02-16 03:29 - 2014-03-13 02:09 - 00014427 _____ () C:\Users\Jeremy\Desktop\FRST.txt 2014-02-16 03:29 - 2014-03-13 02:09 - 00000000 ____D () C:\FRST 2014-02-16 03:29 - 2014-03-13 02:08 - 02157056 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe 2014-02-16 02:44 - 2013-10-01 21:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-02-16 02:43 - 2013-10-01 22:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-02-16 02:43 - 2013-10-01 22:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-02-16 02:43 - 2013-10-01 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-02-16 02:43 - 2013-10-01 21:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-02-16 02:43 - 2013-10-01 21:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-02-16 02:43 - 2013-10-01 21:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-02-16 02:43 - 2013-10-01 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-02-16 02:43 - 2013-10-01 20:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-02-16 02:43 - 2013-10-01 20:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-02-16 02:43 - 2013-10-01 20:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-02-16 02:43 - 2013-10-01 20:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-02-16 02:43 - 2013-10-01 19:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-02-16 02:43 - 2013-10-01 19:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-02-16 02:43 - 2013-10-01 19:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-02-16 02:43 - 2013-10-01 18:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-02-16 02:40 - 2013-09-24 22:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-02-16 02:40 - 2013-09-24 21:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-02-15 15:28 - 2014-02-15 20:24 - 00000000 ____D () C:\Users\Jeremy\Desktop\Smackdown 2014-02-14 10:17 - 2014-02-14 10:17 - 04721920 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup410.exe 2014-02-14 10:15 - 2014-02-14 10:16 - 00001152 _____ () C:\DelFix.txt 2014-02-13 03:31 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-02-13 03:31 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-13 03:31 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-13 03:31 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-13 03:31 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-13 03:31 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-13 03:31 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-13 03:31 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-02-13 03:31 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-13 03:31 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-13 03:31 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-13 03:31 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-13 03:31 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-13 03:31 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-13 03:31 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-13 03:31 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 03:31 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-13 03:31 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-02-13 03:31 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-02-13 03:31 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-13 03:31 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-13 03:31 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-13 03:31 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-13 03:31 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-02-13 03:31 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-13 03:31 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-13 03:31 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-13 03:31 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-11 06:24 - 2014-02-11 06:24 - 00024662 _____ () C:\Users\Jeremy\Desktop\ESET SCAN .txt 2014-02-11 02:33 - 2014-02-23 09:12 - 00000000 ____D () C:\Users\Jeremy\Desktop\backups ==================== One Month Modified Files and Folders ======= 2014-03-13 02:09 - 2014-02-16 03:29 - 00014427 _____ () C:\Users\Jeremy\Desktop\FRST.txt 2014-03-13 02:09 - 2014-02-16 03:29 - 00000000 ____D () C:\FRST 2014-03-13 02:08 - 2014-02-16 03:29 - 02157056 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe 2014-03-13 01:59 - 2012-01-20 18:32 - 01355941 _____ () C:\Windows\WindowsUpdate.log 2014-03-13 01:47 - 2013-10-12 04:30 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-03-13 01:19 - 2012-02-03 05:22 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\foobar2000 2014-03-13 01:14 - 2013-09-05 18:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-03-13 01:08 - 2013-12-15 02:00 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job 2014-03-13 01:08 - 2013-12-15 02:00 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job 2014-03-12 23:19 - 2014-03-09 10:50 - 00000616 _____ () C:\Windows\setupact.log 2014-03-12 21:58 - 2014-03-12 21:58 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\ReverbNationPromoter 2014-03-12 07:47 - 2013-10-12 04:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-03-12 05:16 - 2012-05-10 08:02 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\FileZilla 2014-03-12 05:12 - 2014-03-12 05:12 - 04822473 _____ (Tim Kosse) C:\Users\Jeremy\Desktop\FileZilla_3.7.4.1_win32-setup.exe 2014-03-12 05:12 - 2012-05-10 08:02 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client 2014-03-11 14:05 - 2014-03-11 14:03 - 00000000 ____D () C:\Users\Jeremy\Desktop\The Jiggy Jaguar Show 2014-03-11 13:29 - 2013-05-14 09:46 - 00000000 ____D () C:\Users\Jeremy\Desktop\Market 2014-03-09 10:55 - 2009-07-14 00:45 - 00021296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-03-09 10:55 - 2009-07-14 00:45 - 00021296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-03-09 10:54 - 2009-07-14 01:13 - 00833198 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-03-09 10:50 - 2014-03-09 10:50 - 00007940 _____ () C:\Windows\PFRO.log 2014-03-09 10:50 - 2014-03-09 10:50 - 00000000 _____ () C:\Windows\setuperr.log 2014-03-09 10:50 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-03-09 10:40 - 2014-03-09 10:40 - 04765152 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup411.exe 2014-03-09 10:40 - 2014-02-09 01:43 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-03-09 10:40 - 2013-06-28 10:36 - 00000000 ____D () C:\Program Files\CCleaner 2014-03-09 10:34 - 2012-02-03 05:04 - 00000402 _____ () C:\Users\Jeremy\Desktop\Cue Up.txt 2014-03-09 07:59 - 2013-04-11 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-03-09 01:22 - 2014-02-08 08:15 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\CrashDumps 2014-03-09 01:22 - 2011-02-10 10:02 - 00000000 ____D () C:\Windows\panther 2014-03-08 14:13 - 2013-12-13 06:03 - 00000000 ____D () C:\Users\Jeremy\Desktop\Updates 2014-03-08 14:06 - 2012-02-03 04:04 - 00000000 ____D () C:\Program Files (x86)\VideoLAN 2014-03-08 13:57 - 2012-02-03 03:56 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Adobe 2014-03-08 13:56 - 2013-09-05 18:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-03-08 13:56 - 2013-05-10 04:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-03-08 13:56 - 2013-05-10 04:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-03-08 12:11 - 2014-03-08 12:11 - 00003136 _____ () C:\Windows\System32\Tasks\{BAEC0EE1-2A3E-4685-AEEB-26CA549B00A2} 2014-03-08 12:08 - 2014-03-08 12:08 - 01883792 _____ (Irfan Skiljan) C:\Users\Jeremy\Desktop\iview437_setup.exe 2014-03-05 07:07 - 2014-03-05 07:07 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher 2014-03-03 21:24 - 2014-03-03 21:24 - 00000033 _____ () C:\Users\Jeremy\Desktop\For jiggyjaguar.txt 2014-03-03 09:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-03-03 09:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing 2014-03-03 09:08 - 2014-02-09 18:02 - 55915216 _____ (Microsoft Corporation) C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe 2014-03-03 05:02 - 2012-02-03 03:09 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\Dropbox 2014-03-02 20:08 - 2012-02-03 03:34 - 00000000 ___RD () C:\Users\Jeremy\Dropbox 2014-03-02 15:45 - 2013-08-24 05:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-02-28 05:42 - 2014-02-16 03:30 - 00059422 _____ () C:\Users\Jeremy\Desktop\Addition.txt 2014-02-25 11:51 - 2012-02-02 22:22 - 00111952 _____ () C:\Users\Jeremy\AppData\Local\GDIPFONTCACHEV1.DAT 2014-02-25 11:49 - 2014-02-25 11:49 - 00000020 ___SH () C:\Users\Jeremy\ntuser.ini 2014-02-25 11:49 - 2012-02-02 22:17 - 00000000 ____D () C:\Users\Jeremy 2014-02-25 11:49 - 2010-11-21 03:16 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-02-25 11:49 - 2009-07-14 00:45 - 04979072 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-02-25 11:47 - 2014-02-25 11:12 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2014-02-25 11:43 - 2009-07-13 22:34 - 00000581 _____ () C:\Windows\win.ini 2014-02-25 11:38 - 2011-02-10 12:10 - 00833198 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-02-25 11:01 - 2014-02-25 11:01 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JEREMY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat 2014-02-25 10:59 - 2014-02-25 10:59 - 00000000 ____D () C:\RegBackup 2014-02-25 10:57 - 2014-02-25 10:56 - 00000000 ____D () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair 2014-02-25 10:56 - 2014-02-25 10:56 - 03089596 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio.zip 2014-02-23 11:13 - 2014-02-23 11:13 - 00018305 _____ () C:\Users\Jeremy\Desktop\ESET SCAN.txt 2014-02-23 09:12 - 2014-02-11 02:33 - 00000000 ____D () C:\Users\Jeremy\Desktop\backups 2014-02-22 05:51 - 2014-02-22 05:51 - 00009366 _____ () C:\Users\Jeremy\Desktop\hijackthis.log 2014-02-22 05:49 - 2014-02-22 05:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy\Desktop\HijackThis.exe 2014-02-22 04:41 - 2013-12-03 05:56 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-22 04:40 - 2014-02-22 04:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-02-22 04:39 - 2014-02-22 04:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-02-22 04:39 - 2014-02-22 04:40 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-02-22 04:39 - 2014-02-22 04:40 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-02-22 04:39 - 2012-01-20 16:49 - 00000000 ____D () C:\Program Files (x86)\Java 2014-02-22 03:31 - 2013-12-03 05:51 - 00921000 _____ (Oracle Corporation) C:\Users\Jeremy\Desktop\jxpiinstall.exe 2014-02-22 02:50 - 2014-02-22 02:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-02-22 02:50 - 2012-02-03 03:46 - 00000000 ____D () C:\ProgramData\Adobe 2014-02-22 02:50 - 2012-01-20 17:08 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-02-21 05:04 - 2012-02-02 22:22 - 00000000 ___RD () C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-20 16:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache 2014-02-20 07:29 - 2014-02-20 07:29 - 00000000 ____D () C:\_OTL 2014-02-19 05:46 - 2012-10-30 17:19 - 00000000 ____D () C:\Users\Jeremy\Desktop\- TV 2014-02-18 22:33 - 2014-02-18 22:25 - 00124930 _____ () C:\Users\Jeremy\Desktop\Extras.Txt 2014-02-18 22:25 - 2014-02-18 22:25 - 00115186 _____ () C:\Users\Jeremy\Desktop\OTL.Txt 2014-02-18 22:16 - 2014-02-18 22:16 - 00602112 _____ (OldTimer Tools) C:\Users\Jeremy\Desktop\OTL.exe 2014-02-18 15:50 - 2014-02-18 15:33 - 00000000 ____D () C:\Users\Jeremy\Desktop\RK_Quarantine 2014-02-18 15:33 - 2014-02-18 15:33 - 04408320 _____ () C:\Users\Jeremy\Desktop\RogueKillerX64.exe 2014-02-18 15:32 - 2013-10-07 04:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-02-18 15:08 - 2013-10-27 13:41 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-02-18 15:07 - 2014-02-02 02:27 - 00000000 ____D () C:\Users\Jeremy\Desktop\For Malware Bytes 2014-02-18 08:57 - 2014-02-18 08:56 - 00000000 ____D () C:\ProgramData\CanonIJMIG 2014-02-18 08:57 - 2014-02-18 08:53 - 00000000 ____D () C:\ProgramData\CanonIJScan 2014-02-18 08:53 - 2013-02-02 06:07 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\canon 2014-02-16 22:35 - 2014-01-05 07:45 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-02-16 22:35 - 2013-12-15 15:26 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-02-16 22:35 - 2013-08-24 05:03 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-16 22:35 - 2013-08-24 05:03 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-02-16 22:35 - 2013-08-24 05:03 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-16 22:35 - 2013-08-24 05:03 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-16 22:35 - 2013-08-24 05:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-16 22:28 - 2014-02-16 22:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\FRST-OlderVersion 2014-02-16 12:32 - 2012-02-07 05:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\WrestlingAudio.com 2014-02-16 02:51 - 2013-07-22 23:41 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-16 02:45 - 2012-02-03 04:13 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-15 20:24 - 2014-02-15 15:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\Smackdown 2014-02-15 08:42 - 2013-10-12 04:30 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-15 08:42 - 2013-10-12 04:30 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-02-14 23:20 - 2012-05-02 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-14 10:17 - 2014-02-14 10:17 - 04721920 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup410.exe 2014-02-14 10:16 - 2014-02-14 10:15 - 00001152 _____ () C:\DelFix.txt 2014-02-14 10:15 - 2013-05-16 00:48 - 00000000 ____D () C:\Windows\ERUNT 2014-02-14 10:08 - 2013-06-27 11:12 - 00000000 ____D () C:\Windows\erdnt 2014-02-11 06:24 - 2014-02-11 06:24 - 00024662 _____ () C:\Users\Jeremy\Desktop\ESET SCAN .txt ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-20 16:07 ==================== End Of Log ============================
- March 13, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

It's ok. Well Internet Explorer is still not working, but the software that needs to work in conjunction with it has been working. So disabling the add-ons in Internet Explorer may have done the trick even though Internet Explorer itself is not working. That's good enough for me since I don't actually use Internet Explorer. I don't know if anything else can be done for all the other issues that I still have which I have had for these 2 last threads that I've made on here. I can't fault you guys fornot being able to fix it because I think it's quite possibly an issue with my computer. I imagine I am at fault because I'm not willing to re-install windows as I've never done that before, and don't trust myself at all to have all of my programs up and running properly since I was never taught how to do that. Alot of it has been set up for me over the years so I never did that with any computer I've had. The BSOD's never came back which is a good sign. If there's anything else you can think of to try to fix the problems with program hang ups, and program processes not ending after I terminate it then let me know. I've had this computer for 2 years now, and I think I've done a pretty good job maintaining the computer health. I think maybe viruses or malware from the past could have damaged it, but I'm not sure.
- March 11, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

I tried what was suggested though it's talking about Internet Explorer 7 while mine is Internet Explorer 11. I couldn't run Internet Explorer (No Add-Ons) normally so I had to run as administrator. I disabled all the add-ons, but Internet Explorer still won't launch normally without running it as administrator.
- March 5, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Yes I've done this multiple times, and did it again after reading this. It still won't launch.
- March 4, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

I would really like to get the Internet Explorer problem fixed because the fact it's not working has been hurting my music promotion since I can't use one of my programs. It needs to work with Internet Explorer.
- March 3, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

You mean re-install windows? I've never done that before, and I would screw it up. My friend who I no longer have set up my computer for me cause I don't know how to set up every little thing that he set up for me. So even if you guys assisted me I would be very unhappy with that because there's so many things that have to be configured properly. He did all of that, and I'm not going to even try to mess with things to that extreme. I always have malware on my computer if you consider PUP's malware. I just did a scan with malware bytes and it found 268 PUP's! Even when we do what we do and the logs are clean, the PUP's always come back. Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.03.03.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Jeremy :: JEREMY-PC [administrator] 3/3/2014 5:58:02 AM mbam-log-2014-03-03 (05-58-02).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 230953 Time elapsed: 6 minute(s), 17 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 268 C:\Users\Jeremy\AppData\Local\Temp\1020.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\10D9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1314.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1542.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\155A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1612.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1677.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\169.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\19AD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1CCE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1DAF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1E57.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1EA1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\1FC5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\20D7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2112.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\219A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\21A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\21A5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2265.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\252B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\260B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\27A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2A58.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2AE2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2C87.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2CFF.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2D3F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2D51.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2DC1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2DD1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3089.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3093.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3098.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3099.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\309A.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\309B.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\309C.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\30A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\30AC.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3173.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\31DB.tmp (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\333B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3374.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\36D8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\37BF.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\386D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\387B.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\39AD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3A88.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3A9E.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3AC9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3AEE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3BE0.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3D87.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3DA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3E1D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\41AE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\41D7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4445.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\44DD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\454B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4693.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\46E7.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\49B1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4A05.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4AAA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4AB5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4ABF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4B00.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4B20.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4B40.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4BE5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4C2A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4C64.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4C93.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4CC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4CD1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4EC8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4ED7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4F3B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4F68.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\51FF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\532E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\535E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5403.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5438.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\55B8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\55FA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5650.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5770.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5977.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5C0E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5C17.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5DD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5EF4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\60A3.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\60A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\60B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6111.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6166.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\61EE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\620.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6292.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\63DB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\668B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6779.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\67AC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\67B8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\68D8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6909.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6B10.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6BAA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6BAC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6C96.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6CBC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6DA8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6E24.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6E32.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6EB7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6F6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\7228.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\733C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\737B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\7502.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\78C6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\791B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\7A7A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\7A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\7B9C.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\7ED.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\7FAA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\80E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8109.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\83BF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\850E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8668.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8754.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\875A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\882F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\88B9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\88BC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\88EA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8BC2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8C13.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8E87.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8F10.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8F38.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8F64.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\9377.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\946E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\9513.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\96D1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\99DE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\9BA2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\9BFC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\9D71.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\9DB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A110.tmp (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A273.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A44B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A51F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A61C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A627.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A6A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A6ED.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A7D2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A83C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A847.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A98A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\AA4B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\AC02.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\AC5F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\AD99.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\ADEF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\AEA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\AFEE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B08D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B142.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B1B2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B236.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B26D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B2B8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B53F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B541.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\BA2B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\BA69.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\BD01.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\BD6E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\BDE8.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C071.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C17C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C184.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C27.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C28.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C2DA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C5A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C64.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C728.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C9C0.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CE3E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CE9D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CEBD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CEF7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CFC1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D045.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D1E7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D363.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D38B.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D7A2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D8D1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DA58.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DABC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DB46.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DB5F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DB86.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DBB8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DBBB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DD55.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DD8C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DE5E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DEF8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DFD6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E0F2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E177.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E18F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E1C8.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E2EA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E39E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E49E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E57E.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E57F.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E580.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E581.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E582.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E583.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E69F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E760.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E80E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E8B4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E900.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E9F5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EA36.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EAB1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EBAD.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EBBE.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EC30.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\ED35.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\ED36.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EE02.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EED1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F1BF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F1E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F237.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F240.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F2D7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F531.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F84F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F880.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F8F6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\FA1C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\FAA7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\FB68.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\FBD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\FBE6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\FD4C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\FE16.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\FECC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. (end)
- March 3, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Yeah I'm having even quicker program crashes now.
- March 3, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Still haven't used the programs to see, won't be using them till tonight probably. I re-did the steps, but when I uncheck avast on both the services and startup tab then click apply it just re-checks avast on both tabs.
- March 2, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Ok I just did the first step of unchecking everything, but I didn't uncheck the avast anti-virus because it seems self-explanatory to not check it. Should I have unchecked that as well. I need to get sleep so when I use programs, I will see if I have any issues. Internet Explorer still doesn't work. If nothing changes and the issues persist, what do I do? I see what I should do if things are getting better, but not the other way around.
- March 2, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02 Ran by Jeremy at 2014-02-28 04:40:12 Running from C:\Users\Jeremy\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AAMS Auto Audio Mastering System V2.5 (HKLM-x32\...\AAMS Auto Audio Mastering System V2.5) (Version: - ) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems) Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated) Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version: - ) Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.) Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated) Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated) Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated) Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 Content (HKLM-x32\...\Adobe Premiere Elements 10 Content) (Version: 10.0 - Adobe Systems Incorporated) Adobe Premiere Elements 10 Content (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 HD Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 HD Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Premiere Elements 10 HD Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated) AIM for Windows (HKCU\...\AIM) (Version: - AOL Inc.) AIPL WarmTone DX v2.2 (HKLM-x32\...\AIPL WarmTone DX v2.2) (Version: - ) Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version: - ) Antares Microphone Modeler - ZONE (HKLM-x32\...\Antares Microphone Modeler - ZONE) (Version: - ) Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach) Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team) avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software) Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo) Blaine's Alias Title (HKLM\...\{2758AEE7-EDC9-49B6-9498-7FF378944F3C}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Bloom/Negative Effects (HKLM\...\{4FC89A20-FA00-4AD7-B5E6-AC64E67C4273}) (Version: 1.1.0 - Blaine's Movie Maker Blog) Blaine's Cartoonify Effects (HKLM\...\{442935B7-87F8-4D86-9E76-41F5A0D82132}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Color Fade Effects (HKLM\...\{1A2D9795-4979-447B-BB34-B8DE7A45B8CE}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Contrast Effects (HKLM\...\{B9BB9850-4A9F-4D16-8089-82EDA9F69650}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Custom Dreamy Look Title (HKLM\...\{36F14E9E-3F89-43EF-948D-D4E1A9021508}) (Version: 2.0.1 - Blaine's Movie Maker Blog) Blaine's Custom Speed Effects (HKLM\...\{35F7B5BB-670F-4E71-9ED2-C772F17B3C8F}) (Version: 2.0.1 - Blaine's Movie Maker Blog) Blaine's Film Looks Effects (HKLM\...\{95BCCCA2-447E-4F8F-A4C5-49D5700BE627}) (Version: 1.0.1 - Blaine's Movie Maker Blog) Blaine's Letterbox Effects (HKLM\...\{53EE9AAB-CD12-454C-BDD8-32BDC289757F}) (Version: 1.0.3 - Blaine's Movie Maker Blog) Blaine's Pixelate Effects (HKLM\...\{299687D9-4E2A-41F5-84B4-2145AD3A866A}) (Version: 1.0.2 - Blaine's Movie Maker Blog) Blaine's TV Signal Effects (HKLM\...\{344B6293-5ED2-4091-A574-8D5D14D65AB3}) (Version: 1.0.0 - Blaine's Movie Maker Blog) BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - ‪Canon Inc.‬) Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.) Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.) Canon MG2200 series User Registration (HKLM-x32\...\Canon MG2200 series User Registration) (Version: - Canon Inc.‎) Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.) Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.) Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.) Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSELPH110HS_IXUS125HS) (Version: 1.0.0.7 - Canon Inc.) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.) Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.) Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.1.1.19 - Canon Inc.) Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform) CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3099 - CDBurnerXP) ClickFix Lite for Adobe Audition version 3.04 (remove only) (HKLM-x32\...\ClickFix Lite for Adobe Audition version 3.04) (Version: - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.4.0 - Conexant) ContaCam (HKLM-x32\...\ContaCam) (Version: 4.0.5 - Contaware.com) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.) Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) EULAlyzer 2.2 (HKLM-x32\...\EULAlyzer_is1) (Version: 2.2.0 - BrightFort LLC) Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited) FastStone Capture 6.8 (HKLM-x32\...\FastStone Capture) (Version: 6.8 - FastStone Soft) Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.5.9 - Telerik) FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse) foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski) Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright© 2005-2013 FreeSoundRecorder Technologies, Inc.) FreeUndelete 2.1.36867.1 (HKLM-x32\...\{0F5ADA2F-C0B2-4AD6-8FF7-7DFA9D6B4CBA}) (Version: 2.1.36867.1 - Recoveronix) GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.) GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.24.000 - Runtime Software) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.) Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - ) HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP) HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP) HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan) iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.) Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden K-Lite Codec Pack 10.1.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - ) Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.) LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation) Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden MixMeister Studio 7.2.2 (HKLM-x32\...\MixMeister Studio 7.2.2_is1) (Version: - ) Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation) Moyea FLV to Video Converter Pro version 1.29.2.11 (HKLM-x32\...\{A777CB31-A5EC-4E32-A462-2E24F45D4D4F}_is1) (Version: - ) Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla) Mp3 Song Plays Increaser (HKLM-x32\...\{FBC0353C-CAFA-4648-91BC-9299774A80E8}) (Version: 1.0.3 - mp3songplays.com) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP) OLYMPUS Master 2 (HKLM-x32\...\{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}) (Version: 1.0.13 - OLYMPUS IMAGING CORP.) Paltalk Messenger 11.2 (HKLM-x32\...\Paltalk Messenger) (Version: 11.2.0 - AVM Software Inc.) PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation) PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.) QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.) Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software) Recuva (HKLM\...\Recuva) (Version: 1.37 - Piriform) Sandboxie 4.04 (64-bit) (HKLM\...\Sandboxie) (Version: 4.04 - Sandboxie Holdings, LLC) Share YouTube Videos version 1 (HKLM-x32\...\{55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1) (Version: 1 - ) Simple Search-Replace (HKLM-x32\...\{85BEDB91-5AB4-4066-8946-4EE980950F82}) (Version: 1.08.0000 - RJL Software, Inc.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.) SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.) SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.) SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden Sonic Foundry ACID 4.0e (HKLM-x32\...\{9B7DE025-A6AF-446B-86BE-3BD9604B498A}) (Version: 4.0.408 - Sonic Foundry) Sony Sound Forge 7.0 (HKLM-x32\...\{0712667C-A171-49AE-A098-4ACDA28625F8}) (Version: 7.0.214 - Sony) Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB) SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com) System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC) TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer) Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation) Universal Audio v4.4.0 Native (HKLM-x32\...\Universal Audio v4.4.0 Native) (Version: - ) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft) Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft) Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft) Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft) Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{8F32B14E-F85E-482C-BF8C-C04E1A5ADE4F}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft) Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft) Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft) Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft) Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft) VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN) Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR) Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version: - ) Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation) Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation) Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version: - ) Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 21-02-2014 08:36:21 Windows Modules Installer 21-02-2014 08:46:31 Windows Update 21-02-2014 08:58:38 Windows Update 22-02-2014 05:26:46 Revo Uninstaller's restore point - Adobe Reader XI (11.0.05) 22-02-2014 06:34:58 Revo Uninstaller's restore point - Adobe Photoshop.com Inspiration Browser 22-02-2014 06:35:33 Removed Adobe Photoshop.com Inspiration Browser 22-02-2014 07:32:13 Removed Java 7 Update 51 22-02-2014 08:39:35 Installed Java 7 Update 51 25-02-2014 11:42:50 Windows Update 25-02-2014 14:59:33 Tweaking.com - Windows Repair ==================== Hosts content: ========================== 2012-02-03 06:35 - 2014-02-25 10:43 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (whitelisted) ============= Task: {000BB44C-CE99-4636-893C-73FD773565F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd) Task: {1F98F092-786D-4758-93FA-BB2417F803F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.) Task: {45063B76-A9B1-4603-9713-97C6707EF7C9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-16] (AVAST Software) Task: {683E96DA-D02F-49A0-B2C5-92EE1ABC6674} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.) Task: {68FD1AED-AB87-4272-804A-71E26C6C771A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMLJLMNJHMNJJMNJNJCNLJMJHMLMCNLMMJJJNJCNHMJMKJKJCNNJNJKMGMMJNJNJHMHMJJGMKJJNJICMIMCNGMCNPMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMLMJNHICMEKMICNJJCKJNBJCMFLKJNIKJCJGIJNKJCMJNNICMJNDJCMKJBJ" Task: {72AC25D4-AFF2-4C7F-83D2-00CCA50383AB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {77F35599-F36B-4ED7-B88D-EAF50A444D3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.) Task: {C0D1F864-CDC5-4232-974C-01C2003C9936} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe Task: {EE44E6C4-F4D7-46EB-B9D2-0080B4AEE915} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-09] (Adobe Systems Incorporated) Task: {F0EFFE04-2F5C-4341-8D1C-D8FC357FF2C9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2012-01-20 17:07 - 2011-01-27 10:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2013-11-08 02:48 - 2013-11-08 02:48 - 01279512 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe 2011-09-02 03:30 - 2011-09-02 03:30 - 00149680 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\PreRegistration.dll 2011-09-02 03:36 - 2011-09-02 03:36 - 01341616 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\EUIFramework.dll 2011-09-02 03:36 - 2011-09-02 03:36 - 08938672 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\UIFramework.dll 2011-09-02 03:34 - 2011-09-02 03:34 - 00033456 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Startup.dll 2011-09-02 03:30 - 2011-09-02 03:30 - 08055472 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Premiere.dll 2011-09-02 03:38 - 2011-09-02 03:38 - 00340656 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\OLS.dll 2011-09-02 03:35 - 2011-09-02 03:35 - 09241776 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Mezzanine.dll 2011-09-02 03:32 - 2011-09-02 03:32 - 03793584 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\AMocWrapper.dll 2011-09-02 03:33 - 2011-09-02 03:33 - 11961008 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HSL.dll 2011-09-02 03:32 - 2011-09-02 03:32 - 00607920 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerSharingCenter.dll 2011-09-02 03:31 - 2011-09-02 03:31 - 00993968 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerOrganizer.dll 2011-09-02 03:31 - 2011-09-02 03:31 - 00373424 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerMovieTheme.dll 2011-09-02 03:38 - 2011-09-02 03:38 - 00605360 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerDVDLayout.dll 2011-09-02 03:32 - 2011-09-02 03:32 - 02809520 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerTimeline.dll 2011-09-02 03:32 - 2011-09-02 03:32 - 02973360 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerProject.dll 2011-09-02 03:31 - 2011-09-02 03:31 - 01899184 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerMonitor.dll 2011-09-02 03:31 - 2011-09-02 03:31 - 00166064 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerInfo.dll 2011-09-02 03:30 - 2011-09-02 03:30 - 00171696 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerHistory.dll 2011-09-02 03:30 - 2011-09-02 03:30 - 00109744 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerGetProperties.dll 2011-09-02 03:30 - 2011-09-02 03:30 - 00096944 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerEvents.dll 2011-09-02 03:30 - 2011-09-02 03:30 - 03462320 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerEffectControls.dll 2011-09-02 03:38 - 2011-09-02 03:38 - 01187504 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerCapture.dll 2011-09-02 03:38 - 2011-09-02 03:38 - 00285872 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerAudioNarration.dll 2011-09-02 03:37 - 2011-09-02 03:37 - 00924848 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerAudioMixer.dll 2011-09-02 03:30 - 2011-09-02 03:30 - 00215728 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\ContentAnalysisHost.dll 2011-09-02 03:34 - 2011-09-02 03:34 - 01169584 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\DVDCreator.dll 2011-09-02 03:30 - 2011-09-02 03:30 - 00189616 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\AdobeASWrapperClient.dll 2011-09-02 03:34 - 2011-09-02 03:34 - 00084656 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\DVDStructures.dll 2011-09-02 03:36 - 2011-09-02 03:36 - 00039600 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\BackendLegacyLib.dll 2011-09-02 03:31 - 2011-09-02 03:31 - 00028848 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Localeresources\en_US\Mezzanine_en_US.DLL 2011-09-02 03:31 - 2011-09-02 03:31 - 00021168 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Localeresources\en_US\HSL_en_US.DLL 2011-09-02 03:31 - 2011-09-02 03:31 - 00041648 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Localeresources\en_US\HandlerDVDLayout_en_US.DLL 2011-09-02 03:32 - 2011-09-02 03:32 - 00048304 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HeadlightsWrapper.dll 2011-09-02 03:36 - 2011-09-02 03:36 - 01261744 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\TitlerCreator.dll 2011-09-02 03:37 - 2011-09-02 03:37 - 00070320 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\BravoInitializer.dll 2011-09-02 03:33 - 2011-09-02 03:33 - 02190512 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\ImageRenderer.dll 2011-09-02 03:37 - 2011-09-02 03:37 - 00017072 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\ObjectTrackingWrapper.dll 2011-09-02 01:01 - 2011-09-02 01:01 - 00015872 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\WaveAE.prm 2011-09-02 03:37 - 2011-09-02 03:37 - 07884976 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\AdobeElements5.dll 2011-09-02 03:32 - 2011-09-02 03:32 - 00154288 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\ARA.dll 2011-09-02 01:01 - 2011-09-02 01:01 - 10999296 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\CartoonrPlus.aex 2011-09-02 01:01 - 2011-09-02 01:01 - 00015872 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\MetallicGoldAE.prm 2011-09-02 01:01 - 2011-09-02 01:01 - 00015872 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\MetallicCopperAE.prm 2011-09-02 03:36 - 2011-09-02 03:36 - 00299184 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\MOG_Framework_2.1.2.dll 2014-02-25 09:05 - 2014-02-25 03:47 - 02182144 _____ () C:\Program Files\AVAST Software\Avast\defs\14022500\algo.dll 2014-02-27 18:33 - 2014-02-27 15:19 - 02186240 _____ () C:\Program Files\AVAST Software\Avast\defs\14022701\algo.dll 2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2013-12-15 14:26 - 2013-12-15 14:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2014-02-20 22:50 - 2014-02-19 20:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll 2013-08-07 14:25 - 2013-08-07 14:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll 2014-02-20 22:50 - 2014-02-19 20:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll 2014-02-20 22:50 - 2014-02-19 20:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll 2014-02-20 22:50 - 2014-02-19 20:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll 2014-02-20 22:50 - 2014-02-19 20:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll 2014-02-20 22:50 - 2014-02-19 20:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll 2013-04-11 19:58 - 2014-02-14 09:09 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2013-11-18 05:11 - 2013-11-14 13:00 - 01235456 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-55.dll 2013-11-18 05:11 - 2013-11-14 13:00 - 08113152 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-55.dll 2013-11-18 05:11 - 2013-11-14 13:00 - 00358912 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-52.dll 2013-11-18 05:11 - 2013-11-14 13:00 - 00235008 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\libbluray.dll 2013-11-18 05:11 - 2013-11-14 13:00 - 00385024 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll 2013-11-18 05:11 - 2013-11-14 13:00 - 00212480 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll 2013-11-18 05:11 - 2013-11-14 13:00 - 00120832 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avresample-lav-1.dll 2014-02-09 02:49 - 2014-02-09 02:49 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll 2013-10-05 12:33 - 2008-06-12 13:56 - 00971776 _____ () C:\Program Files (x86)\Steinberg\VstPlugins\PitchShifter.dll 2014-02-20 22:50 - 2014-02-19 20:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll 2011-09-02 03:34 - 2011-09-02 03:34 - 01839792 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\32\ImageRenderer.dll 2013-11-08 01:47 - 2013-11-08 01:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\..\cef\hitleap-viewer-browser.exe 2013-11-08 01:47 - 2013-11-08 01:47 - 36561408 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\libcef.dll 2013-11-08 01:47 - 2013-11-08 01:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe 2013-11-08 01:47 - 2013-11-08 01:47 - 00862208 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= AlternateDataStreams: C:\ProgramData\Temp:5C321E34 ==================== Safe Mode (whitelisted) =================== ==================== Disabled items from MSCONFIG ============== MSCONFIG\Services: !SASCORE => 2 MSCONFIG\Services: Adobe LM Service => 3 MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2 MSCONFIG\Services: AdobeARMservice => 2 MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: cphs => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: IDriverT => 3 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: SwitchBoard => 3 MSCONFIG\Services: TeamViewer8 => 2 MSCONFIG\Services: UMVPFSrv => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk => C:\Windows\pss\ImageBrowser EX Agent.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MailWasher.lnk => C:\Windows\pss\MailWasher.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tube Bot.lnk => C:\Windows\pss\Tube Bot.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_10354613.lnk => C:\Windows\pss\_uninst_10354613.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_24441005.lnk => C:\Windows\pss\_uninst_24441005.lnk.Startup MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_51818170.lnk => C:\Windows\pss\_uninst_51818170.lnk.Startup MSCONFIG\startupreg: AddMeFastBotv4.exe => D:\- Jeremy\- Programs\- Website Tools\- Bots\AddMeFastBotv4.exe MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jeremy\AppData\Local\Akamai\netsession_win.exe" MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: BrowseForTheCause => C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe MSCONFIG\startupreg: BrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\BrowserSyncSetup.exe"repair update startup MSCONFIG\startupreg: CAHeadless => C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon MSCONFIG\startupreg: ContaCam => C:\Program Files (x86)\ContaCam\ContaCam.exe MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe MSCONFIG\startupreg: EV_Autowatcher_Download-Carbon0x => C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe MSCONFIG\startupreg: Facebook Update => "C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe" MSCONFIG\startupreg: Google Update => "C:\Users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: GoogleChromeAutoLaunch_6D3B45FEBE36B822DCB3796A57AA2386 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe MSCONFIG\startupreg: IEBrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\IE\IEBrowserSync.exe" MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart MSCONFIG\startupreg: Pinger => "C:\Program Files (x86)\Pinger\Pinger.exe" MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe" MSCONFIG\startupreg: Spotify => "C:\Users\Jeremy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe MSCONFIG\startupreg: ThreadManager.exe => C:\Program Files (x86)\Thread Manager\ThreadManager.exe MSCONFIG\startupreg: urlspace => C:\Users\Jeremy\Desktop\Market\When Asleep\jingling.exe -h ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/27/2014 02:04:24 AM) (Source: Application Error) (User: ) Description: Faulting application name: Audition.exe, version: 1.5.4124.1, time stamp: 0x40980e38 Faulting module name: Audition.exe, version: 1.5.4124.1, time stamp: 0x40980e38 Exception code: 0xc0000005 Fault offset: 0x00235f76 Faulting process id: 0x18d0 Faulting application start time: 0xAudition.exe0 Faulting application path: Audition.exe1 Faulting module path: Audition.exe2 Report Id: Audition.exe3 Error: (02/26/2014 05:01:38 AM) (Source: Application Hang) (User: ) Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: dc8 Start Time: 01cf3241842ba386 Termination Time: 21 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: f87d8e68-9ecc-11e3-b2a5-d067e52c8165 Error: (02/25/2014 11:18:37 AM) (Source: .NET Runtime) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5156. Message ID: [0x2509]. Error: (02/25/2014 11:14:52 AM) (Source: .NET Runtime) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5800. Message ID: [0x2509]. Error: (02/25/2014 11:11:09 AM) (Source: .NET Runtime) (User: ) Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5852. Message ID: [0x2509]. Error: (02/25/2014 10:40:16 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY) Description: Error 0x8004401e encountered when trying to load MOF C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICESOFTWAREPROTECTIONPLATFORM\OSPPWMI.MOF while recovering .MOF file marked with autorecover. Error: (02/25/2014 10:40:02 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY) Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL while recovering .MOF file marked with autorecover. Error: (02/25/2014 10:39:30 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY) Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF while recovering .MOF file marked with autorecover. Error: (02/25/2014 08:50:06 AM) (Source: Application Hang) (User: ) Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1a18 Start Time: 01cf311e371c8db9 Termination Time: 240 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: b8dc51ea-9e23-11e3-a255-d067e52c8165 Error: (02/24/2014 00:06:44 AM) (Source: Application Hang) (User: ) Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 1234 Start Time: 01cf2fb2d3c400c9 Termination Time: 195 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: 710b75fe-9d11-11e3-a255-d067e52c8165 System errors: ============= Error: (02/26/2014 11:05:56 PM) (Source: DCOM) (User: ) Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63} Error: (02/25/2014 10:53:46 AM) (Source: DCOM) (User: ) Description: {0002DF01-0000-0000-C000-000000000046} Error: (02/25/2014 10:50:07 AM) (Source: WMPNetworkSvc) (User: ) Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly. Error: (02/25/2014 10:43:31 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY) Description: There was an error while attempting to read the local hosts file. Error: (02/21/2014 04:12:03 AM) (Source: DCOM) (User: ) Description: {0002DF01-0000-0000-C000-000000000046} Error: (02/21/2014 03:48:31 AM) (Source: DCOM) (User: ) Description: {0002DF01-0000-0000-C000-000000000046} Error: (02/21/2014 03:31:16 AM) (Source: Service Control Manager) (User: ) Description: The Windows Modules Installer service terminated with the following error: %%6701 Error: (02/21/2014 03:30:59 AM) (Source: Service Control Manager) (User: ) Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control. Error: (02/21/2014 03:03:51 AM) (Source: Disk) (User: ) Description: The device, \Device\Harddisk2\DR2, has a bad block. Error: (02/21/2014 02:56:40 AM) (Source: DCOM) (User: ) Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED} Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2013-10-06 01:34:22.151 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-06 01:34:22.098 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-06 01:34:22.044 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-10-06 01:34:21.990 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-09 15:23:06.934 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-09 15:23:06.888 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-09 15:23:06.841 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-08-09 15:23:06.795 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-06-27 11:19:20.910 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2013-06-27 11:19:20.872 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Percentage of memory in use: 95% Total physical RAM: 6056.63 MB Available physical RAM: 250.57 MB Total Pagefile: 12111.44 MB Available Pagefile: 3721.81 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:239.23 GB) NTFS Drive d: (Files) (Fixed) (Total:931.51 GB) (Free:90.77 GB) NTFS Drive e: (Media) (Fixed) (Total:931.51 GB) (Free:139.78 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 932 GB) (Disk ID: 3468B252) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 9D4CFAAC) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 34ECB17F) Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS) ==================== End Of Log ============================
- February 28, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02 Ran by Jeremy (administrator) on JEREMY-PC on 28-02-2014 04:38:48 Running from C:\Users\Jeremy\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (MPC-HC Team) C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe (Adobe Systems®, Incorporated) C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems®, Incorporated) C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe (Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe (Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe (Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Premiere Elements 10\Adobe Premiere Elements.exe (Adobe Systems Incorporated ) C:\Program Files\Adobe\Adobe Premiere Elements 10\32\dynamiclinkmanager.exe (Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Premiere Elements 10\32\Adobe QT32 Server.exe ==================== Registry (Whitelisted) ================== HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-16] (AVAST Software) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-4055183432-471262313-3685020261-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_44_Plugin.exe [840584 2014-02-09] (Adobe Systems Incorporated) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46 Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]107.6.133.8,23.23.180.210 FireFox: ======== FF ProfilePath: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789 FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.) FF Extension: iMacros for Firefox - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-02-18] FF Extension: DownloadHelper - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-02-20] FF Extension: Block site - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-11-23] FF Extension: X-notifier - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013-09-21] FF Extension: ReloadEvery - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-02-21] FF Extension: Download YouTube Videos as MP4 - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-20] FF Extension: Adblock Plus - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21] FF Extension: Greasemonkey - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-06] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-24] FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-02-09] FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08] Chrome: ======= CHR HomePage: CHR Extension: (Easy Auto Refresh) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2014-02-21] CHR Extension: (Google Docs) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16] CHR Extension: (Google Drive) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16] CHR Extension: (YouTube) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16] CHR Extension: (Nanny for Google Chrome ) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno [2014-02-21] CHR Extension: (Google Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16] CHR Extension: (iMacros for Chrome) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2014-02-16] CHR Extension: (avast! Online Security) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-21] CHR Extension: (Website Blocker (Beta)) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-02-21] CHR Extension: (Google Wallet) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16] CHR Extension: (Gmail) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16] CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Jeremy\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2014-02-16] ==================== Services (Whitelisted) ================= S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-20] (Adobe Systems) R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-16] (AVAST Software) R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC) S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X] S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X] ==================== Drivers (Whitelisted) ==================== S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-16] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-15] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-15] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-16] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-16] (AVAST Software) R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-16] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-05] () R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-03] (DT Soft Ltd) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC) R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc) R3 VSTWinDriver6; C:\Windows\System32\drivers\VSTwindrvr6.sys [252928 2008-07-03] (Jungo) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) U3 DfSdkS; S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-02-25 10:49 - 2014-02-25 10:49 - 00000020 ___SH () C:\Users\Jeremy\ntuser.ini 2014-02-25 10:12 - 2014-02-25 10:47 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2014-02-25 10:01 - 2014-02-25 10:01 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JEREMY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat 2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\RegBackup 2014-02-25 09:56 - 2014-02-25 09:57 - 00000000 ____D () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair 2014-02-25 09:56 - 2014-02-25 09:56 - 03089596 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio.zip 2014-02-24 12:35 - 2014-02-24 12:36 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher 2014-02-23 10:13 - 2014-02-23 10:13 - 00018305 _____ () C:\Users\Jeremy\Desktop\ESET SCAN.txt 2014-02-22 04:51 - 2014-02-22 04:51 - 00009366 _____ () C:\Users\Jeremy\Desktop\hijackthis.log 2014-02-22 04:49 - 2014-02-22 04:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy\Desktop\HijackThis.exe 2014-02-22 04:42 - 2014-02-27 13:40 - 00002240 _____ () C:\Windows\setupact.log 2014-02-22 04:42 - 2014-02-22 04:42 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-22 04:41 - 2014-02-25 10:49 - 00021422 _____ () C:\Windows\PFRO.log 2014-02-22 03:40 - 2014-02-22 03:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-02-22 03:40 - 2014-02-22 03:39 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-02-22 03:40 - 2014-02-22 03:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-02-22 03:40 - 2014-02-22 03:39 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-02-22 01:50 - 2014-02-22 01:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-02-21 03:59 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-21 03:59 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-21 03:59 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-21 03:59 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-21 03:59 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-21 03:59 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-21 03:59 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-21 03:59 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-21 03:59 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-21 03:59 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-21 03:59 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-21 03:59 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-21 03:59 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-21 03:59 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-21 03:59 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-21 03:59 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-21 03:59 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-21 03:59 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-21 03:59 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-21 03:59 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-21 03:59 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-21 03:59 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-21 03:59 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-21 03:59 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-21 03:59 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-21 03:59 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-21 03:59 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-21 03:59 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-21 03:59 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-21 03:59 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-21 03:59 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-21 03:59 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-21 03:59 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-21 03:59 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-21 03:59 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-21 03:59 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-21 03:59 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-21 03:59 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-21 03:59 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-21 03:59 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-02-21 03:59 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-02-20 06:29 - 2014-02-20 06:29 - 00000000 ____D () C:\_OTL 2014-02-18 21:25 - 2014-02-18 21:33 - 00124930 _____ () C:\Users\Jeremy\Desktop\Extras.Txt 2014-02-18 21:25 - 2014-02-18 21:25 - 00115186 _____ () C:\Users\Jeremy\Desktop\OTL.Txt 2014-02-18 21:16 - 2014-02-18 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\Jeremy\Desktop\OTL.exe 2014-02-18 14:44 - 2014-02-18 14:44 - 00003589 _____ () C:\Users\Jeremy\Desktop\RKreport[0]_D_02182014_144400.txt 2014-02-18 14:37 - 2014-02-18 14:37 - 00004094 _____ () C:\Users\Jeremy\Desktop\RKreport[0]_S_02182014_143752.txt 2014-02-18 14:33 - 2014-02-18 14:50 - 00000000 ____D () C:\Users\Jeremy\Desktop\RK_Quarantine 2014-02-18 14:33 - 2014-02-18 14:33 - 04408320 _____ () C:\Users\Jeremy\Desktop\RogueKillerX64.exe 2014-02-18 07:56 - 2014-02-18 07:57 - 00000000 ____D () C:\ProgramData\CanonIJMIG 2014-02-18 07:53 - 2014-02-18 07:57 - 00000000 ____D () C:\ProgramData\CanonIJScan 2014-02-18 07:45 - 2014-02-18 13:59 - 00000000 ____D () C:\Users\Jeremy\Desktop\RAW 2014-02-16 21:28 - 2014-02-16 21:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\FRST-OlderVersion 2014-02-16 05:26 - 2013-11-26 18:29 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2014-02-16 05:26 - 2013-11-26 17:49 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-02-16 02:30 - 2014-02-16 02:32 - 00047814 _____ () C:\Users\Jeremy\Desktop\Addition.txt 2014-02-16 02:29 - 2014-02-28 04:39 - 00016426 _____ () C:\Users\Jeremy\Desktop\FRST.txt 2014-02-16 02:29 - 2014-02-28 04:38 - 00000000 ____D () C:\FRST 2014-02-16 02:29 - 2014-02-28 04:30 - 02155520 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe 2014-02-16 01:44 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll 2014-02-16 01:43 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys 2014-02-16 01:43 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe 2014-02-16 01:43 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll 2014-02-16 01:43 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll 2014-02-16 01:43 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll 2014-02-16 01:43 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll 2014-02-16 01:43 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll 2014-02-16 01:43 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll 2014-02-16 01:43 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll 2014-02-16 01:43 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe 2014-02-16 01:43 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe 2014-02-16 01:43 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll 2014-02-16 01:43 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-02-16 01:43 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll 2014-02-16 01:43 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe 2014-02-16 01:40 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-02-16 01:40 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-02-15 14:28 - 2014-02-15 19:24 - 00000000 ____D () C:\Users\Jeremy\Desktop\Smackdown 2014-02-14 09:17 - 2014-02-14 09:17 - 04721920 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup410.exe 2014-02-14 09:15 - 2014-02-14 09:16 - 00001152 _____ () C:\DelFix.txt 2014-02-13 02:31 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls 2014-02-13 02:31 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls 2014-02-13 02:31 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-02-13 02:31 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-02-13 02:31 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-02-13 02:31 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-02-13 02:31 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-02-13 02:31 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-02-13 02:31 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll 2014-02-13 02:31 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll 2014-02-13 02:31 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll 2014-02-13 02:31 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll 2014-02-13 02:31 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll 2014-02-13 02:31 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe 2014-02-13 02:31 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe 2014-02-13 02:31 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe 2014-02-13 02:31 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe 2014-02-13 02:31 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll 2014-02-13 02:31 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll 2014-02-13 02:31 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll 2014-02-13 02:31 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll 2014-02-13 02:31 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll 2014-02-13 02:31 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe 2014-02-13 02:31 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe 2014-02-13 02:31 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe 2014-02-13 02:31 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe 2014-02-13 02:31 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-02-13 02:31 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-02-11 05:24 - 2014-02-11 05:24 - 00024662 _____ () C:\Users\Jeremy\Desktop\ESET SCAN .txt 2014-02-11 01:33 - 2014-02-23 08:12 - 00000000 ____D () C:\Users\Jeremy\Desktop\backups 2014-02-10 00:35 - 2014-02-10 00:39 - 00000049 _____ () C:\Users\Jeremy\Desktop\Vocals Chains To Delete.txt 2014-02-09 17:02 - 2014-02-09 17:02 - 55915216 _____ (Microsoft Corporation) C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe 2014-02-09 16:50 - 2014-02-09 16:59 - 00000000 ____D () C:\Users\Jeremy\Documents\Fiddler2 2014-02-09 16:49 - 2014-02-09 16:50 - 00000000 ____D () C:\Program Files (x86)\Fiddler2 2014-02-09 15:17 - 2014-02-09 15:17 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\TeamViewer 2014-02-09 15:16 - 2014-02-09 15:16 - 05814120 _____ (TeamViewer GmbH) C:\Users\Jeremy\Desktop\TeamViewer_Setup_en.exe 2014-02-09 15:16 - 2014-02-09 15:16 - 00001164 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-02-09 15:16 - 2014-02-09 15:16 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-02-09 00:44 - 2014-02-09 00:44 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-02-09 00:43 - 2014-02-14 09:22 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-08 07:15 - 2014-02-27 02:04 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\CrashDumps 2014-02-07 22:34 - 2014-02-07 22:34 - 66963505 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(720p_H.264-AAC).mp4 2014-02-07 22:34 - 2014-02-07 22:34 - 63815791 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(720p_H.264-AAC).mp4 2014-02-07 22:34 - 2014-02-07 22:34 - 22989362 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(360p_VP8-Vorbis).webm 2014-02-07 22:31 - 2014-02-07 22:34 - 16442791 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(360p_H.264-AAC).mp4 2014-02-07 22:31 - 2014-02-07 22:31 - 20069413 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(360p_VP8-Vorbis).webm 2014-02-07 22:31 - 2014-02-07 22:31 - 16928555 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(360p_H.264-AAC).mp4 2014-02-07 22:29 - 2014-02-07 22:31 - 06795459 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(240p_H.264-AAC).3gp 2014-02-07 17:29 - 2014-02-07 17:31 - 08603169 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(240p_H.263-MP3).flv 2014-02-07 17:28 - 2014-02-07 17:29 - 02353391 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(144p_H.264-AAC).3gp 2014-02-04 01:57 - 2014-02-04 01:57 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2C241749.sys 2014-02-02 01:27 - 2014-02-18 14:07 - 00000000 ____D () C:\Users\Jeremy\Desktop\For Malware Bytes 2014-02-02 01:26 - 2014-02-02 01:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jeremy\Desktop\mbar-1.07.0.1009.exe 2014-02-01 01:34 - 2014-02-01 01:34 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\chc ==================== One Month Modified Files and Folders ======= 2014-02-28 04:39 - 2014-02-16 02:29 - 00016426 _____ () C:\Users\Jeremy\Desktop\FRST.txt 2014-02-28 04:38 - 2014-02-16 02:29 - 00000000 ____D () C:\FRST 2014-02-28 04:30 - 2014-02-16 02:29 - 02155520 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe 2014-02-28 04:14 - 2013-09-05 17:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-02-28 04:08 - 2013-12-15 01:00 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job 2014-02-28 03:47 - 2013-10-12 03:30 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-02-28 01:33 - 2012-02-03 04:22 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\foobar2000 2014-02-28 01:08 - 2013-12-15 01:00 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job 2014-02-27 20:44 - 2012-01-20 17:32 - 01659038 _____ () C:\Windows\WindowsUpdate.log 2014-02-27 13:40 - 2014-02-22 04:42 - 00002240 _____ () C:\Windows\setupact.log 2014-02-27 07:47 - 2013-10-12 03:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-02-27 02:04 - 2014-02-08 07:15 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\CrashDumps 2014-02-25 10:54 - 2009-07-14 00:13 - 00833198 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-02-25 10:54 - 2009-07-13 23:45 - 00021296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-02-25 10:54 - 2009-07-13 23:45 - 00021296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-02-25 10:51 - 2013-05-14 08:46 - 00000000 ____D () C:\Users\Jeremy\Desktop\Market 2014-02-25 10:51 - 2012-02-02 21:22 - 00111952 _____ () C:\Users\Jeremy\AppData\Local\GDIPFONTCACHEV1.DAT 2014-02-25 10:49 - 2014-02-25 10:49 - 00000020 ___SH () C:\Users\Jeremy\ntuser.ini 2014-02-25 10:49 - 2014-02-22 04:41 - 00021422 _____ () C:\Windows\PFRO.log 2014-02-25 10:49 - 2012-02-02 21:17 - 00000000 ____D () C:\Users\Jeremy 2014-02-25 10:49 - 2010-11-21 02:16 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-02-25 10:49 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-02-25 10:49 - 2009-07-13 23:45 - 04979072 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-02-25 10:47 - 2014-02-25 10:12 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE 2014-02-25 10:43 - 2009-07-13 21:34 - 00000581 _____ () C:\Windows\win.ini 2014-02-25 10:38 - 2011-02-10 11:10 - 00833198 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-02-25 10:37 - 2012-02-03 02:09 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\Dropbox 2014-02-25 10:01 - 2014-02-25 10:01 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JEREMY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat 2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\RegBackup 2014-02-25 09:57 - 2014-02-25 09:56 - 00000000 ____D () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair 2014-02-25 09:56 - 2014-02-25 09:56 - 03089596 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio.zip 2014-02-25 09:48 - 2012-02-03 04:04 - 00000408 _____ () C:\Users\Jeremy\Desktop\Cue Up.txt 2014-02-24 12:36 - 2014-02-24 12:35 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher 2014-02-23 23:56 - 2012-02-03 02:34 - 00000000 ___RD () C:\Users\Jeremy\Dropbox 2014-02-23 10:13 - 2014-02-23 10:13 - 00018305 _____ () C:\Users\Jeremy\Desktop\ESET SCAN.txt 2014-02-23 08:12 - 2014-02-11 01:33 - 00000000 ____D () C:\Users\Jeremy\Desktop\backups 2014-02-22 04:51 - 2014-02-22 04:51 - 00009366 _____ () C:\Users\Jeremy\Desktop\hijackthis.log 2014-02-22 04:49 - 2014-02-22 04:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy\Desktop\HijackThis.exe 2014-02-22 04:42 - 2014-02-22 04:42 - 00000000 _____ () C:\Windows\setuperr.log 2014-02-22 03:56 - 2011-02-10 09:02 - 00000000 ____D () C:\Windows\panther 2014-02-22 03:41 - 2013-12-03 04:56 - 00000000 ____D () C:\ProgramData\Oracle 2014-02-22 03:40 - 2014-02-22 03:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-02-22 03:39 - 2014-02-22 03:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-02-22 03:39 - 2014-02-22 03:40 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-02-22 03:39 - 2014-02-22 03:40 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-02-22 03:39 - 2012-01-20 15:49 - 00000000 ____D () C:\Program Files (x86)\Java 2014-02-22 02:31 - 2013-12-03 04:51 - 00921000 _____ (Oracle Corporation) C:\Users\Jeremy\Desktop\jxpiinstall.exe 2014-02-22 02:04 - 2012-02-03 02:56 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Adobe 2014-02-22 01:50 - 2014-02-22 01:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk 2014-02-22 01:50 - 2012-02-03 02:46 - 00000000 ____D () C:\ProgramData\Adobe 2014-02-22 01:50 - 2012-01-20 16:08 - 00000000 ____D () C:\Program Files (x86)\Adobe 2014-02-22 01:40 - 2013-12-13 05:03 - 00000000 ____D () C:\Users\Jeremy\Desktop\Updates 2014-02-21 04:09 - 2013-08-24 04:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-02-21 04:04 - 2012-02-02 21:22 - 00000000 ___RD () C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-02-21 03:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-02-20 15:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache 2014-02-20 06:29 - 2014-02-20 06:29 - 00000000 ____D () C:\_OTL 2014-02-19 04:46 - 2012-10-30 16:19 - 00000000 ____D () C:\Users\Jeremy\Desktop\- TV 2014-02-18 21:33 - 2014-02-18 21:25 - 00124930 _____ () C:\Users\Jeremy\Desktop\Extras.Txt 2014-02-18 21:25 - 2014-02-18 21:25 - 00115186 _____ () C:\Users\Jeremy\Desktop\OTL.Txt 2014-02-18 21:16 - 2014-02-18 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\Jeremy\Desktop\OTL.exe 2014-02-18 14:50 - 2014-02-18 14:33 - 00000000 ____D () C:\Users\Jeremy\Desktop\RK_Quarantine 2014-02-18 14:44 - 2014-02-18 14:44 - 00003589 _____ () C:\Users\Jeremy\Desktop\RKreport[0]_D_02182014_144400.txt 2014-02-18 14:37 - 2014-02-18 14:37 - 00004094 _____ () C:\Users\Jeremy\Desktop\RKreport[0]_S_02182014_143752.txt 2014-02-18 14:33 - 2014-02-18 14:33 - 04408320 _____ () C:\Users\Jeremy\Desktop\RogueKillerX64.exe 2014-02-18 14:32 - 2013-10-07 03:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2014-02-18 14:08 - 2013-10-27 12:41 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-02-18 14:07 - 2014-02-02 01:27 - 00000000 ____D () C:\Users\Jeremy\Desktop\For Malware Bytes 2014-02-18 13:59 - 2014-02-18 07:45 - 00000000 ____D () C:\Users\Jeremy\Desktop\RAW 2014-02-18 07:57 - 2014-02-18 07:56 - 00000000 ____D () C:\ProgramData\CanonIJMIG 2014-02-18 07:57 - 2014-02-18 07:53 - 00000000 ____D () C:\ProgramData\CanonIJScan 2014-02-18 07:53 - 2013-02-02 05:07 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\canon 2014-02-16 21:35 - 2014-01-05 06:45 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys 2014-02-16 21:35 - 2013-12-15 14:26 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-02-16 21:35 - 2013-08-24 04:03 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2014-02-16 21:35 - 2013-08-24 04:03 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2014-02-16 21:35 - 2013-08-24 04:03 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-02-16 21:35 - 2013-08-24 04:03 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-02-16 21:35 - 2013-08-24 04:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-02-16 21:28 - 2014-02-16 21:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\FRST-OlderVersion 2014-02-16 11:32 - 2012-02-07 04:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\WrestlingAudio.com 2014-02-16 02:32 - 2014-02-16 02:30 - 00047814 _____ () C:\Users\Jeremy\Desktop\Addition.txt 2014-02-16 01:51 - 2013-07-22 22:41 - 00000000 ____D () C:\Windows\system32\MRT 2014-02-16 01:45 - 2012-02-03 03:13 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-02-15 19:24 - 2014-02-15 14:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\Smackdown 2014-02-15 07:42 - 2013-10-12 03:30 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-02-15 07:42 - 2013-10-12 03:30 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2014-02-14 22:20 - 2012-05-02 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-02-14 09:22 - 2014-02-09 00:43 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-02-14 09:22 - 2013-06-28 09:36 - 00000000 ____D () C:\Program Files\CCleaner 2014-02-14 09:17 - 2014-02-14 09:17 - 04721920 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup410.exe 2014-02-14 09:16 - 2014-02-14 09:15 - 00001152 _____ () C:\DelFix.txt 2014-02-14 09:15 - 2013-05-15 23:48 - 00000000 ____D () C:\Windows\ERUNT 2014-02-14 09:09 - 2013-04-11 19:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-02-14 09:08 - 2013-06-27 10:12 - 00000000 ____D () C:\Windows\erdnt 2014-02-11 05:24 - 2014-02-11 05:24 - 00024662 _____ () C:\Users\Jeremy\Desktop\ESET SCAN .txt 2014-02-10 00:39 - 2014-02-10 00:35 - 00000049 _____ () C:\Users\Jeremy\Desktop\Vocals Chains To Delete.txt 2014-02-09 17:13 - 2012-02-02 21:31 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Apps\2.0 2014-02-09 17:02 - 2014-02-09 17:02 - 55915216 _____ (Microsoft Corporation) C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe 2014-02-09 16:59 - 2014-02-09 16:50 - 00000000 ____D () C:\Users\Jeremy\Documents\Fiddler2 2014-02-09 16:50 - 2014-02-09 16:49 - 00000000 ____D () C:\Program Files (x86)\Fiddler2 2014-02-09 15:17 - 2014-02-09 15:17 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\TeamViewer 2014-02-09 15:16 - 2014-02-09 15:16 - 05814120 _____ (TeamViewer GmbH) C:\Users\Jeremy\Desktop\TeamViewer_Setup_en.exe 2014-02-09 15:16 - 2014-02-09 15:16 - 00001164 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk 2014-02-09 15:16 - 2014-02-09 15:16 - 00000000 ____D () C:\Program Files (x86)\TeamViewer 2014-02-09 02:49 - 2013-09-05 17:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-02-09 02:49 - 2013-05-10 03:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-02-09 02:49 - 2013-05-10 03:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-02-09 00:54 - 2012-05-10 07:02 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\FileZilla 2014-02-09 00:54 - 2012-02-03 07:20 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\DAEMON Tools Lite 2014-02-09 00:45 - 2012-02-14 05:09 - 00000000 ____D () C:\Windows\Minidump 2014-02-09 00:44 - 2014-02-09 00:44 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-02-08 07:34 - 2012-02-03 03:04 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\vlc 2014-02-07 22:34 - 2014-02-07 22:34 - 66963505 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(720p_H.264-AAC).mp4 2014-02-07 22:34 - 2014-02-07 22:34 - 63815791 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(720p_H.264-AAC).mp4 2014-02-07 22:34 - 2014-02-07 22:34 - 22989362 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(360p_VP8-Vorbis).webm 2014-02-07 22:34 - 2014-02-07 22:31 - 16442791 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(360p_H.264-AAC).mp4 2014-02-07 22:31 - 2014-02-07 22:31 - 20069413 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(360p_VP8-Vorbis).webm 2014-02-07 22:31 - 2014-02-07 22:31 - 16928555 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(360p_H.264-AAC).mp4 2014-02-07 22:31 - 2014-02-07 22:29 - 06795459 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(240p_H.264-AAC).3gp 2014-02-07 17:31 - 2014-02-07 17:29 - 08603169 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(240p_H.263-MP3).flv 2014-02-07 17:29 - 2014-02-07 17:28 - 02353391 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(144p_H.264-AAC).3gp 2014-02-07 02:56 - 2012-02-25 04:54 - 00000132 _____ () C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs 2014-02-06 07:16 - 2014-02-21 03:59 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-02-06 06:30 - 2014-02-21 03:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-02-06 06:30 - 2014-02-21 03:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-02-06 06:12 - 2014-02-21 03:59 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-02-06 06:07 - 2014-02-21 03:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-02-06 06:06 - 2014-02-21 03:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-02-06 05:57 - 2014-02-21 03:59 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-02-06 05:56 - 2014-02-21 03:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-02-06 05:52 - 2014-02-21 03:59 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-02-06 05:49 - 2014-02-21 03:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-02-06 05:48 - 2014-02-21 03:59 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-02-06 05:48 - 2014-02-21 03:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-02-06 05:38 - 2014-02-21 03:59 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-02-06 05:32 - 2014-02-21 03:59 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-02-06 05:20 - 2014-02-21 03:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-02-06 05:17 - 2014-02-21 03:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-02-06 05:11 - 2014-02-21 03:59 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-02-06 05:01 - 2014-02-21 03:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-02-06 05:00 - 2014-02-21 03:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-02-06 04:57 - 2014-02-21 03:59 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-02-06 04:57 - 2014-02-21 03:59 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-02-06 04:52 - 2014-02-21 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-02-06 04:52 - 2014-02-21 03:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-02-06 04:50 - 2014-02-21 03:59 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-02-06 04:49 - 2014-02-21 03:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-02-06 04:47 - 2014-02-21 03:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-02-06 04:46 - 2014-02-21 03:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-02-06 04:25 - 2014-02-21 03:59 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-02-06 04:25 - 2014-02-21 03:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-02-06 04:24 - 2014-02-21 03:59 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-02-06 04:22 - 2014-02-21 03:59 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-02-06 04:13 - 2014-02-21 03:59 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-02-06 04:09 - 2014-02-21 03:59 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-02-06 04:03 - 2014-02-21 03:59 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-02-06 03:55 - 2014-02-21 03:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-02-06 03:41 - 2014-02-21 03:59 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-02-06 03:40 - 2014-02-21 03:59 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-02-06 03:36 - 2014-02-21 03:59 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-02-06 03:34 - 2014-02-21 03:59 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-02-05 09:11 - 2013-07-15 00:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\Hiccups 2014-02-04 01:57 - 2014-02-04 01:57 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2C241749.sys 2014-02-02 01:26 - 2014-02-02 01:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jeremy\Desktop\mbar-1.07.0.1009.exe 2014-02-01 01:34 - 2014-02-01 01:34 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\chc 2014-01-29 22:57 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-02-20 15:07 ==================== End Of Log ============================
- February 28, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Unfortunately, it didn't fix anything. Have actually been having more program crashes now.
- February 26, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

I had 90 something detections on the Malware Bytes scan last time, how are the logs looking good? lol This found 189, I'm always getting PUP's, can't get Internet Explorer to work normally, still have the issues with program processes not ending after I close a program, etc. I'm sorry I hope that didn't sound harsh. I really appreciate all the free help, I just get confused when issues haven't been resolved and I hear that we're almost done. Then again it may be cause you only deal with malware related issues here, and issues I'm having is possibly not related to malware? C:\$RECYCLE.BIN\S-1-5-21-4055183432-471262313-3685020261-1000\$RL91W6I.exe Win32/OpenCandy potentially unsafe application C:\Users\Jeremy\AppData\Local\Temp\12DB.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\132C.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\1639.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\16A6.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\16EC.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\1C51.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\2197.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\2411.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\2823.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\2968.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\29FF.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\2A33.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\2B33.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\321B.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\3465.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\3549.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\3784.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\3816.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\38D3.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\3A84.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\3B32.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\3D3F.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\47EC.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\4BB.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\4C61.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\4D27.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5026.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\542A.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\57CA.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\57CB.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\57DB.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\57DC.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\57DD.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\586B.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5903.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\597A.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5BD5.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5CA1.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5D50.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5D6D.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5FBF.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5FC0.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\5FC1.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\609C.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\613F.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\6214.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\64B3.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\64B4.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\650E.tmp a variant of Win32/InstallCore.JE.gen potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\658A.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\66C0.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\6F2D.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\70.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\75F8.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\7952.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\7B61.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\7DE4.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\7E1B.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\81CC.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\853.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\8771.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\879A.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\8890.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\8A0B.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\9158.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\91E8.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\923C.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\93BA.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\9548.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\95A7.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\970B.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\975C.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\99D2.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A051.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A2F7.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A32C.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A32D.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A32E.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A32F.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A330.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A340.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A74.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A8EC.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A8ED.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A949.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A94D.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\A9B9.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\AB40.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\AB41.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\AC0D.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\AD17.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\AD2.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\AF78.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\AF79.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\AF7A.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B046.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B0AD.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B112.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B1B9.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B1DE.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B1FD.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B384.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B385.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B441.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B4A1.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\B50D.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\BDDE.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\BEBE.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\C4D9.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\C6E9.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\C6F9.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\CC85.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\D2E4.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\D5D0.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\D7DE.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DA2E.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DA6B.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DBAA.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DBAB.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DBAC.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DBAD.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DBBD.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DBBE.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DDDF.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DE24.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\DEEC.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E300.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E301.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E3CC.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E440.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E5BC.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E62E.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E62F.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E630.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E7C6.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E7D7.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E96E.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E96F.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E9B5.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E9B6.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E9C7.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E9C8.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E9C9.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\E9CA.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EA3A.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EB06.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\ECA2.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\ECAC.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\ECAD.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\ECCF.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\ED98.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\ED99.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EDA9.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EDAA.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EDAB.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EDAC.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EE1E.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EEFF.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EF00.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EF11.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EF62.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EF91.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EFA5.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\EFA6.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F0A7.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F12D.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F12E.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F1AA.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F1E2.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F1EB.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F2AE.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F379.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F3A1.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F3D0.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F436.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F567.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F568.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F624.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F6E0.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F7AC.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F952.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F953.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\F96A.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\FB28.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\FB29.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\FB56.tmp Win32/Somoto.A potentially unwanted application C:\Users\Jeremy\AppData\Local\Temp\FBE5.tmp Win32/DownloadAdmin.G potentially unwanted application C:\Users\Jeremy\Desktop\ccsetup410.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
- February 23, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2014.02.22.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Jeremy :: JEREMY-PC [administrator] 2/22/2014 4:34:49 AM mbam-log-2014-02-22 (04-34-49).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 228199 Time elapsed: 3 minute(s), 15 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 90 C:\Users\Jeremy\AppData\Local\Temp\1046.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\10EB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\13B5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\176B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2343.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\24E0.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2646.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\272.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\29D7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2AF9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\2B40.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3089.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\320B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\32EA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3317.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\34A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\3BFF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\44D3.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\47EA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\487B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\4E33.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\52A6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5552.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\567A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\57DE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5B22.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5B5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5EB6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\5F2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\65A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6C50.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6EBA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6EFC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\6F28.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\797.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\79C5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\7E6A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\82A7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\847F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8570.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\89DC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8BCD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8C3.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\8D07.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\9079.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\9FD6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A536.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\A9A9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\AD51.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B020.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B4E5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B4FE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B63D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B672.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\B6A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\BDFC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C0A1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C223.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C3B1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C47.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C54A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C6C2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C86D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\C8E9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CA09.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CD0B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CDF4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\CE5F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D2DB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D82D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\D88.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DC17.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DCF6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DD28.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DE71.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\DFCB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E320.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E3B4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E51B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E73B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\E88B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EC0.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EC92.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EE2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\EF12.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F1EC.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F2B6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F319.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\AppData\Local\Temp\F5C2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully. C:\Users\Jeremy\Downloads\update.exe (PUP.Optional.OptimumInstaller.A) -> Quarantined and deleted successfully. (end) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 4:51:00 AM, on 2/22/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16518) Boot mode: Normal Running processes: C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe C:\Users\Jeremy\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Microsoft Network Inspection (NisSrv) - Unknown owner - C:\Program Files\Microsoft Security Client\NisSrv.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9365 bytes While scanning with Hijackthis I got the same error as before saying my denied access to the host file. It didn't seem to affect anything though. The comp is running ok. Stil lcan't use Internet Explore, and the program issues but my pc seems to be running smoothly at the moment.
- February 22, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

========== OTL ========== 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully. Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901140}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901140}\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully. File Protocol\Handler\grooveLocalGWS - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully. File Protocol\Handler\livecall - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully. File Protocol\Handler\ms-help - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully. File Protocol\Handler\msnim - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully. File Protocol\Handler\skype4com - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully. File Protocol\Handler\wlmailhtml - No CLSID value found not found. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully. File Protocol\Handler\wlpg - No CLSID value found not found. 64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. 64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found. ========== FILES ========== < ipconfig /flushdns /c > Windows IP Configuration Successfully flushed the DNS Resolver Cache. C:\Users\Jeremy\Desktop\cmd.bat deleted successfully. C:\Users\Jeremy\Desktop\cmd.txt deleted successfully. ========== COMMANDS ========== [EMPTYJAVA] User: All Users User: Default User: Default User User: Jeremy ->Java cache emptied: 452891 bytes User: Public Total Java Files Cleaned = 0.00 mb [EMPTYFLASH] User: All Users User: Default ->Flash cache emptied: 57472 bytes User: Default User ->Flash cache emptied: 0 bytes User: Jeremy ->Flash cache emptied: 315307 bytes User: Public Total Flash Files Cleaned = 0.00 mb OTL by OldTimer - Version 3.2.69.0 log created on 02202014_062951 Well still no BSOD's which of course is good. Other than that, I still have the issues I've stated multiple times with program processes not being exited even after I exit the program. I tried to get Internet Explorer working again going through the long process I went through before. I uninstalled it, restarted my pc, and my pc was updating itself with windows updates which took a while. Installed the latest Internet Explorer again, and had to restart my pc again. It then needed updates, and I had to restart my pc one more time. It still won't work properly. I can make it work by running it as admininstrator, but it won't work with a marketing program I use which is the only use I have for Internet Explorer. Also, it seems that even when I remove some programs from my start up programs they will return after I use them. I guess I have to manually configure them through the actual programs to not start up when I reboot my pc. Another thing is that I have used CCleaner 2 or 3 times since installing it. I will do quick scans with malware bytes right after using it, and I am still getting PUP's.
- February 21, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

OTL logfile created on: 2/18/2014 9:17:45 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jeremy\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.11.9600.16518) Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 5.91 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 42.03% Memory free 11.83 Gb Paging File | 8.20 Gb Available in Paging File | 69.33% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 450.91 Gb Total Space | 241.99 Gb Free Space | 53.67% Space Free | Partition Type: NTFS Drive D: | 931.51 Gb Total Space | 95.93 Gb Free Space | 10.30% Space Free | Partition Type: NTFS Computer Name: JEREMY-PC | User Name: Jeremy | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Jeremy\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe (Adobe Systems, Inc.) PRC - C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe () PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher\xulrunner\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) PRC - C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) PRC - C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (BlueStack Systems) PRC - C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems) PRC - C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems) PRC - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team) PRC - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe () PRC - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\..\cef\hitleap-viewer-browser.exe () PRC - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe () PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe (Badoo) PRC - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) PRC - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) ========== Modules (No Company Name) ========== MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\e7e7e3b82e91028e6ed05189f837ea13\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () MOD - C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe () MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll () MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll () MOD - C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher\xulrunner\mozjs.dll () MOD - C:\Program Files\AVAST Software\Avast\libcef.dll () MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-55.dll () MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-55.dll () MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll () MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-52.dll () MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\libbluray.dll () MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll () MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avresample-lav-1.dll () MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe () MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\libcef.dll () MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\..\cef\hitleap-viewer-browser.exe () MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe () MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\ffmpegsumo.dll () MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll () ========== Services (SafeList) ========== SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe File not found SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe File not found SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation) SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (Sandboxie Holdings, LLC) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.) SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation) SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.) SRV - (AdobeActiveFileMonitor10.0) -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\program files\dell support center\pcdsrvc_x64.pkms File not found DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software) DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software) DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswstm.sys (AVAST Software) DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software) DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys () DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software) DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys () DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (Sandboxie Holdings, LLC) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.) DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions) DRV:64bit: - (USBMULCD) -- C:\Windows\SysNative\drivers\CM10664.sys (C-Media Electronics Inc) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (VSTWinDriver6) -- C:\Windows\SysNative\drivers\VSTwindrvr6.sys (Jungo) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback> IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "http://www.google.com/" FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21 FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:1.1.8 FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.3.12 FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.15 FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2013.75 FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.8.1 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jeremy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jeremy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/10/08 21:35:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/16 21:35:37 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fiddlerhook@fiddler2.com: C:\Program Files (x86)\Fiddler2\FiddlerHook [2014/02/09 16:49:56 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/04 20:28:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/09 06:45:15 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/10/08 21:35:42 | 000,000,000 | ---D | M] [2013/03/13 07:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Extensions [2014/02/18 14:56:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions [2014/02/18 14:56:08 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2013/09/23 08:07:45 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013/11/23 18:01:57 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2014/01/31 03:32:32 | 000,217,846 | ---- | M] () (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2014/01/16 10:16:35 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014/02/13 14:26:17 | 000,287,566 | ---- | M] () (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013/11/08 00:12:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions [2014/02/14 09:09:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2014/02/16 21:35:37 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - Extension: Google Docs = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google Search = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: iMacros for Chrome = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\6.0.6_0\ CHR - Extension: Google Wallet = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\ CHR - Extension: Google Wallet = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\ CHR - Extension: Gmail = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013/10/06 00:37:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Torntv V7.0) - {11111111-1111-1111-1111-110411901140} - C:\Program Files (x86)\Torntv V7.0\Torntv V7.0-bho64.dll File not found O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software) O4 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000..\Run: [EV_Autowatcher_Download-Carbon0x] C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9:64bit: - Extra Button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" File not found O9:64bit: - Extra 'Tools' menuitem : Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" File not found O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.) O9 - Extra Button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" File not found O9 - Extra 'Tools' menuitem : Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" File not found O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.59.247.45 208.59.247.46 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D1CAAD8-6D06-4F95-AB66-F1BBC1C7FADB}: DhcpNameServer = 208.59.247.45 208.59.247.46 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF1B28AD-68A0-41A8-9CB9-D47A0A08BBC4}: DhcpNameServer = 208.59.247.45 208.59.247.46 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2014/02/18 21:16:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jeremy\Desktop\OTL.exe [2014/02/18 14:33:43 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\RK_Quarantine [2014/02/18 14:08:35 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014/02/18 07:56:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMIG [2014/02/18 07:53:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2014/02/18 07:45:56 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\RAW [2014/02/16 21:28:55 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\FRST-OlderVersion [2014/02/16 05:26:50 | 006,573,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2014/02/16 05:26:50 | 005,693,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2014/02/16 02:29:51 | 000,000,000 | ---D | C] -- C:\FRST [2014/02/16 02:29:37 | 002,152,448 | ---- | C] (Farbar) -- C:\Users\Jeremy\Desktop\FRST64.exe [2014/02/16 01:44:02 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2014/02/16 01:43:52 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2014/02/16 01:43:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2014/02/16 01:43:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2014/02/16 01:43:48 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2014/02/16 01:43:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2014/02/16 01:43:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2014/02/16 01:43:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2014/02/16 01:43:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2014/02/16 01:43:46 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2014/02/16 01:43:46 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2014/02/16 01:43:46 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2014/02/16 01:43:46 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2014/02/16 01:43:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2014/02/16 01:43:45 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll [2014/02/16 01:43:45 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll [2014/02/16 01:40:46 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll [2014/02/16 01:40:46 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll [2014/02/15 14:28:36 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\Smackdown [2014/02/14 09:36:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2014/02/14 09:17:46 | 004,721,920 | ---- | C] (Piriform Ltd) -- C:\Users\Jeremy\Desktop\ccsetup410.exe [2014/02/13 07:02:26 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2014/02/13 07:01:29 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014/02/13 07:01:29 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014/02/13 07:01:28 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014/02/13 07:01:28 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014/02/13 07:01:27 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014/02/13 07:01:27 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014/02/13 07:01:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014/02/13 07:01:26 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014/02/13 07:01:26 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014/02/13 07:01:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014/02/13 07:01:25 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2014/02/13 07:01:25 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014/02/13 07:01:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014/02/13 07:01:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2014/02/13 07:01:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014/02/13 07:01:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014/02/13 07:01:23 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014/02/13 07:01:23 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2014/02/13 07:01:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014/02/13 07:01:23 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2014/02/13 07:01:20 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014/02/13 07:01:19 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014/02/13 07:01:15 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014/02/13 02:31:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll [2014/02/13 02:31:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll [2014/02/13 02:31:45 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe [2014/02/13 02:31:45 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe [2014/02/13 02:31:44 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe [2014/02/13 02:31:44 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe [2014/02/13 02:31:39 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe [2014/02/13 02:31:38 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe [2014/02/13 02:31:38 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe [2014/02/13 02:31:37 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll [2014/02/13 02:31:37 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe [2014/02/13 02:31:37 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll [2014/02/13 02:31:37 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll [2014/02/13 02:31:37 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll [2014/02/13 02:31:37 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll [2014/02/13 02:31:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll [2014/02/13 02:31:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll [2014/02/13 02:31:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll [2014/02/13 02:31:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll [2014/02/13 02:31:29 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll [2014/02/13 02:31:28 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll [2014/02/11 01:33:03 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\backups [2014/02/09 17:02:39 | 055,915,216 | ---- | C] (Microsoft Corporation) -- C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe [2014/02/09 16:50:42 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Documents\Fiddler2 [2014/02/09 16:49:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fiddler2 [2014/02/09 15:17:03 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\TeamViewer [2014/02/09 15:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2014/02/09 15:16:32 | 005,814,120 | ---- | C] (TeamViewer GmbH) -- C:\Users\Jeremy\Desktop\TeamViewer_Setup_en.exe [2014/02/09 00:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java [2014/02/09 00:41:51 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014/02/09 00:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java [2014/02/09 00:41:43 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014/02/09 00:41:43 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014/02/09 00:41:43 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014/02/08 07:15:25 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Local\CrashDumps [2014/02/04 01:57:41 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\2C241749.sys [2014/02/02 01:27:26 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\For Malware Bytes [2014/02/02 01:26:45 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Jeremy\Desktop\mbar-1.07.0.1009.exe [2014/02/01 01:34:58 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\chc [2014/01/29 09:34:28 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher [2014/01/27 08:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Share YouTube Videos [2014/01/27 08:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Share YouTube Videos [2014/01/23 07:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Badoo [2014/01/23 07:58:52 | 003,230,432 | ---- | C] (Badoo) -- C:\Users\Jeremy\Desktop\badoo.desktop.installer-1.6.58.exe [2014/01/20 16:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3 Song Plays Increaser [2014/01/20 16:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3 Song Plays Increaser ========== Files - Modified Within 30 Days ========== [2014/02/18 21:16:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jeremy\Desktop\OTL.exe [2014/02/18 21:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2014/02/18 20:47:33 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2014/02/18 19:08:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job [2014/02/18 15:02:04 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2014/02/18 15:02:04 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2014/02/18 14:54:12 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2014/02/18 14:53:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2014/02/18 14:53:40 | 468,156,415 | -HS- | M] () -- C:\hiberfil.sys [2014/02/18 14:33:30 | 004,408,320 | ---- | M] () -- C:\Users\Jeremy\Desktop\RogueKillerX64.exe [2014/02/18 14:08:35 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys [2014/02/18 14:08:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys [2014/02/18 07:55:38 | 000,144,295 | ---- | M] () -- C:\Users\Jeremy\Documents\IMG_20140218_0001.jpg [2014/02/18 01:08:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job [2014/02/16 21:35:59 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk [2014/02/16 21:35:36 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys [2014/02/16 21:35:36 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys [2014/02/16 21:35:36 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe [2014/02/16 21:35:36 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys [2014/02/16 21:35:36 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys [2014/02/16 21:35:35 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr [2014/02/16 21:28:55 | 002,152,448 | ---- | M] (Farbar) -- C:\Users\Jeremy\Desktop\FRST64.exe [2014/02/14 09:22:43 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014/02/14 09:17:46 | 004,721,920 | ---- | M] (Piriform Ltd) -- C:\Users\Jeremy\Desktop\ccsetup410.exe [2014/02/13 07:05:06 | 000,825,320 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2014/02/13 07:05:06 | 000,697,808 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2014/02/13 07:05:06 | 000,136,356 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2014/02/13 07:04:56 | 000,825,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2014/02/11 01:16:47 | 000,003,239 | ---- | M] () -- C:\Users\Jeremy\Desktop\Instructions.rtf [2014/02/09 17:09:47 | 004,979,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2014/02/09 17:02:59 | 055,915,216 | ---- | M] (Microsoft Corporation) -- C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe [2014/02/09 15:16:59 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk [2014/02/09 15:16:33 | 005,814,120 | ---- | M] (TeamViewer GmbH) -- C:\Users\Jeremy\Desktop\TeamViewer_Setup_en.exe [2014/02/09 02:49:51 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2014/02/09 02:49:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2014/02/09 02:32:37 | 000,008,362 | ---- | M] () -- C:\Users\Jeremy\Desktop\Tiffany.rtf [2014/02/09 00:41:36 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll [2014/02/09 00:41:33 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe [2014/02/09 00:41:33 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe [2014/02/09 00:41:32 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe [2014/02/09 00:40:40 | 000,921,000 | ---- | M] (Oracle Corporation) -- C:\Users\Jeremy\Desktop\jxpiinstall.exe [2014/02/07 02:56:54 | 000,000,132 | ---- | M] () -- C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs [2014/02/06 06:51:19 | 000,001,003 | ---- | M] () -- C:\Users\Jeremy\Desktop\Dat White Boy (Fixes).rtf [2014/02/06 06:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll [2014/02/06 06:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2014/02/06 06:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll [2014/02/06 05:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2014/02/06 05:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2014/02/06 05:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2014/02/06 05:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe [2014/02/06 05:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll [2014/02/06 05:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2014/02/06 05:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2014/02/06 05:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2014/02/06 05:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2014/02/06 05:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll [2014/02/06 04:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2014/02/06 04:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2014/02/06 04:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2014/02/06 04:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2014/02/06 04:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2014/02/06 04:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll [2014/02/06 04:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2014/02/06 04:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2014/02/06 03:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2014/02/06 03:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2014/02/04 01:57:41 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\2C241749.sys [2014/02/02 01:26:46 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Jeremy\Desktop\mbar-1.07.0.1009.exe [2014/01/27 08:05:00 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Share YouTube Videos.lnk [2014/01/26 08:39:32 | 000,000,132 | ---- | M] () -- C:\Users\Jeremy\AppData\Roaming\Adobe AIFF Format CS5 Prefs [2014/01/23 07:59:51 | 000,001,010 | ---- | M] () -- C:\Users\Jeremy\Application Data\Microsoft\Internet Explorer\Quick Launch\Badoo.Desktop.lnk [2014/01/23 07:58:53 | 003,230,432 | ---- | M] (Badoo) -- C:\Users\Jeremy\Desktop\badoo.desktop.installer-1.6.58.exe [2014/01/22 03:15:50 | 000,077,217 | ---- | M] () -- C:\Users\Jeremy\Desktop\15558771527681369792.jpeg.jpg [2014/01/20 16:12:17 | 000,001,648 | ---- | M] () -- C:\Users\Jeremy\Desktop\MP3SongPlays.exe - Shortcut.lnk [2014/01/20 16:10:50 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Mp3 Song Plays Increaser.lnk ========== Files Created - No Company Name ========== [2014/02/18 14:33:30 | 004,408,320 | ---- | C] () -- C:\Users\Jeremy\Desktop\RogueKillerX64.exe [2014/02/18 07:55:38 | 000,144,295 | ---- | C] () -- C:\Users\Jeremy\Documents\IMG_20140218_0001.jpg [2014/02/11 01:16:47 | 000,003,239 | ---- | C] () -- C:\Users\Jeremy\Desktop\Instructions.rtf [2014/02/09 16:49:56 | 000,001,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler2.lnk [2014/02/09 15:16:59 | 000,001,176 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk [2014/02/09 15:16:59 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk [2014/02/09 00:43:58 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2014/02/09 00:37:24 | 000,008,362 | ---- | C] () -- C:\Users\Jeremy\Desktop\Tiffany.rtf [2014/02/06 06:39:44 | 000,001,003 | ---- | C] () -- C:\Users\Jeremy\Desktop\Dat White Boy (Fixes).rtf [2014/01/27 08:05:00 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Share YouTube Videos.lnk [2014/01/23 07:59:51 | 000,001,140 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badoo Desktop.lnk [2014/01/23 07:59:51 | 000,001,010 | ---- | C] () -- C:\Users\Jeremy\Application Data\Microsoft\Internet Explorer\Quick Launch\Badoo.Desktop.lnk [2014/01/22 03:15:50 | 000,077,217 | ---- | C] () -- C:\Users\Jeremy\Desktop\15558771527681369792.jpeg.jpg [2014/01/20 16:12:17 | 000,001,648 | ---- | C] () -- C:\Users\Jeremy\Desktop\MP3SongPlays.exe - Shortcut.lnk [2014/01/20 16:10:50 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Mp3 Song Plays Increaser.lnk [2013/11/18 05:11:45 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013/11/07 01:52:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2013/09/26 18:05:41 | 000,000,133 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\mbam.context.scan [2013/07/27 04:40:15 | 000,000,307 | ---- | C] () -- C:\Users\Jeremy\vst_perfect_declipper.ini [2013/07/09 03:12:26 | 002,600,164 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\TempMediaPlay.wav [2013/05/01 04:21:36 | 000,002,886 | ---- | C] () -- C:\Windows\Sandboxie.ini [2013/04/03 08:09:14 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat [2013/04/03 08:09:14 | 000,000,016 | ---- | C] () -- C:\ProgramData\autobk.inc [2013/03/13 07:48:26 | 000,000,258 | RHS- | C] () -- C:\Users\Jeremy\ntuser.pol [2013/03/13 07:20:50 | 000,157,696 | ---- | C] () -- C:\Windows\SysWow64\OggEnc.exe [2013/03/13 07:20:50 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe [2013/03/13 07:20:50 | 000,076,800 | ---- | C] () -- C:\Windows\SysWow64\Faac.exe [2012/12/27 00:23:42 | 000,431,901 | ---- | C] () -- C:\Users\Jeremy\.websiteauditor.properties [2012/12/27 00:08:10 | 000,182,823 | ---- | C] () -- C:\Users\Jeremy\.spyglass.properties [2012/12/26 23:51:54 | 000,427,977 | ---- | C] () -- C:\Users\Jeremy\.websiteauditor.properties.bak [2012/12/06 04:09:15 | 000,000,132 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Adobe AIFF Format CS5 Prefs [2012/11/03 21:56:13 | 000,000,017 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\resmon.resmoncfg [2012/10/18 04:39:39 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE [2012/10/18 04:32:22 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll [2012/10/18 04:32:22 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll [2012/10/10 01:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012/10/10 01:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012/10/08 21:30:36 | 000,221,313 | ---- | C] () -- C:\Windows\hpoins19.dat [2012/10/08 21:30:36 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat [2012/05/24 21:32:49 | 000,000,600 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\PUTTY.RND [2012/02/27 04:36:51 | 000,019,456 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/02/25 04:54:18 | 000,000,132 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs [2012/02/24 04:04:41 | 000,000,132 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Adobe BMP Format CS5 Prefs ========== ZeroAccess Check ========== [2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 08:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 08:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 08:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34 < End of report >
- February 19, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Malwarebytes Anti-Rootkit BETA 1.07.0.1009 www.malwarebytes.org Database version: v2014.02.18.06 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16518 Jeremy :: JEREMY-PC [administrator] 2/18/2014 2:08:40 PM mbar-log-2014-02-18 (14-08-40).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 261207 Time elapsed: 23 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) RogueKiller V8.8.7 _x64_ [Feb 11 2014] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Jeremy [Admin rights] Mode : Remove -- Date : 02/18/2014 14:44:00 | ARK || FAK || MBR | ¤¤¤ Bad processes : 1 ¤¤¤ [sUSP PATH] Enhanceviews Autowatcher v2.45.exe -- C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe [-] -> KILLED [TermProc] ¤¤¤ Registry Entries : 14 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : EV_Autowatcher_Download-Carbon0x (C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe [-]) -> DELETED [RUN][sUSP PATH] HKUS\S-1-5-21-4055183432-471262313-3685020261-1000\[...]\Run : EV_Autowatcher_Download-Carbon0x (C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe [-]) -> [0x2] The system cannot find the file specified. [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified. [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1) [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1) [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1) [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1) [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1) [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1) [HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1) [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0) [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0) ¤¤¤ Scheduled tasks : 1 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD103UJ ATA Device +++++ --- User --- [MBR] bcc1727eb4d27fb881a41e96255b5396 [bSP] beac72b8fa020a816c05c3802bf54d68 : MBR Code unknown Partition table: 0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST3500413AS ATA Device +++++ --- User --- [MBR] 960ee0263e7e86714a4c1b9dca087975 [bSP] 1a5f2db44097e7f4dc4ae1dda7b13ac3 : Windows Vista MBR Code Partition table: 0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo 1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15166 Mo 2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31141888 | Size: 461733 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_D_02182014_144400.txt >> RKreport[0]_S_02182014_143752.txt
- February 18, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

I found the microsoft fix it link which I found under Automatically open the Reset Internet Explorer Settings dialog box after I clicked on it. However, it says 'This Microsoft Fix it Failed To Process.'
- February 18, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

This is what I did before, and I don't see any options that have to do with Internet Explorer other than the option to make it my default browser. Where is the Reset Internet Explorer Settings dialog box because I don't see it anywhere. I can't start Internet Explorer so I don't know how I'm supposed to do this.
- February 18, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Sorry I'm still not understanding. I can't open Internet Explorer to follow the steps they provide. At the bottom when it says to go to run and type in inetcpl.cpl, I do that but don't see a Reset Internet Explorer Setting dialog box. Is there a direct link to Microsoft Fix it button? I would like to do it that way since it sounds like the easiest way to move onto the next step. I will have to get back to this tonight.
- February 17, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

I'm sorry can you tell me where the fixit button is? I don't see it on the page.
- February 17, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Well I'm still having the problem where program process will still keep running even after I exit the program. Also, since applying this fix my Internet Explorer I finally got working again stopped working and won't even launch now.
- February 17, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Had to attach this cause the post was too long. Fixlog.txt
- February 17, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC

jaiz replied to jaiz's topic in Resolved Malware Removal Logs

Addition.txt Addition.txt
- February 16, 2014
- 65 replies
- - bsod
  - hangup
  - (and 2 more)
    Tagged with:
    
    bsod
    
    hangup
    
    crashes
    
    slowpc

Events

Profiles

Forums

Everything posted by jaiz

Important Information