jaiz
-
Posts
134 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Posts posted by jaiz
-
-
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Jeremy (administrator) on JEREMY-PC on 13-03-2014 02:09:06
Running from C:\Users\Jeremy\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe
(Microsoft Corporation) C:\Windows\helppane.exe
(Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
() C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(XorBots.com) D:\- Jeremy\- Programs\- Website Tools\- Bots\Reverbnationpromotor-crackedby-hotcrack\ReverbNationPromoter.exe
(MPC-HC Team) C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
(Adobe Systems®, Incorporated) C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
() C:\Program Files (x86)\foobar2000\foobar2000.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-16] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {49606DC7-976D-4030-A74E-9FB5C842FA68} URL =
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]107.6.133.8,23.23.180.210
FireFox:
========
FF ProfilePath: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: iMacros for Firefox - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-02-18]
FF Extension: DownloadHelper - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-02-20]
FF Extension: Block site - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-11-23]
FF Extension: X-notifier - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013-09-21]
FF Extension: ReloadEvery - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-02-21]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-20]
FF Extension: Adblock Plus - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]
FF Extension: Greasemonkey - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-24]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-02-09]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08]
Chrome:
=======
CHR HomePage:
CHR Extension: (Easy Auto Refresh) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2014-02-21]
CHR Extension: (Google Docs) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16]
CHR Extension: (Google Drive) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16]
CHR Extension: (YouTube) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16]
CHR Extension: (Nanny for Google Chrome ) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno [2014-02-21]
CHR Extension: (Google Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16]
CHR Extension: (iMacros for Chrome) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2014-02-17]
CHR Extension: (avast! Online Security) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-21]
CHR Extension: (Website Blocker (Beta)) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Gmail) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16]
CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Jeremy\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2014-02-16]
==================== Services (Whitelisted) =================
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S4 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-20] (Adobe Systems)
S4 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-16] (AVAST Software)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
==================== Drivers (Whitelisted) ====================
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-16] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-05] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-03] (DT Soft Ltd)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
R3 VSTWinDriver6; C:\Windows\System32\drivers\VSTwindrvr6.sys [252928 2008-07-03] (Jungo)
U3 DfSdkS;
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-12 21:58 - 2014-03-12 21:58 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\ReverbNationPromoter
2014-03-12 05:12 - 2014-03-12 05:12 - 04822473 _____ (Tim Kosse) C:\Users\Jeremy\Desktop\FileZilla_3.7.4.1_win32-setup.exe
2014-03-11 14:03 - 2014-03-11 14:05 - 00000000 ____D () C:\Users\Jeremy\Desktop\The Jiggy Jaguar Show
2014-03-09 10:50 - 2014-03-12 23:19 - 00000616 _____ () C:\Windows\setupact.log
2014-03-09 10:50 - 2014-03-09 10:50 - 00007940 _____ () C:\Windows\PFRO.log
2014-03-09 10:50 - 2014-03-09 10:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-09 10:40 - 2014-03-09 10:40 - 04765152 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup411.exe
2014-03-08 12:11 - 2014-03-08 12:11 - 00003136 _____ () C:\Windows\System32\Tasks\{BAEC0EE1-2A3E-4685-AEEB-26CA549B00A2}
2014-03-08 12:08 - 2014-03-08 12:08 - 01883792 _____ (Irfan Skiljan) C:\Users\Jeremy\Desktop\iview437_setup.exe
2014-03-05 07:07 - 2014-03-05 07:07 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher
2014-03-03 21:24 - 2014-03-03 21:24 - 00000033 _____ () C:\Users\Jeremy\Desktop\For jiggyjaguar.txt
2014-02-28 06:00 - 2014-01-08 22:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-28 06:00 - 2014-01-03 18:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-25 11:49 - 2014-02-25 11:49 - 00000020 ___SH () C:\Users\Jeremy\ntuser.ini
2014-02-25 11:12 - 2014-02-25 11:47 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-25 11:01 - 2014-02-25 11:01 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JEREMY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-25 10:59 - 2014-02-25 10:59 - 00000000 ____D () C:\RegBackup
2014-02-25 10:56 - 2014-02-25 10:57 - 00000000 ____D () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair
2014-02-25 10:56 - 2014-02-25 10:56 - 03089596 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio.zip
2014-02-23 11:13 - 2014-02-23 11:13 - 00018305 _____ () C:\Users\Jeremy\Desktop\ESET SCAN.txt
2014-02-22 05:51 - 2014-02-22 05:51 - 00009366 _____ () C:\Users\Jeremy\Desktop\hijackthis.log
2014-02-22 05:49 - 2014-02-22 05:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy\Desktop\HijackThis.exe
2014-02-22 04:40 - 2014-02-22 04:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-22 04:40 - 2014-02-22 04:39 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-22 04:40 - 2014-02-22 04:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-22 04:40 - 2014-02-22 04:39 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-22 02:50 - 2014-02-22 02:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-21 04:59 - 2014-02-06 08:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-21 04:59 - 2014-02-06 07:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-21 04:59 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-21 04:59 - 2014-02-06 07:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-21 04:59 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-21 04:59 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-21 04:59 - 2014-02-06 06:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-21 04:59 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-21 04:59 - 2014-02-06 06:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-21 04:59 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-21 04:59 - 2014-02-06 06:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-21 04:59 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-21 04:59 - 2014-02-06 06:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-21 04:59 - 2014-02-06 06:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-21 04:59 - 2014-02-06 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-21 04:59 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-21 04:59 - 2014-02-06 06:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-21 04:59 - 2014-02-06 06:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-21 04:59 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-21 04:59 - 2014-02-06 05:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-21 04:59 - 2014-02-06 05:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-21 04:59 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-21 04:59 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-21 04:59 - 2014-02-06 05:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-21 04:59 - 2014-02-06 05:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-21 04:59 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-21 04:59 - 2014-02-06 05:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-21 04:59 - 2014-02-06 05:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-21 04:59 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-21 04:59 - 2014-02-06 05:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-21 04:59 - 2014-02-06 05:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-21 04:59 - 2014-02-06 05:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-21 04:59 - 2014-02-06 05:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-21 04:59 - 2014-02-06 05:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-21 04:59 - 2014-02-06 04:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-21 04:59 - 2014-02-06 04:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-21 04:59 - 2014-02-06 04:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-21 04:59 - 2014-02-06 04:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-21 04:59 - 2014-02-06 04:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-21 04:59 - 2013-12-21 05:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-21 04:59 - 2013-12-21 04:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-20 07:29 - 2014-02-20 07:29 - 00000000 ____D () C:\_OTL
2014-02-18 22:25 - 2014-02-18 22:33 - 00124930 _____ () C:\Users\Jeremy\Desktop\Extras.Txt
2014-02-18 22:25 - 2014-02-18 22:25 - 00115186 _____ () C:\Users\Jeremy\Desktop\OTL.Txt
2014-02-18 22:16 - 2014-02-18 22:16 - 00602112 _____ (OldTimer Tools) C:\Users\Jeremy\Desktop\OTL.exe
2014-02-18 15:33 - 2014-02-18 15:50 - 00000000 ____D () C:\Users\Jeremy\Desktop\RK_Quarantine
2014-02-18 15:33 - 2014-02-18 15:33 - 04408320 _____ () C:\Users\Jeremy\Desktop\RogueKillerX64.exe
2014-02-18 08:56 - 2014-02-18 08:57 - 00000000 ____D () C:\ProgramData\CanonIJMIG
2014-02-18 08:53 - 2014-02-18 08:57 - 00000000 ____D () C:\ProgramData\CanonIJScan
2014-02-16 22:28 - 2014-02-16 22:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\FRST-OlderVersion
2014-02-16 03:30 - 2014-02-28 05:42 - 00059422 _____ () C:\Users\Jeremy\Desktop\Addition.txt
2014-02-16 03:29 - 2014-03-13 02:09 - 00014427 _____ () C:\Users\Jeremy\Desktop\FRST.txt
2014-02-16 03:29 - 2014-03-13 02:09 - 00000000 ____D () C:\FRST
2014-02-16 03:29 - 2014-03-13 02:08 - 02157056 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe
2014-02-16 02:44 - 2013-10-01 21:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-16 02:43 - 2013-10-01 22:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-16 02:43 - 2013-10-01 22:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-16 02:43 - 2013-10-01 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-16 02:43 - 2013-10-01 21:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-16 02:43 - 2013-10-01 21:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-16 02:43 - 2013-10-01 21:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-16 02:43 - 2013-10-01 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-16 02:43 - 2013-10-01 20:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-16 02:43 - 2013-10-01 20:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-16 02:43 - 2013-10-01 20:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-16 02:43 - 2013-10-01 20:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-16 02:43 - 2013-10-01 19:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-16 02:43 - 2013-10-01 19:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-16 02:43 - 2013-10-01 19:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-16 02:43 - 2013-10-01 18:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-16 02:40 - 2013-09-24 22:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-16 02:40 - 2013-09-24 21:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-15 15:28 - 2014-02-15 20:24 - 00000000 ____D () C:\Users\Jeremy\Desktop\Smackdown
2014-02-14 10:17 - 2014-02-14 10:17 - 04721920 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup410.exe
2014-02-14 10:15 - 2014-02-14 10:16 - 00001152 _____ () C:\DelFix.txt
2014-02-13 03:31 - 2013-12-31 19:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 03:31 - 2013-12-31 19:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 03:31 - 2013-12-24 19:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 03:31 - 2013-12-24 18:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 03:31 - 2013-12-05 22:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 03:31 - 2013-12-05 22:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 03:31 - 2013-12-05 22:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 03:31 - 2013-12-05 22:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 03:31 - 2013-12-03 22:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 03:31 - 2013-12-03 22:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 03:31 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 03:31 - 2013-12-03 22:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 03:31 - 2013-12-03 22:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 03:31 - 2013-12-03 22:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 03:31 - 2013-12-03 22:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 03:31 - 2013-12-03 22:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 03:31 - 2013-12-03 22:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 03:31 - 2013-12-03 22:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 03:31 - 2013-12-03 22:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 03:31 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 03:31 - 2013-12-03 22:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 03:31 - 2013-12-03 22:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 03:31 - 2013-12-03 21:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 03:31 - 2013-12-03 21:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 03:31 - 2013-12-03 21:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 03:31 - 2013-12-03 21:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 03:31 - 2013-11-26 04:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 03:31 - 2013-11-22 18:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 06:24 - 2014-02-11 06:24 - 00024662 _____ () C:\Users\Jeremy\Desktop\ESET SCAN .txt
2014-02-11 02:33 - 2014-02-23 09:12 - 00000000 ____D () C:\Users\Jeremy\Desktop\backups
==================== One Month Modified Files and Folders =======
2014-03-13 02:09 - 2014-02-16 03:29 - 00014427 _____ () C:\Users\Jeremy\Desktop\FRST.txt
2014-03-13 02:09 - 2014-02-16 03:29 - 00000000 ____D () C:\FRST
2014-03-13 02:08 - 2014-02-16 03:29 - 02157056 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe
2014-03-13 01:59 - 2012-01-20 18:32 - 01355941 _____ () C:\Windows\WindowsUpdate.log
2014-03-13 01:47 - 2013-10-12 04:30 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-13 01:19 - 2012-02-03 05:22 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\foobar2000
2014-03-13 01:14 - 2013-09-05 18:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-13 01:08 - 2013-12-15 02:00 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job
2014-03-13 01:08 - 2013-12-15 02:00 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job
2014-03-12 23:19 - 2014-03-09 10:50 - 00000616 _____ () C:\Windows\setupact.log
2014-03-12 21:58 - 2014-03-12 21:58 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\ReverbNationPromoter
2014-03-12 07:47 - 2013-10-12 04:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 05:16 - 2012-05-10 08:02 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\FileZilla
2014-03-12 05:12 - 2014-03-12 05:12 - 04822473 _____ (Tim Kosse) C:\Users\Jeremy\Desktop\FileZilla_3.7.4.1_win32-setup.exe
2014-03-12 05:12 - 2012-05-10 08:02 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-03-11 14:05 - 2014-03-11 14:03 - 00000000 ____D () C:\Users\Jeremy\Desktop\The Jiggy Jaguar Show
2014-03-11 13:29 - 2013-05-14 09:46 - 00000000 ____D () C:\Users\Jeremy\Desktop\Market
2014-03-09 10:55 - 2009-07-14 00:45 - 00021296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-09 10:55 - 2009-07-14 00:45 - 00021296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-09 10:54 - 2009-07-14 01:13 - 00833198 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 10:50 - 2014-03-09 10:50 - 00007940 _____ () C:\Windows\PFRO.log
2014-03-09 10:50 - 2014-03-09 10:50 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-09 10:50 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-09 10:40 - 2014-03-09 10:40 - 04765152 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup411.exe
2014-03-09 10:40 - 2014-02-09 01:43 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-09 10:40 - 2013-06-28 10:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-09 10:34 - 2012-02-03 05:04 - 00000402 _____ () C:\Users\Jeremy\Desktop\Cue Up.txt
2014-03-09 07:59 - 2013-04-11 20:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-09 01:22 - 2014-02-08 08:15 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\CrashDumps
2014-03-09 01:22 - 2011-02-10 10:02 - 00000000 ____D () C:\Windows\panther
2014-03-08 14:13 - 2013-12-13 06:03 - 00000000 ____D () C:\Users\Jeremy\Desktop\Updates
2014-03-08 14:06 - 2012-02-03 04:04 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-03-08 13:57 - 2012-02-03 03:56 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Adobe
2014-03-08 13:56 - 2013-09-05 18:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-08 13:56 - 2013-05-10 04:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-08 13:56 - 2013-05-10 04:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-08 12:11 - 2014-03-08 12:11 - 00003136 _____ () C:\Windows\System32\Tasks\{BAEC0EE1-2A3E-4685-AEEB-26CA549B00A2}
2014-03-08 12:08 - 2014-03-08 12:08 - 01883792 _____ (Irfan Skiljan) C:\Users\Jeremy\Desktop\iview437_setup.exe
2014-03-05 07:07 - 2014-03-05 07:07 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher
2014-03-03 21:24 - 2014-03-03 21:24 - 00000033 _____ () C:\Users\Jeremy\Desktop\For jiggyjaguar.txt
2014-03-03 09:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-03 09:12 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\servicing
2014-03-03 09:08 - 2014-02-09 18:02 - 55915216 _____ (Microsoft Corporation) C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe
2014-03-03 05:02 - 2012-02-03 03:09 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\Dropbox
2014-03-02 20:08 - 2012-02-03 03:34 - 00000000 ___RD () C:\Users\Jeremy\Dropbox
2014-03-02 15:45 - 2013-08-24 05:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-28 05:42 - 2014-02-16 03:30 - 00059422 _____ () C:\Users\Jeremy\Desktop\Addition.txt
2014-02-25 11:51 - 2012-02-02 22:22 - 00111952 _____ () C:\Users\Jeremy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-25 11:49 - 2014-02-25 11:49 - 00000020 ___SH () C:\Users\Jeremy\ntuser.ini
2014-02-25 11:49 - 2012-02-02 22:17 - 00000000 ____D () C:\Users\Jeremy
2014-02-25 11:49 - 2010-11-21 03:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-25 11:49 - 2009-07-14 00:45 - 04979072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-25 11:47 - 2014-02-25 11:12 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-25 11:43 - 2009-07-13 22:34 - 00000581 _____ () C:\Windows\win.ini
2014-02-25 11:38 - 2011-02-10 12:10 - 00833198 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 11:01 - 2014-02-25 11:01 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JEREMY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-25 10:59 - 2014-02-25 10:59 - 00000000 ____D () C:\RegBackup
2014-02-25 10:57 - 2014-02-25 10:56 - 00000000 ____D () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair
2014-02-25 10:56 - 2014-02-25 10:56 - 03089596 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio.zip
2014-02-23 11:13 - 2014-02-23 11:13 - 00018305 _____ () C:\Users\Jeremy\Desktop\ESET SCAN.txt
2014-02-23 09:12 - 2014-02-11 02:33 - 00000000 ____D () C:\Users\Jeremy\Desktop\backups
2014-02-22 05:51 - 2014-02-22 05:51 - 00009366 _____ () C:\Users\Jeremy\Desktop\hijackthis.log
2014-02-22 05:49 - 2014-02-22 05:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy\Desktop\HijackThis.exe
2014-02-22 04:41 - 2013-12-03 05:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-22 04:40 - 2014-02-22 04:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-22 04:39 - 2014-02-22 04:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-22 04:39 - 2014-02-22 04:40 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-22 04:39 - 2014-02-22 04:40 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-22 04:39 - 2012-01-20 16:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-22 03:31 - 2013-12-03 05:51 - 00921000 _____ (Oracle Corporation) C:\Users\Jeremy\Desktop\jxpiinstall.exe
2014-02-22 02:50 - 2014-02-22 02:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-22 02:50 - 2012-02-03 03:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-22 02:50 - 2012-01-20 17:08 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-21 05:04 - 2012-02-02 22:22 - 00000000 ___RD () C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-20 16:17 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-02-20 07:29 - 2014-02-20 07:29 - 00000000 ____D () C:\_OTL
2014-02-19 05:46 - 2012-10-30 17:19 - 00000000 ____D () C:\Users\Jeremy\Desktop\- TV
2014-02-18 22:33 - 2014-02-18 22:25 - 00124930 _____ () C:\Users\Jeremy\Desktop\Extras.Txt
2014-02-18 22:25 - 2014-02-18 22:25 - 00115186 _____ () C:\Users\Jeremy\Desktop\OTL.Txt
2014-02-18 22:16 - 2014-02-18 22:16 - 00602112 _____ (OldTimer Tools) C:\Users\Jeremy\Desktop\OTL.exe
2014-02-18 15:50 - 2014-02-18 15:33 - 00000000 ____D () C:\Users\Jeremy\Desktop\RK_Quarantine
2014-02-18 15:33 - 2014-02-18 15:33 - 04408320 _____ () C:\Users\Jeremy\Desktop\RogueKillerX64.exe
2014-02-18 15:32 - 2013-10-07 04:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-18 15:08 - 2013-10-27 13:41 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-18 15:07 - 2014-02-02 02:27 - 00000000 ____D () C:\Users\Jeremy\Desktop\For Malware Bytes
2014-02-18 08:57 - 2014-02-18 08:56 - 00000000 ____D () C:\ProgramData\CanonIJMIG
2014-02-18 08:57 - 2014-02-18 08:53 - 00000000 ____D () C:\ProgramData\CanonIJScan
2014-02-18 08:53 - 2013-02-02 06:07 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\canon
2014-02-16 22:35 - 2014-01-05 07:45 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-16 22:35 - 2013-12-15 15:26 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-16 22:35 - 2013-08-24 05:03 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-16 22:35 - 2013-08-24 05:03 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-16 22:35 - 2013-08-24 05:03 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-16 22:35 - 2013-08-24 05:03 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-16 22:35 - 2013-08-24 05:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-16 22:28 - 2014-02-16 22:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\FRST-OlderVersion
2014-02-16 12:32 - 2012-02-07 05:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\WrestlingAudio.com
2014-02-16 02:51 - 2013-07-22 23:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 02:45 - 2012-02-03 04:13 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 20:24 - 2014-02-15 15:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\Smackdown
2014-02-15 08:42 - 2013-10-12 04:30 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 08:42 - 2013-10-12 04:30 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 23:20 - 2012-05-02 21:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 10:17 - 2014-02-14 10:17 - 04721920 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup410.exe
2014-02-14 10:16 - 2014-02-14 10:15 - 00001152 _____ () C:\DelFix.txt
2014-02-14 10:15 - 2013-05-16 00:48 - 00000000 ____D () C:\Windows\ERUNT
2014-02-14 10:08 - 2013-06-27 11:12 - 00000000 ____D () C:\Windows\erdnt
2014-02-11 06:24 - 2014-02-11 06:24 - 00024662 _____ () C:\Users\Jeremy\Desktop\ESET SCAN .txt
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 16:07
==================== End Of Log ============================ -
It's ok. Well Internet Explorer is still not working, but the software that needs to work in conjunction with it has been working. So disabling the add-ons in Internet Explorer may have done the trick even though Internet Explorer itself is not working. That's good enough for me since I don't actually use Internet Explorer. I don't know if anything else can be done for all the other issues that I still have which I have had for these 2 last threads that I've made on here. I can't fault you guys fornot being able to fix it because I think it's quite possibly an issue with my computer. I imagine I am at fault because I'm not willing to re-install windows as I've never done that before, and don't trust myself at all to have all of my programs up and running properly since I was never taught how to do that. Alot of it has been set up for me over the years so I never did that with any computer I've had. The BSOD's never came back which is a good sign. If there's anything else you can think of to try to fix the problems with program hang ups, and program processes not ending after I terminate it then let me know. I've had this computer for 2 years now, and I think I've done a pretty good job maintaining the computer health. I think maybe viruses or malware from the past could have damaged it, but I'm not sure.
-
I tried what was suggested though it's talking about Internet Explorer 7 while mine is Internet Explorer 11. I couldn't run Internet Explorer (No Add-Ons) normally so I had to run as administrator. I disabled all the add-ons, but Internet Explorer still won't launch normally without running it as administrator.
-
Yes I've done this multiple times, and did it again after reading this. It still won't launch.
-
I would really like to get the Internet Explorer problem fixed because the fact it's not working has been hurting my music promotion since I can't use one of my programs. It needs to work with Internet Explorer.
-
You mean re-install windows? I've never done that before, and I would screw it up. My friend who I no longer have set up my computer for me cause I don't know how to set up every little thing that he set up for me. So even if you guys assisted me I would be very unhappy with that because there's so many things that have to be configured properly. He did all of that, and I'm not going to even try to mess with things to that extreme. I always have malware on my computer if you consider PUP's malware. I just did a scan with malware bytes and it found 268 PUP's! Even when we do what we do and the logs are clean, the PUP's always come back.
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.03.03.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Jeremy :: JEREMY-PC [administrator]
3/3/2014 5:58:02 AM
mbam-log-2014-03-03 (05-58-02).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 230953
Time elapsed: 6 minute(s), 17 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 268
C:\Users\Jeremy\AppData\Local\Temp\1020.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\10D9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1314.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1542.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\155A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1612.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1677.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\169.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\19AD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1CCE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1DAF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1E57.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1EA1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\1FC5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\20D7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2112.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\219A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\21A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\21A5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2265.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\252B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\260B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\27A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2A58.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2AE2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2C87.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2CFF.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2D3F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2D51.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2DC1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2DD1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3089.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3093.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3098.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3099.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\309A.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\309B.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\309C.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\30A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\30AC.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3173.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\31DB.tmp (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\333B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3374.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\36D8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\37BF.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\386D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\387B.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\39AD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3A88.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3A9E.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3AC9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3AEE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3BE0.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3D87.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3DA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3E1D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\41AE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\41D7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4445.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\44DD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\454B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4693.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\46E7.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\49B1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4A05.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4AAA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4AB5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4ABF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4B00.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4B20.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4B40.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4BE5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4C2A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4C64.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4C93.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4CC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4CD1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4EC8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4ED7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4F3B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4F68.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\51FF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\532E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\535E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5403.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5438.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\55B8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\55FA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5650.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5770.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5977.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5C0E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5C17.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5DD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5EF4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\60A3.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\60A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\60B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6111.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6166.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\61EE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\620.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6292.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\63DB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\668B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6779.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\67AC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\67B8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\68D8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6909.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6B10.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6BAA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6BAC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6C96.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6CBC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6DA8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6E24.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6E32.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6EB7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6F6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\7228.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\733C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\737B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\7502.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\78C6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\791B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\7A7A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\7A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\7B9C.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\7ED.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\7FAA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\80E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8109.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\83BF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\850E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8668.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8754.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\875A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\882F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\88B9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\88BC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\88EA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8BC2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8C13.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8E87.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8F10.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8F38.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8F64.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\9377.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\946E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\9513.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\96D1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\99DE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\9BA2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\9BFC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\9D71.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\9DB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A110.tmp (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A273.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A44B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A51F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A61C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A627.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A6A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A6ED.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A7D2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A83C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A847.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A98A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\AA4B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\AC02.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\AC5F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\AD99.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\ADEF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\AEA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\AFEE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B08D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B142.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B1B2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B236.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B26D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B2B8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B53F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B541.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\BA2B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\BA69.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\BD01.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\BD6E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\BDE8.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C071.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C17C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C184.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C27.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C28.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C2DA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C5A4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C64.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C728.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C9C0.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CE3E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CE9D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CEBD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CEF7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CFC1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D045.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D1E7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D363.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D38B.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D7A2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D8D1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DA58.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DABC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DB46.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DB5F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DB86.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DBB8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DBBB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DD55.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DD8C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DE5E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DEF8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DFD6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E0F2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E177.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E18F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E1C8.tmp (PUP.Optional.OneClickDownloader.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E2EA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E39E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E49E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E57E.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E57F.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E580.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E581.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E582.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E583.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E69F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E760.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E80E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E8B4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E900.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E9F5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EA36.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EAB1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EBAD.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EBBE.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EC30.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\ED35.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\ED36.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EE02.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EED1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F1BF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F1E.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F237.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F240.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F2D7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F531.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F84F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F880.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F8F6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\FA1C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\FAA7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\FB68.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\FBD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\FBE6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\FD4C.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\FE16.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\FECC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
(end)
-
Yeah I'm having even quicker program crashes now.
-
Still haven't used the programs to see, won't be using them till tonight probably. I re-did the steps, but when I uncheck avast on both the services and startup tab then click apply it just re-checks avast on both tabs.
-
Ok I just did the first step of unchecking everything, but I didn't uncheck the avast anti-virus because it seems self-explanatory to not check it. Should I have unchecked that as well. I need to get sleep so when I use programs, I will see if I have any issues. Internet Explorer still doesn't work. If nothing changes and the issues persist, what do I do? I see what I should do if things are getting better, but not the other way around.
-
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-02-2014 02
Ran by Jeremy at 2014-02-28 04:40:12
Running from C:\Users\Jeremy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAMS Auto Audio Mastering System V2.5 (HKLM-x32\...\AAMS Auto Audio Mastering System V2.5) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version: - )
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content (HKLM-x32\...\Adobe Premiere Elements 10 Content) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 Content (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AIM for Windows (HKCU\...\AIM) (Version: - AOL Inc.)
AIPL WarmTone DX v2.2 (HKLM-x32\...\AIPL WarmTone DX v2.2) (Version: - )
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version: - )
Antares Microphone Modeler - ZONE (HKLM-x32\...\Antares Microphone Modeler - ZONE) (Version: - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo)
Blaine's Alias Title (HKLM\...\{2758AEE7-EDC9-49B6-9498-7FF378944F3C}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Bloom/Negative Effects (HKLM\...\{4FC89A20-FA00-4AD7-B5E6-AC64E67C4273}) (Version: 1.1.0 - Blaine's Movie Maker Blog)
Blaine's Cartoonify Effects (HKLM\...\{442935B7-87F8-4D86-9E76-41F5A0D82132}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Color Fade Effects (HKLM\...\{1A2D9795-4979-447B-BB34-B8DE7A45B8CE}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Contrast Effects (HKLM\...\{B9BB9850-4A9F-4D16-8089-82EDA9F69650}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Custom Dreamy Look Title (HKLM\...\{36F14E9E-3F89-43EF-948D-D4E1A9021508}) (Version: 2.0.1 - Blaine's Movie Maker Blog)
Blaine's Custom Speed Effects (HKLM\...\{35F7B5BB-670F-4E71-9ED2-C772F17B3C8F}) (Version: 2.0.1 - Blaine's Movie Maker Blog)
Blaine's Film Looks Effects (HKLM\...\{95BCCCA2-447E-4F8F-A4C5-49D5700BE627}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Letterbox Effects (HKLM\...\{53EE9AAB-CD12-454C-BDD8-32BDC289757F}) (Version: 1.0.3 - Blaine's Movie Maker Blog)
Blaine's Pixelate Effects (HKLM\...\{299687D9-4E2A-41F5-84B4-2145AD3A866A}) (Version: 1.0.2 - Blaine's Movie Maker Blog)
Blaine's TV Signal Effects (HKLM\...\{344B6293-5ED2-4091-A574-8D5D14D65AB3}) (Version: 1.0.0 - Blaine's Movie Maker Blog)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG2200 series User Registration (HKLM-x32\...\Canon MG2200 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSELPH110HS_IXUS125HS) (Version: 1.0.0.7 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.1.1.19 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3099 - CDBurnerXP)
ClickFix Lite for Adobe Audition version 3.04 (remove only) (HKLM-x32\...\ClickFix Lite for Adobe Audition version 3.04) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.4.0 - Conexant)
ContaCam (HKLM-x32\...\ContaCam) (Version: 4.0.5 - Contaware.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
EULAlyzer 2.2 (HKLM-x32\...\EULAlyzer_is1) (Version: 2.2.0 - BrightFort LLC)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FastStone Capture 6.8 (HKLM-x32\...\FastStone Capture) (Version: 6.8 - FastStone Soft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.5.9 - Telerik)
FileZilla Client 3.7.3 (HKLM-x32\...\FileZilla Client) (Version: 3.7.3 - Tim Kosse)
foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski)
Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright© 2005-2013 FreeSoundRecorder Technologies, Inc.)
FreeUndelete 2.1.36867.1 (HKLM-x32\...\{0F5ADA2F-C0B2-4AD6-8FF7-7DFA9D6B4CBA}) (Version: 2.1.36867.1 - Recoveronix)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.24.000 - Runtime Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - )
HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.1.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MixMeister Studio 7.2.2 (HKLM-x32\...\MixMeister Studio 7.2.2_is1) (Version: - )
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Moyea FLV to Video Converter Pro version 1.29.2.11 (HKLM-x32\...\{A777CB31-A5EC-4E32-A462-2E24F45D4D4F}_is1) (Version: - )
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mp3 Song Plays Increaser (HKLM-x32\...\{FBC0353C-CAFA-4648-91BC-9299774A80E8}) (Version: 1.0.3 - mp3songplays.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OLYMPUS Master 2 (HKLM-x32\...\{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}) (Version: 1.0.13 - OLYMPUS IMAGING CORP.)
Paltalk Messenger 11.2 (HKLM-x32\...\Paltalk Messenger) (Version: 11.2.0 - AVM Software Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Recuva (HKLM\...\Recuva) (Version: 1.37 - Piriform)
Sandboxie 4.04 (64-bit) (HKLM\...\Sandboxie) (Version: 4.04 - Sandboxie Holdings, LLC)
Share YouTube Videos version 1 (HKLM-x32\...\{55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1) (Version: 1 - )
Simple Search-Replace (HKLM-x32\...\{85BEDB91-5AB4-4066-8946-4EE980950F82}) (Version: 1.08.0000 - RJL Software, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
Sonic Foundry ACID 4.0e (HKLM-x32\...\{9B7DE025-A6AF-446B-86BE-3BD9604B498A}) (Version: 4.0.408 - Sonic Foundry)
Sony Sound Forge 7.0 (HKLM-x32\...\{0712667C-A171-49AE-A098-4ACDA28625F8}) (Version: 7.0.214 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Universal Audio v4.4.0 Native (HKLM-x32\...\Universal Audio v4.4.0 Native) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{8F32B14E-F85E-482C-BF8C-C04E1A5ADE4F}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version: - )
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809 - Microsoft Corporation) Hidden
==================== Restore Points =========================
21-02-2014 08:36:21 Windows Modules Installer
21-02-2014 08:46:31 Windows Update
21-02-2014 08:58:38 Windows Update
22-02-2014 05:26:46 Revo Uninstaller's restore point - Adobe Reader XI (11.0.05)
22-02-2014 06:34:58 Revo Uninstaller's restore point - Adobe Photoshop.com Inspiration Browser
22-02-2014 06:35:33 Removed Adobe Photoshop.com Inspiration Browser
22-02-2014 07:32:13 Removed Java 7 Update 51
22-02-2014 08:39:35 Installed Java 7 Update 51
25-02-2014 11:42:50 Windows Update
25-02-2014 14:59:33 Tweaking.com - Windows Repair
==================== Hosts content: ==========================
2012-02-03 06:35 - 2014-02-25 10:43 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {000BB44C-CE99-4636-893C-73FD773565F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {1F98F092-786D-4758-93FA-BB2417F803F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {45063B76-A9B1-4603-9713-97C6707EF7C9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-16] (AVAST Software)
Task: {683E96DA-D02F-49A0-B2C5-92EE1ABC6674} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.)
Task: {68FD1AED-AB87-4272-804A-71E26C6C771A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMLJLMNJHMNJJMNJNJCNLJMJHMLMCNLMMJJJNJCNHMJMKJKJCNNJNJKMGMMJNJNJHMHMJJGMKJJNJICMIMCNGMCNPMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMLMJNHICMEKMICNJJCKJNBJCMFLKJNIKJCJGIJNKJCMJNNICMJNDJCMKJBJ"
Task: {72AC25D4-AFF2-4C7F-83D2-00CCA50383AB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {77F35599-F36B-4ED7-B88D-EAF50A444D3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {C0D1F864-CDC5-4232-974C-01C2003C9936} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {EE44E6C4-F4D7-46EB-B9D2-0080B4AEE915} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-09] (Adobe Systems Incorporated)
Task: {F0EFFE04-2F5C-4341-8D1C-D8FC357FF2C9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-01-20 17:07 - 2011-01-27 10:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-08 02:48 - 2013-11-08 02:48 - 01279512 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe
2011-09-02 03:30 - 2011-09-02 03:30 - 00149680 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\PreRegistration.dll
2011-09-02 03:36 - 2011-09-02 03:36 - 01341616 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\EUIFramework.dll
2011-09-02 03:36 - 2011-09-02 03:36 - 08938672 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\UIFramework.dll
2011-09-02 03:34 - 2011-09-02 03:34 - 00033456 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Startup.dll
2011-09-02 03:30 - 2011-09-02 03:30 - 08055472 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Premiere.dll
2011-09-02 03:38 - 2011-09-02 03:38 - 00340656 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\OLS.dll
2011-09-02 03:35 - 2011-09-02 03:35 - 09241776 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Mezzanine.dll
2011-09-02 03:32 - 2011-09-02 03:32 - 03793584 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\AMocWrapper.dll
2011-09-02 03:33 - 2011-09-02 03:33 - 11961008 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HSL.dll
2011-09-02 03:32 - 2011-09-02 03:32 - 00607920 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerSharingCenter.dll
2011-09-02 03:31 - 2011-09-02 03:31 - 00993968 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerOrganizer.dll
2011-09-02 03:31 - 2011-09-02 03:31 - 00373424 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerMovieTheme.dll
2011-09-02 03:38 - 2011-09-02 03:38 - 00605360 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerDVDLayout.dll
2011-09-02 03:32 - 2011-09-02 03:32 - 02809520 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerTimeline.dll
2011-09-02 03:32 - 2011-09-02 03:32 - 02973360 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerProject.dll
2011-09-02 03:31 - 2011-09-02 03:31 - 01899184 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerMonitor.dll
2011-09-02 03:31 - 2011-09-02 03:31 - 00166064 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerInfo.dll
2011-09-02 03:30 - 2011-09-02 03:30 - 00171696 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerHistory.dll
2011-09-02 03:30 - 2011-09-02 03:30 - 00109744 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerGetProperties.dll
2011-09-02 03:30 - 2011-09-02 03:30 - 00096944 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerEvents.dll
2011-09-02 03:30 - 2011-09-02 03:30 - 03462320 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerEffectControls.dll
2011-09-02 03:38 - 2011-09-02 03:38 - 01187504 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerCapture.dll
2011-09-02 03:38 - 2011-09-02 03:38 - 00285872 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerAudioNarration.dll
2011-09-02 03:37 - 2011-09-02 03:37 - 00924848 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HandlerAudioMixer.dll
2011-09-02 03:30 - 2011-09-02 03:30 - 00215728 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\ContentAnalysisHost.dll
2011-09-02 03:34 - 2011-09-02 03:34 - 01169584 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\DVDCreator.dll
2011-09-02 03:30 - 2011-09-02 03:30 - 00189616 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\AdobeASWrapperClient.dll
2011-09-02 03:34 - 2011-09-02 03:34 - 00084656 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\DVDStructures.dll
2011-09-02 03:36 - 2011-09-02 03:36 - 00039600 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\BackendLegacyLib.dll
2011-09-02 03:31 - 2011-09-02 03:31 - 00028848 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Localeresources\en_US\Mezzanine_en_US.DLL
2011-09-02 03:31 - 2011-09-02 03:31 - 00021168 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Localeresources\en_US\HSL_en_US.DLL
2011-09-02 03:31 - 2011-09-02 03:31 - 00041648 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Localeresources\en_US\HandlerDVDLayout_en_US.DLL
2011-09-02 03:32 - 2011-09-02 03:32 - 00048304 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\HeadlightsWrapper.dll
2011-09-02 03:36 - 2011-09-02 03:36 - 01261744 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\TitlerCreator.dll
2011-09-02 03:37 - 2011-09-02 03:37 - 00070320 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\BravoInitializer.dll
2011-09-02 03:33 - 2011-09-02 03:33 - 02190512 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\ImageRenderer.dll
2011-09-02 03:37 - 2011-09-02 03:37 - 00017072 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\ObjectTrackingWrapper.dll
2011-09-02 01:01 - 2011-09-02 01:01 - 00015872 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\WaveAE.prm
2011-09-02 03:37 - 2011-09-02 03:37 - 07884976 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\AdobeElements5.dll
2011-09-02 03:32 - 2011-09-02 03:32 - 00154288 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\ARA.dll
2011-09-02 01:01 - 2011-09-02 01:01 - 10999296 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\CartoonrPlus.aex
2011-09-02 01:01 - 2011-09-02 01:01 - 00015872 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\MetallicGoldAE.prm
2011-09-02 01:01 - 2011-09-02 01:01 - 00015872 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\Plug-ins\Common\NewBlue\MetallicCopperAE.prm
2011-09-02 03:36 - 2011-09-02 03:36 - 00299184 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\MOG_Framework_2.1.2.dll
2014-02-25 09:05 - 2014-02-25 03:47 - 02182144 _____ () C:\Program Files\AVAST Software\Avast\defs\14022500\algo.dll
2014-02-27 18:33 - 2014-02-27 15:19 - 02186240 _____ () C:\Program Files\AVAST Software\Avast\defs\14022701\algo.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-15 14:26 - 2013-12-15 14:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-20 22:50 - 2014-02-19 20:02 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\chrome_elf.dll
2013-08-07 14:25 - 2013-08-07 14:25 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-02-20 22:50 - 2014-02-19 20:02 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libglesv2.dll
2014-02-20 22:50 - 2014-02-19 20:02 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\libegl.dll
2014-02-20 22:50 - 2014-02-19 20:03 - 04060488 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\pdf.dll
2014-02-20 22:50 - 2014-02-19 20:03 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll
2014-02-20 22:50 - 2014-02-19 20:02 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\ffmpegsumo.dll
2013-04-11 19:58 - 2014-02-14 09:09 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-11-18 05:11 - 2013-11-14 13:00 - 01235456 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-55.dll
2013-11-18 05:11 - 2013-11-14 13:00 - 08113152 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-55.dll
2013-11-18 05:11 - 2013-11-14 13:00 - 00358912 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-52.dll
2013-11-18 05:11 - 2013-11-14 13:00 - 00235008 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\libbluray.dll
2013-11-18 05:11 - 2013-11-14 13:00 - 00385024 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll
2013-11-18 05:11 - 2013-11-14 13:00 - 00212480 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll
2013-11-18 05:11 - 2013-11-14 13:00 - 00120832 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avresample-lav-1.dll
2014-02-09 02:49 - 2014-02-09 02:49 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
2013-10-05 12:33 - 2008-06-12 13:56 - 00971776 _____ () C:\Program Files (x86)\Steinberg\VstPlugins\PitchShifter.dll
2014-02-20 22:50 - 2014-02-19 20:03 - 13632840 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll
2011-09-02 03:34 - 2011-09-02 03:34 - 01839792 _____ () C:\Program Files\Adobe\Adobe Premiere Elements 10\32\ImageRenderer.dll
2013-11-08 01:47 - 2013-11-08 01:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\..\cef\hitleap-viewer-browser.exe
2013-11-08 01:47 - 2013-11-08 01:47 - 36561408 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\libcef.dll
2013-11-08 01:47 - 2013-11-08 01:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe
2013-11-08 01:47 - 2013-11-08 01:47 - 00862208 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk => C:\Windows\pss\ImageBrowser EX Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MailWasher.lnk => C:\Windows\pss\MailWasher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tube Bot.lnk => C:\Windows\pss\Tube Bot.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_10354613.lnk => C:\Windows\pss\_uninst_10354613.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_24441005.lnk => C:\Windows\pss\_uninst_24441005.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_51818170.lnk => C:\Windows\pss\_uninst_51818170.lnk.Startup
MSCONFIG\startupreg: AddMeFastBotv4.exe => D:\- Jeremy\- Programs\- Website Tools\- Bots\AddMeFastBotv4.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jeremy\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrowseForTheCause => C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe
MSCONFIG\startupreg: BrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\BrowserSyncSetup.exe"repair update startup
MSCONFIG\startupreg: CAHeadless => C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: ContaCam => C:\Program Files (x86)\ContaCam\ContaCam.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: EV_Autowatcher_Download-Carbon0x => C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_6D3B45FEBE36B822DCB3796A57AA2386 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IEBrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\IE\IEBrowserSync.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
MSCONFIG\startupreg: Pinger => "C:\Program Files (x86)\Pinger\Pinger.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Jeremy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: ThreadManager.exe => C:\Program Files (x86)\Thread Manager\ThreadManager.exe
MSCONFIG\startupreg: urlspace => C:\Users\Jeremy\Desktop\Market\When Asleep\jingling.exe -h
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/27/2014 02:04:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: Audition.exe, version: 1.5.4124.1, time stamp: 0x40980e38
Faulting module name: Audition.exe, version: 1.5.4124.1, time stamp: 0x40980e38
Exception code: 0xc0000005
Fault offset: 0x00235f76
Faulting process id: 0x18d0
Faulting application start time: 0xAudition.exe0
Faulting application path: Audition.exe1
Faulting module path: Audition.exe2
Report Id: Audition.exe3
Error: (02/26/2014 05:01:38 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: dc8
Start Time: 01cf3241842ba386
Termination Time: 21
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: f87d8e68-9ecc-11e3-b2a5-d067e52c8165
Error: (02/25/2014 11:18:37 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5156. Message ID: [0x2509].
Error: (02/25/2014 11:14:52 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5800. Message ID: [0x2509].
Error: (02/25/2014 11:11:09 AM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 4.0.30319.18444 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5852. Message ID: [0x2509].
Error: (02/25/2014 10:40:16 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\OFFICESOFTWAREPROTECTIONPLATFORM\OSPPWMI.MOF while recovering .MOF file marked with autorecover.
Error: (02/25/2014 10:40:02 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\EN-US\AACLIENT.MFL while recovering .MOF file marked with autorecover.
Error: (02/25/2014 10:39:30 AM) (Source: Microsoft-Windows-WMI) (User: NT AUTHORITY)
Description: Error 0x8004401e encountered when trying to load MOF C:\WINDOWS\SYSTEM32\WBEM\AACLIENT.MOF while recovering .MOF file marked with autorecover.
Error: (02/25/2014 08:50:06 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1a18
Start Time: 01cf311e371c8db9
Termination Time: 240
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: b8dc51ea-9e23-11e3-a255-d067e52c8165
Error: (02/24/2014 00:06:44 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1234
Start Time: 01cf2fb2d3c400c9
Termination Time: 195
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 710b75fe-9d11-11e3-a255-d067e52c8165
System errors:
=============
Error: (02/26/2014 11:05:56 PM) (Source: DCOM) (User: )
Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}
Error: (02/25/2014 10:53:46 AM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (02/25/2014 10:50:07 AM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (02/25/2014 10:43:31 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT AUTHORITY)
Description: There was an error while attempting to read the local hosts file.
Error: (02/21/2014 04:12:03 AM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (02/21/2014 03:48:31 AM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (02/21/2014 03:31:16 AM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service terminated with the following error:
%%6701
Error: (02/21/2014 03:30:59 AM) (Source: Service Control Manager) (User: )
Description: The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
Error: (02/21/2014 03:03:51 AM) (Source: Disk) (User: )
Description: The device, \Device\Harddisk2\DR2, has a bad block.
Error: (02/21/2014 02:56:40 AM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-10-06 01:34:22.151
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-06 01:34:22.098
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-06 01:34:22.044
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-06 01:34:21.990
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 15:23:06.934
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 15:23:06.888
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 15:23:06.841
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 15:23:06.795
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-27 11:19:20.910
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-27 11:19:20.872
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 95%
Total physical RAM: 6056.63 MB
Available physical RAM: 250.57 MB
Total Pagefile: 12111.44 MB
Available Pagefile: 3721.81 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:239.23 GB) NTFS
Drive d: (Files) (Fixed) (Total:931.51 GB) (Free:90.77 GB) NTFS
Drive e: (Media) (Fixed) (Total:931.51 GB) (Free:139.78 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 3468B252)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 9D4CFAAC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 34ECB17F)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
==================== End Of Log ============================ -
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-02-2014 02
Ran by Jeremy (administrator) on JEREMY-PC on 28-02-2014 04:38:48
Running from C:\Users\Jeremy\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(MPC-HC Team) C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems®, Incorporated) C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems®, Incorporated) C:\Program Files (x86)\Adobe\Audition 1.5\Audition.exe
(Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Adobe Premiere Elements 10\Adobe Premiere Elements.exe
(Adobe Systems Incorporated ) C:\Program Files\Adobe\Adobe Premiere Elements 10\32\dynamiclinkmanager.exe
(Adobe Systems, Incorporated) C:\Program Files\Adobe\Adobe Premiere Elements 10\32\Adobe QT32 Server.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-02-16] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4055183432-471262313-3685020261-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_44_Plugin.exe [840584 2014-02-09] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 208.59.247.45 208.59.247.46
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer]107.6.133.8,23.23.180.210
FireFox:
========
FF ProfilePath: C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: iMacros for Firefox - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-02-18]
FF Extension: DownloadHelper - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-02-20]
FF Extension: Block site - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc} [2013-11-23]
FF Extension: X-notifier - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi [2013-09-21]
FF Extension: ReloadEvery - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-02-21]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-02-20]
FF Extension: Adblock Plus - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-21]
FF Extension: Greasemonkey - C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-10-06]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-08-24]
FF HKLM-x32\...\Firefox\Extensions: [fiddlerhook@fiddler2.com] - C:\Program Files (x86)\Fiddler2\FiddlerHook
FF Extension: FiddlerHook - C:\Program Files (x86)\Fiddler2\FiddlerHook [2014-02-09]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-10-08]
Chrome:
=======
CHR HomePage:
CHR Extension: (Easy Auto Refresh) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2014-02-21]
CHR Extension: (Google Docs) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-16]
CHR Extension: (Google Drive) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-16]
CHR Extension: (YouTube) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-16]
CHR Extension: (Nanny for Google Chrome ) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cljcgchbnolheggdgaeclffeagnnmhno [2014-02-21]
CHR Extension: (Google Search) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-16]
CHR Extension: (iMacros for Chrome) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2014-02-16]
CHR Extension: (avast! Online Security) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-21]
CHR Extension: (Website Blocker (Beta)) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-02-21]
CHR Extension: (Google Wallet) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-16]
CHR Extension: (Gmail) - C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-16]
CHR HKCU\...\Chrome\Extension: [pacgpkgadgmibnhpdidcnfafllnmeomc] - C:\Users\Jeremy\AppData\Local\CRE\pacgpkgadgmibnhpdidcnfafllnmeomc.crx [2014-02-16]
==================== Services (Whitelisted) =================
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-07-11] (SUPERAntiSpyware.com)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-20] (Adobe Systems)
R2 AdobeActiveFileMonitor10.0; C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-01] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-16] (AVAST Software)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [183896 2013-07-08] (Sandboxie Holdings, LLC)
S3 NisSrv; "C:\Program Files\Microsoft Security Client\NisSrv.exe" [X]
S4 wlcrasvc; "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" [X]
==================== Drivers (Whitelisted) ====================
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [29288 2010-12-24] (Wondershare)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-12-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-12-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-16] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-01-05] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-03] (DT Soft Ltd)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [199384 2013-07-08] (Sandboxie Holdings, LLC)
R3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1307648 2009-09-30] (C-Media Electronics Inc)
R3 VSTWinDriver6; C:\Windows\System32\drivers\VSTwindrvr6.sys [252928 2008-07-03] (Jungo)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
U3 DfSdkS;
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-25 10:49 - 2014-02-25 10:49 - 00000020 ___SH () C:\Users\Jeremy\ntuser.ini
2014-02-25 10:12 - 2014-02-25 10:47 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-25 10:01 - 2014-02-25 10:01 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JEREMY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\RegBackup
2014-02-25 09:56 - 2014-02-25 09:57 - 00000000 ____D () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair
2014-02-25 09:56 - 2014-02-25 09:56 - 03089596 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio.zip
2014-02-24 12:35 - 2014-02-24 12:36 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher
2014-02-23 10:13 - 2014-02-23 10:13 - 00018305 _____ () C:\Users\Jeremy\Desktop\ESET SCAN.txt
2014-02-22 04:51 - 2014-02-22 04:51 - 00009366 _____ () C:\Users\Jeremy\Desktop\hijackthis.log
2014-02-22 04:49 - 2014-02-22 04:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy\Desktop\HijackThis.exe
2014-02-22 04:42 - 2014-02-27 13:40 - 00002240 _____ () C:\Windows\setupact.log
2014-02-22 04:42 - 2014-02-22 04:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-22 04:41 - 2014-02-25 10:49 - 00021422 _____ () C:\Windows\PFRO.log
2014-02-22 03:40 - 2014-02-22 03:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-22 03:40 - 2014-02-22 03:39 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-22 03:40 - 2014-02-22 03:39 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-22 03:40 - 2014-02-22 03:39 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-22 01:50 - 2014-02-22 01:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-21 03:59 - 2014-02-06 07:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-21 03:59 - 2014-02-06 06:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-21 03:59 - 2014-02-06 06:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-21 03:59 - 2014-02-06 06:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-21 03:59 - 2014-02-06 06:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-21 03:59 - 2014-02-06 06:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-21 03:59 - 2014-02-06 05:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-21 03:59 - 2014-02-06 05:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-21 03:59 - 2014-02-06 05:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-21 03:59 - 2014-02-06 05:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-21 03:59 - 2014-02-06 05:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-21 03:59 - 2014-02-06 05:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-21 03:59 - 2014-02-06 05:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-21 03:59 - 2014-02-06 05:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-21 03:59 - 2014-02-06 05:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-21 03:59 - 2014-02-06 05:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-21 03:59 - 2014-02-06 05:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-21 03:59 - 2014-02-06 05:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-21 03:59 - 2014-02-06 05:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-21 03:59 - 2014-02-06 04:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-21 03:59 - 2014-02-06 04:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-21 03:59 - 2014-02-06 04:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-21 03:59 - 2014-02-06 04:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-21 03:59 - 2014-02-06 04:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-21 03:59 - 2014-02-06 04:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-21 03:59 - 2014-02-06 04:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-21 03:59 - 2014-02-06 04:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-21 03:59 - 2014-02-06 04:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-21 03:59 - 2014-02-06 04:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-21 03:59 - 2014-02-06 04:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-21 03:59 - 2014-02-06 04:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-21 03:59 - 2014-02-06 04:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-21 03:59 - 2014-02-06 04:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-21 03:59 - 2014-02-06 04:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-21 03:59 - 2014-02-06 03:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-21 03:59 - 2014-02-06 03:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-21 03:59 - 2014-02-06 03:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-21 03:59 - 2014-02-06 03:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-21 03:59 - 2014-02-06 03:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-21 03:59 - 2013-12-21 04:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-21 03:59 - 2013-12-21 03:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-20 06:29 - 2014-02-20 06:29 - 00000000 ____D () C:\_OTL
2014-02-18 21:25 - 2014-02-18 21:33 - 00124930 _____ () C:\Users\Jeremy\Desktop\Extras.Txt
2014-02-18 21:25 - 2014-02-18 21:25 - 00115186 _____ () C:\Users\Jeremy\Desktop\OTL.Txt
2014-02-18 21:16 - 2014-02-18 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\Jeremy\Desktop\OTL.exe
2014-02-18 14:44 - 2014-02-18 14:44 - 00003589 _____ () C:\Users\Jeremy\Desktop\RKreport[0]_D_02182014_144400.txt
2014-02-18 14:37 - 2014-02-18 14:37 - 00004094 _____ () C:\Users\Jeremy\Desktop\RKreport[0]_S_02182014_143752.txt
2014-02-18 14:33 - 2014-02-18 14:50 - 00000000 ____D () C:\Users\Jeremy\Desktop\RK_Quarantine
2014-02-18 14:33 - 2014-02-18 14:33 - 04408320 _____ () C:\Users\Jeremy\Desktop\RogueKillerX64.exe
2014-02-18 07:56 - 2014-02-18 07:57 - 00000000 ____D () C:\ProgramData\CanonIJMIG
2014-02-18 07:53 - 2014-02-18 07:57 - 00000000 ____D () C:\ProgramData\CanonIJScan
2014-02-18 07:45 - 2014-02-18 13:59 - 00000000 ____D () C:\Users\Jeremy\Desktop\RAW
2014-02-16 21:28 - 2014-02-16 21:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\FRST-OlderVersion
2014-02-16 05:26 - 2013-11-26 18:29 - 05693440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-02-16 05:26 - 2013-11-26 17:49 - 06573056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-02-16 02:30 - 2014-02-16 02:32 - 00047814 _____ () C:\Users\Jeremy\Desktop\Addition.txt
2014-02-16 02:29 - 2014-02-28 04:39 - 00016426 _____ () C:\Users\Jeremy\Desktop\FRST.txt
2014-02-16 02:29 - 2014-02-28 04:38 - 00000000 ____D () C:\FRST
2014-02-16 02:29 - 2014-02-28 04:30 - 02155520 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe
2014-02-16 01:44 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-02-16 01:43 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-02-16 01:43 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-02-16 01:43 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-02-16 01:43 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-02-16 01:43 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-02-16 01:43 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-02-16 01:43 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-02-16 01:43 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-02-16 01:43 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-02-16 01:43 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-02-16 01:43 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-02-16 01:43 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-02-16 01:43 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-02-16 01:43 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-02-16 01:43 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-02-16 01:40 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-02-16 01:40 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-02-15 14:28 - 2014-02-15 19:24 - 00000000 ____D () C:\Users\Jeremy\Desktop\Smackdown
2014-02-14 09:17 - 2014-02-14 09:17 - 04721920 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup410.exe
2014-02-14 09:15 - 2014-02-14 09:16 - 00001152 _____ () C:\DelFix.txt
2014-02-13 02:31 - 2013-12-31 18:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 02:31 - 2013-12-31 18:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 02:31 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 02:31 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 02:31 - 2013-12-05 21:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 02:31 - 2013-12-05 21:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 02:31 - 2013-12-05 21:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 02:31 - 2013-12-05 21:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 02:31 - 2013-12-03 21:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 02:31 - 2013-12-03 21:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 02:31 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 02:31 - 2013-12-03 21:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 02:31 - 2013-12-03 21:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 02:31 - 2013-12-03 21:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 02:31 - 2013-12-03 21:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 02:31 - 2013-12-03 21:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 02:31 - 2013-12-03 21:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 02:31 - 2013-12-03 21:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 02:31 - 2013-12-03 21:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 02:31 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 02:31 - 2013-12-03 21:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 02:31 - 2013-12-03 21:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 02:31 - 2013-12-03 20:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 02:31 - 2013-12-03 20:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 02:31 - 2013-12-03 20:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 02:31 - 2013-12-03 20:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 02:31 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 02:31 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 05:24 - 2014-02-11 05:24 - 00024662 _____ () C:\Users\Jeremy\Desktop\ESET SCAN .txt
2014-02-11 01:33 - 2014-02-23 08:12 - 00000000 ____D () C:\Users\Jeremy\Desktop\backups
2014-02-10 00:35 - 2014-02-10 00:39 - 00000049 _____ () C:\Users\Jeremy\Desktop\Vocals Chains To Delete.txt
2014-02-09 17:02 - 2014-02-09 17:02 - 55915216 _____ (Microsoft Corporation) C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe
2014-02-09 16:50 - 2014-02-09 16:59 - 00000000 ____D () C:\Users\Jeremy\Documents\Fiddler2
2014-02-09 16:49 - 2014-02-09 16:50 - 00000000 ____D () C:\Program Files (x86)\Fiddler2
2014-02-09 15:17 - 2014-02-09 15:17 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\TeamViewer
2014-02-09 15:16 - 2014-02-09 15:16 - 05814120 _____ (TeamViewer GmbH) C:\Users\Jeremy\Desktop\TeamViewer_Setup_en.exe
2014-02-09 15:16 - 2014-02-09 15:16 - 00001164 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-09 15:16 - 2014-02-09 15:16 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-09 00:44 - 2014-02-09 00:44 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-09 00:43 - 2014-02-14 09:22 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-08 07:15 - 2014-02-27 02:04 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\CrashDumps
2014-02-07 22:34 - 2014-02-07 22:34 - 66963505 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(720p_H.264-AAC).mp4
2014-02-07 22:34 - 2014-02-07 22:34 - 63815791 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(720p_H.264-AAC).mp4
2014-02-07 22:34 - 2014-02-07 22:34 - 22989362 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(360p_VP8-Vorbis).webm
2014-02-07 22:31 - 2014-02-07 22:34 - 16442791 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(360p_H.264-AAC).mp4
2014-02-07 22:31 - 2014-02-07 22:31 - 20069413 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(360p_VP8-Vorbis).webm
2014-02-07 22:31 - 2014-02-07 22:31 - 16928555 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(360p_H.264-AAC).mp4
2014-02-07 22:29 - 2014-02-07 22:31 - 06795459 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(240p_H.264-AAC).3gp
2014-02-07 17:29 - 2014-02-07 17:31 - 08603169 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(240p_H.263-MP3).flv
2014-02-07 17:28 - 2014-02-07 17:29 - 02353391 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(144p_H.264-AAC).3gp
2014-02-04 01:57 - 2014-02-04 01:57 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2C241749.sys
2014-02-02 01:27 - 2014-02-18 14:07 - 00000000 ____D () C:\Users\Jeremy\Desktop\For Malware Bytes
2014-02-02 01:26 - 2014-02-02 01:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jeremy\Desktop\mbar-1.07.0.1009.exe
2014-02-01 01:34 - 2014-02-01 01:34 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\chc
==================== One Month Modified Files and Folders =======
2014-02-28 04:39 - 2014-02-16 02:29 - 00016426 _____ () C:\Users\Jeremy\Desktop\FRST.txt
2014-02-28 04:38 - 2014-02-16 02:29 - 00000000 ____D () C:\FRST
2014-02-28 04:30 - 2014-02-16 02:29 - 02155520 _____ (Farbar) C:\Users\Jeremy\Desktop\FRST64.exe
2014-02-28 04:14 - 2013-09-05 17:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-28 04:08 - 2013-12-15 01:00 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job
2014-02-28 03:47 - 2013-10-12 03:30 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-28 01:33 - 2012-02-03 04:22 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\foobar2000
2014-02-28 01:08 - 2013-12-15 01:00 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job
2014-02-27 20:44 - 2012-01-20 17:32 - 01659038 _____ () C:\Windows\WindowsUpdate.log
2014-02-27 13:40 - 2014-02-22 04:42 - 00002240 _____ () C:\Windows\setupact.log
2014-02-27 07:47 - 2013-10-12 03:30 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-27 02:04 - 2014-02-08 07:15 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\CrashDumps
2014-02-25 10:54 - 2009-07-14 00:13 - 00833198 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 10:54 - 2009-07-13 23:45 - 00021296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-25 10:54 - 2009-07-13 23:45 - 00021296 _____ () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-25 10:51 - 2013-05-14 08:46 - 00000000 ____D () C:\Users\Jeremy\Desktop\Market
2014-02-25 10:51 - 2012-02-02 21:22 - 00111952 _____ () C:\Users\Jeremy\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-25 10:49 - 2014-02-25 10:49 - 00000020 ___SH () C:\Users\Jeremy\ntuser.ini
2014-02-25 10:49 - 2014-02-22 04:41 - 00021422 _____ () C:\Windows\PFRO.log
2014-02-25 10:49 - 2012-02-02 21:17 - 00000000 ____D () C:\Users\Jeremy
2014-02-25 10:49 - 2010-11-21 02:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-02-25 10:49 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-25 10:49 - 2009-07-13 23:45 - 04979072 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-02-25 10:47 - 2014-02-25 10:12 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2014-02-25 10:43 - 2009-07-13 21:34 - 00000581 _____ () C:\Windows\win.ini
2014-02-25 10:38 - 2011-02-10 11:10 - 00833198 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-25 10:37 - 2012-02-03 02:09 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\Dropbox
2014-02-25 10:01 - 2014-02-25 10:01 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-JEREMY-PC-Microsoft-Windows-7-Home-Premium-(64-bit).dat
2014-02-25 09:59 - 2014-02-25 09:59 - 00000000 ____D () C:\RegBackup
2014-02-25 09:57 - 2014-02-25 09:56 - 00000000 ____D () C:\Users\Jeremy\Desktop\Tweaking.com - Windows Repair
2014-02-25 09:56 - 2014-02-25 09:56 - 03089596 _____ () C:\Users\Jeremy\Desktop\tweaking.com_windows_repair_aio.zip
2014-02-25 09:48 - 2012-02-03 04:04 - 00000408 _____ () C:\Users\Jeremy\Desktop\Cue Up.txt
2014-02-24 12:36 - 2014-02-24 12:35 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher
2014-02-23 23:56 - 2012-02-03 02:34 - 00000000 ___RD () C:\Users\Jeremy\Dropbox
2014-02-23 10:13 - 2014-02-23 10:13 - 00018305 _____ () C:\Users\Jeremy\Desktop\ESET SCAN.txt
2014-02-23 08:12 - 2014-02-11 01:33 - 00000000 ____D () C:\Users\Jeremy\Desktop\backups
2014-02-22 04:51 - 2014-02-22 04:51 - 00009366 _____ () C:\Users\Jeremy\Desktop\hijackthis.log
2014-02-22 04:49 - 2014-02-22 04:49 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jeremy\Desktop\HijackThis.exe
2014-02-22 04:42 - 2014-02-22 04:42 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-22 03:56 - 2011-02-10 09:02 - 00000000 ____D () C:\Windows\panther
2014-02-22 03:41 - 2013-12-03 04:56 - 00000000 ____D () C:\ProgramData\Oracle
2014-02-22 03:40 - 2014-02-22 03:40 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-02-22 03:39 - 2014-02-22 03:40 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-02-22 03:39 - 2014-02-22 03:40 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-02-22 03:39 - 2014-02-22 03:40 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-02-22 03:39 - 2012-01-20 15:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-02-22 02:31 - 2013-12-03 04:51 - 00921000 _____ (Oracle Corporation) C:\Users\Jeremy\Desktop\jxpiinstall.exe
2014-02-22 02:04 - 2012-02-03 02:56 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Adobe
2014-02-22 01:50 - 2014-02-22 01:50 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-22 01:50 - 2012-02-03 02:46 - 00000000 ____D () C:\ProgramData\Adobe
2014-02-22 01:50 - 2012-01-20 16:08 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-22 01:40 - 2013-12-13 05:03 - 00000000 ____D () C:\Users\Jeremy\Desktop\Updates
2014-02-21 04:09 - 2013-08-24 04:03 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-02-21 04:04 - 2012-02-02 21:22 - 00000000 ___RD () C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-21 03:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-02-20 15:17 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-02-20 06:29 - 2014-02-20 06:29 - 00000000 ____D () C:\_OTL
2014-02-19 04:46 - 2012-10-30 16:19 - 00000000 ____D () C:\Users\Jeremy\Desktop\- TV
2014-02-18 21:33 - 2014-02-18 21:25 - 00124930 _____ () C:\Users\Jeremy\Desktop\Extras.Txt
2014-02-18 21:25 - 2014-02-18 21:25 - 00115186 _____ () C:\Users\Jeremy\Desktop\OTL.Txt
2014-02-18 21:16 - 2014-02-18 21:16 - 00602112 _____ (OldTimer Tools) C:\Users\Jeremy\Desktop\OTL.exe
2014-02-18 14:50 - 2014-02-18 14:33 - 00000000 ____D () C:\Users\Jeremy\Desktop\RK_Quarantine
2014-02-18 14:44 - 2014-02-18 14:44 - 00003589 _____ () C:\Users\Jeremy\Desktop\RKreport[0]_D_02182014_144400.txt
2014-02-18 14:37 - 2014-02-18 14:37 - 00004094 _____ () C:\Users\Jeremy\Desktop\RKreport[0]_S_02182014_143752.txt
2014-02-18 14:33 - 2014-02-18 14:33 - 04408320 _____ () C:\Users\Jeremy\Desktop\RogueKillerX64.exe
2014-02-18 14:32 - 2013-10-07 03:54 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-02-18 14:08 - 2013-10-27 12:41 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-02-18 14:07 - 2014-02-02 01:27 - 00000000 ____D () C:\Users\Jeremy\Desktop\For Malware Bytes
2014-02-18 13:59 - 2014-02-18 07:45 - 00000000 ____D () C:\Users\Jeremy\Desktop\RAW
2014-02-18 07:57 - 2014-02-18 07:56 - 00000000 ____D () C:\ProgramData\CanonIJMIG
2014-02-18 07:57 - 2014-02-18 07:53 - 00000000 ____D () C:\ProgramData\CanonIJScan
2014-02-18 07:53 - 2013-02-02 05:07 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\canon
2014-02-16 21:35 - 2014-01-05 06:45 - 00080184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-02-16 21:35 - 2013-12-15 14:26 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-02-16 21:35 - 2013-08-24 04:03 - 01038072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-02-16 21:35 - 2013-08-24 04:03 - 00421704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-02-16 21:35 - 2013-08-24 04:03 - 00334136 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-02-16 21:35 - 2013-08-24 04:03 - 00078648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-02-16 21:35 - 2013-08-24 04:02 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-02-16 21:28 - 2014-02-16 21:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\FRST-OlderVersion
2014-02-16 11:32 - 2012-02-07 04:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\WrestlingAudio.com
2014-02-16 02:32 - 2014-02-16 02:30 - 00047814 _____ () C:\Users\Jeremy\Desktop\Addition.txt
2014-02-16 01:51 - 2013-07-22 22:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-16 01:45 - 2012-02-03 03:13 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-15 19:24 - 2014-02-15 14:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\Smackdown
2014-02-15 07:42 - 2013-10-12 03:30 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-15 07:42 - 2013-10-12 03:30 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 22:20 - 2012-05-02 20:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-14 09:22 - 2014-02-09 00:43 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-14 09:22 - 2013-06-28 09:36 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-14 09:17 - 2014-02-14 09:17 - 04721920 _____ (Piriform Ltd) C:\Users\Jeremy\Desktop\ccsetup410.exe
2014-02-14 09:16 - 2014-02-14 09:15 - 00001152 _____ () C:\DelFix.txt
2014-02-14 09:15 - 2013-05-15 23:48 - 00000000 ____D () C:\Windows\ERUNT
2014-02-14 09:09 - 2013-04-11 19:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-14 09:08 - 2013-06-27 10:12 - 00000000 ____D () C:\Windows\erdnt
2014-02-11 05:24 - 2014-02-11 05:24 - 00024662 _____ () C:\Users\Jeremy\Desktop\ESET SCAN .txt
2014-02-10 00:39 - 2014-02-10 00:35 - 00000049 _____ () C:\Users\Jeremy\Desktop\Vocals Chains To Delete.txt
2014-02-09 17:13 - 2012-02-02 21:31 - 00000000 ____D () C:\Users\Jeremy\AppData\Local\Apps\2.0
2014-02-09 17:02 - 2014-02-09 17:02 - 55915216 _____ (Microsoft Corporation) C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe
2014-02-09 16:59 - 2014-02-09 16:50 - 00000000 ____D () C:\Users\Jeremy\Documents\Fiddler2
2014-02-09 16:50 - 2014-02-09 16:49 - 00000000 ____D () C:\Program Files (x86)\Fiddler2
2014-02-09 15:17 - 2014-02-09 15:17 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\TeamViewer
2014-02-09 15:16 - 2014-02-09 15:16 - 05814120 _____ (TeamViewer GmbH) C:\Users\Jeremy\Desktop\TeamViewer_Setup_en.exe
2014-02-09 15:16 - 2014-02-09 15:16 - 00001164 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-02-09 15:16 - 2014-02-09 15:16 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-02-09 02:49 - 2013-09-05 17:47 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-09 02:49 - 2013-05-10 03:20 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-09 02:49 - 2013-05-10 03:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-09 00:54 - 2012-05-10 07:02 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\FileZilla
2014-02-09 00:54 - 2012-02-03 07:20 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\DAEMON Tools Lite
2014-02-09 00:45 - 2012-02-14 05:09 - 00000000 ____D () C:\Windows\Minidump
2014-02-09 00:44 - 2014-02-09 00:44 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-08 07:34 - 2012-02-03 03:04 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\vlc
2014-02-07 22:34 - 2014-02-07 22:34 - 66963505 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(720p_H.264-AAC).mp4
2014-02-07 22:34 - 2014-02-07 22:34 - 63815791 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(720p_H.264-AAC).mp4
2014-02-07 22:34 - 2014-02-07 22:34 - 22989362 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(360p_VP8-Vorbis).webm
2014-02-07 22:34 - 2014-02-07 22:31 - 16442791 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(3D)(360p_H.264-AAC).mp4
2014-02-07 22:31 - 2014-02-07 22:31 - 20069413 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(360p_VP8-Vorbis).webm
2014-02-07 22:31 - 2014-02-07 22:31 - 16928555 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(360p_H.264-AAC).mp4
2014-02-07 22:31 - 2014-02-07 22:29 - 06795459 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(240p_H.264-AAC).3gp
2014-02-07 17:31 - 2014-02-07 17:29 - 08603169 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(240p_H.263-MP3).flv
2014-02-07 17:29 - 2014-02-07 17:28 - 02353391 _____ () C:\Users\Jeremy\Downloads\Jaiz - Say No To Drugs(144p_H.264-AAC).3gp
2014-02-07 02:56 - 2012-02-25 04:54 - 00000132 _____ () C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-02-06 07:16 - 2014-02-21 03:59 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 06:30 - 2014-02-21 03:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 06:30 - 2014-02-21 03:59 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 06:12 - 2014-02-21 03:59 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 06:07 - 2014-02-21 03:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 06:06 - 2014-02-21 03:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 05:57 - 2014-02-21 03:59 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 05:56 - 2014-02-21 03:59 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 05:52 - 2014-02-21 03:59 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 05:49 - 2014-02-21 03:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 05:48 - 2014-02-21 03:59 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 05:48 - 2014-02-21 03:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 05:38 - 2014-02-21 03:59 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-06 05:32 - 2014-02-21 03:59 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 05:20 - 2014-02-21 03:59 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-06 05:17 - 2014-02-21 03:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 05:11 - 2014-02-21 03:59 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 05:01 - 2014-02-21 03:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-06 05:00 - 2014-02-21 03:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-06 04:57 - 2014-02-21 03:59 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-06 04:57 - 2014-02-21 03:59 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 04:52 - 2014-02-21 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-06 04:52 - 2014-02-21 03:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-06 04:50 - 2014-02-21 03:59 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 04:49 - 2014-02-21 03:59 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-06 04:47 - 2014-02-21 03:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-06 04:46 - 2014-02-21 03:59 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-06 04:25 - 2014-02-21 03:59 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-06 04:25 - 2014-02-21 03:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-06 04:24 - 2014-02-21 03:59 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 04:22 - 2014-02-21 03:59 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 04:13 - 2014-02-21 03:59 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-06 04:09 - 2014-02-21 03:59 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-06 04:03 - 2014-02-21 03:59 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-06 03:55 - 2014-02-21 03:59 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 03:41 - 2014-02-21 03:59 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-06 03:40 - 2014-02-21 03:59 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-06 03:36 - 2014-02-21 03:59 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-06 03:34 - 2014-02-21 03:59 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-05 09:11 - 2013-07-15 00:28 - 00000000 ____D () C:\Users\Jeremy\Desktop\Hiccups
2014-02-04 01:57 - 2014-02-04 01:57 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\2C241749.sys
2014-02-02 01:26 - 2014-02-02 01:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Jeremy\Desktop\mbar-1.07.0.1009.exe
2014-02-01 01:34 - 2014-02-01 01:34 - 00000000 ____D () C:\Users\Jeremy\AppData\Roaming\chc
2014-01-29 22:57 - 2009-07-13 21:34 - 00000215 _____ () C:\Windows\system.ini
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-20 15:07
==================== End Of Log ============================ -
Unfortunately, it didn't fix anything. Have actually been having more program crashes now.
-
I had 90 something detections on the Malware Bytes scan last time, how are the logs looking good? lol This found 189, I'm always getting PUP's, can't get Internet Explorer to work normally, still have the issues with program processes not ending after I close a program, etc. I'm sorry I hope that didn't sound harsh. I really appreciate all the free help, I just get confused when issues haven't been resolved and I hear that we're almost done. Then again it may be cause you only deal with malware related issues here, and issues I'm having is possibly not related to malware?
C:\$RECYCLE.BIN\S-1-5-21-4055183432-471262313-3685020261-1000\$RL91W6I.exe Win32/OpenCandy potentially unsafe application
C:\Users\Jeremy\AppData\Local\Temp\12DB.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\132C.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\1639.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\16A6.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\16EC.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\1C51.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\2197.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\2411.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\2823.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\2968.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\29FF.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\2A33.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\2B33.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\321B.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\3465.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\3549.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\3784.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\3816.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\38D3.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\3A84.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\3B32.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\3D3F.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\47EC.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\4BB.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\4C61.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\4D27.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5026.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\542A.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\57CA.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\57CB.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\57DB.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\57DC.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\57DD.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\586B.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5903.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\597A.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5BD5.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5CA1.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5D50.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5D6D.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5FBF.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5FC0.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\5FC1.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\609C.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\613F.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\6214.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\64B3.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\64B4.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\650E.tmp a variant of Win32/InstallCore.JE.gen potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\658A.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\66C0.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\6F2D.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\70.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\75F8.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\7952.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\7B61.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\7DE4.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\7E1B.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\81CC.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\853.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\8771.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\879A.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\8890.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\8A0B.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\9158.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\91E8.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\923C.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\93BA.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\9548.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\95A7.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\970B.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\975C.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\99D2.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A051.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A2F7.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A32C.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A32D.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A32E.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A32F.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A330.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A340.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A74.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A8EC.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A8ED.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A949.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A94D.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\A9B9.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\AB40.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\AB41.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\AC0D.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\AD17.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\AD2.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\AF78.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\AF79.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\AF7A.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B046.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B0AD.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B112.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B1B9.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B1DE.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B1FD.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B384.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B385.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B441.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B4A1.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\B50D.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\BDDE.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\BEBE.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\C4D9.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\C6E9.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\C6F9.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\CC85.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\D2E4.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\D5D0.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\D7DE.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DA2E.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DA6B.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DBAA.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DBAB.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DBAC.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DBAD.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DBBD.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DBBE.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DDDF.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DE24.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\DEEC.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E300.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E301.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E3CC.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E440.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E5BC.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E62E.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E62F.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E630.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E7C6.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E7D7.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E96E.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E96F.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E9B5.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E9B6.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E9C7.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E9C8.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E9C9.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\E9CA.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EA3A.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EB06.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\ECA2.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\ECAC.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\ECAD.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\ECCF.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\ED98.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\ED99.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EDA9.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EDAA.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EDAB.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EDAC.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EE1E.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EEFF.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EF00.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EF11.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EF62.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EF91.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EFA5.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\EFA6.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F0A7.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F12D.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F12E.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F1AA.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F1E2.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F1EB.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F2AE.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F379.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F3A1.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F3D0.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F436.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F567.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F568.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F624.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F6E0.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F7AC.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F952.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F953.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\F96A.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\FB28.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\FB29.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\FB56.tmp Win32/Somoto.A potentially unwanted application
C:\Users\Jeremy\AppData\Local\Temp\FBE5.tmp Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Jeremy\Desktop\ccsetup410.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
-
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
Database version: v2014.02.22.02
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Jeremy :: JEREMY-PC [administrator]
2/22/2014 4:34:49 AM
mbam-log-2014-02-22 (04-34-49).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 228199
Time elapsed: 3 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 90
C:\Users\Jeremy\AppData\Local\Temp\1046.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\10EB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\13B5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\176B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2343.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\24E0.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2646.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\272.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\29D7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2AF9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\2B40.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3089.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\320B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\32EA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3317.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\34A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\3BFF.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\44D3.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\47EA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\487B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\4E33.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\52A6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5552.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\567A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\57DE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5B22.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5B5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5EB6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\5F2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\65A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6C50.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6EBA.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6EFC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\6F28.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\797.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\79C5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\7E6A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\82A7.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\847F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8570.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\89DC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8BCD.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8C3.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\8D07.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\9079.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\9FD6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A536.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\A9A9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\AD51.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B020.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B4E5.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B4FE.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B63D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B672.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\B6A8.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\BDFC.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C0A1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C223.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C3B1.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C47.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C54A.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C6C2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C86D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\C8E9.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CA09.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CD0B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CDF4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\CE5F.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D2DB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D82D.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\D88.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DC17.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DCF6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DD28.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DE71.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\DFCB.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E320.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E3B4.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E51B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E73B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\E88B.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EC0.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EC92.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EE2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\EF12.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F1EC.tmp (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F2B6.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F319.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\AppData\Local\Temp\F5C2.tmp (PUP.Optional.Somoto) -> Quarantined and deleted successfully.
C:\Users\Jeremy\Downloads\update.exe (PUP.Optional.OptimumInstaller.A) -> Quarantined and deleted successfully.
(end)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:51:00 AM, on 2/22/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)
Boot mode: Normal
Running processes:
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
C:\Users\Jeremy\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel® Integrated Clock Controller Service - Intel® ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Microsoft Network Inspection (NisSrv) - Unknown owner - C:\Program Files\Microsoft Security Client\NisSrv.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Sandboxie Service (SbieSvc) - Sandboxie Holdings, LLC - C:\Program Files\Sandboxie\SbieSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 9 (TeamViewer9) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9365 bytes
While scanning with Hijackthis I got the same error as before saying my denied access to the host file. It didn't seem to affect anything though. The comp is running ok. Stil lcan't use Internet Explore, and the program issues but my pc seems to be running smoothly at the moment.
-
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=3\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\MozillaPlugins\@tools.google.com/Google Update;version=9\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411901140}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411901140}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF819DA3-9882-4944-ADF5-6EF17ECF3C6E}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Jeremy\Desktop\cmd.bat deleted successfully.
C:\Users\Jeremy\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
[EMPTYJAVA]
User: All Users
User: Default
User: Default User
User: Jeremy
->Java cache emptied: 452891 bytes
User: Public
Total Java Files Cleaned = 0.00 mb
[EMPTYFLASH]
User: All Users
User: Default
->Flash cache emptied: 57472 bytes
User: Default User
->Flash cache emptied: 0 bytes
User: Jeremy
->Flash cache emptied: 315307 bytes
User: Public
Total Flash Files Cleaned = 0.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 02202014_062951Well still no BSOD's which of course is good. Other than that, I still have the issues I've stated multiple times with program processes not being exited even after I exit the program. I tried to get Internet Explorer working again going through the long process I went through before. I uninstalled it, restarted my pc, and my pc was updating itself with windows updates which took a while. Installed the latest Internet Explorer again, and had to restart my pc again. It then needed updates, and I had to restart my pc one more time. It still won't work properly. I can make it work by running it as admininstrator, but it won't work with a marketing program I use which is the only use I have for Internet Explorer. Also, it seems that even when I remove some programs from my start up programs they will return after I use them. I guess I have to manually configure them through the actual programs to not start up when I reboot my pc. Another thing is that I have used CCleaner 2 or 3 times since installing it. I will do quick scans with malware bytes right after using it, and I am still getting PUP's.
-
OTL logfile created on: 2/18/2014 9:17:45 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Jeremy\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.91 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 42.03% Memory free
11.83 Gb Paging File | 8.20 Gb Available in Paging File | 69.33% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 450.91 Gb Total Space | 241.99 Gb Free Space | 53.67% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 95.93 Gb Free Space | 10.30% Space Free | Partition Type: NTFS
Computer Name: JEREMY-PC | User Name: Jeremy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\Jeremy\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe (Adobe Systems, Inc.)
PRC - C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe ()
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher\xulrunner\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\BlueStacks\HD-Network.exe (BlueStack Systems)
PRC - C:\Program Files (x86)\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe (MPC-HC Team)
PRC - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe ()
PRC - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\..\cef\hitleap-viewer-browser.exe ()
PRC - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe (Badoo)
PRC - C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Accessibility\e7e7e3b82e91028e6ed05189f837ea13\Accessibility.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
MOD - C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll ()
MOD - C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher\xulrunner\mozjs.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-55.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-55.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-52.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\libbluray.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll ()
MOD - C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avresample-lav-1.dll ()
MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe ()
MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\libcef.dll ()
MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\..\cef\hitleap-viewer-browser.exe ()
MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe ()
MOD - C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe File not found
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe File not found
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (SbieSvc) -- C:\Program Files\Sandboxie\SbieSvc.exe (Sandboxie Holdings, LLC)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (!SASCORE) -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe (SUPERAntiSpyware.com)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (AdobeActiveFileMonitor10.0) -- C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe (Adobe Systems Incorporated)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\program files\dell support center\pcdsrvc_x64.pkms File not found
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswstm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (SbieDrv) -- C:\Program Files\Sandboxie\SbieDrv.sys (Sandboxie Holdings, LLC)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.)
DRV:64bit: - (SASDIFSV) -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (SASKUTIL) -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys (SUPERAdBlocker.com and SUPERAntiSpyware.com)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.)
DRV:64bit: - (Apowersoft_AudioDevice) -- C:\Windows\SysNative\drivers\Apowersoft_AudioDevice.sys (Wondershare)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (USBMULCD) -- C:\Windows\SysNative\drivers\CM10664.sys (C-Media Electronics Inc)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (VSTWinDriver6) -- C:\Windows\SysNative\drivers\VSTwindrvr6.sys (Jungo)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (pfc) -- C:\Windows\SysWOW64\drivers\pfc.sys (Padus, Inc.)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8888;https=127.0.0.1:8888
========== FireFox ==========
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.21
FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:1.1.8
FF - prefs.js..extensions.enabledAddons: %7B37fa1426-b82d-11db-8314-0800200c9a66%7D:3.3.12
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.15
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2013.75
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.8.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:27.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Jeremy\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Jeremy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Jeremy\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll File not found
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/10/08 21:35:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/02/16 21:35:37 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fiddlerhook@fiddler2.com: C:\Program Files (x86)\Fiddler2\FiddlerHook [2014/02/09 16:49:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/07/04 20:28:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 27.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/09 06:45:15 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/10/08 21:35:42 | 000,000,000 | ---D | M]
[2013/03/13 07:48:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Extensions
[2014/02/18 14:56:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions
[2014/02/18 14:56:08 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013/09/23 08:07:45 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2013/11/23 18:01:57 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
[2014/01/31 03:32:32 | 000,217,846 | ---- | M] () (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{37fa1426-b82d-11db-8314-0800200c9a66}.xpi
[2014/01/16 10:16:35 | 000,940,775 | ---- | M] () (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/02/13 14:26:17 | 000,287,566 | ---- | M] () (No name found) -- C:\Users\Jeremy\AppData\Roaming\Mozilla\Firefox\Profiles\6b4yms8m.default-1379773998789\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2013/11/08 00:12:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/02/14 09:09:05 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/02/16 21:35:37 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - Extension: Google Docs = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: iMacros for Chrome = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\6.0.6_0\
CHR - Extension: Google Wallet = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Google Wallet = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Jeremy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/10/06 00:37:16 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (Torntv V7.0) - {11111111-1111-1111-1111-110411901140} - C:\Program Files (x86)\Torntv V7.0\Torntv V7.0-bho64.dll File not found
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000..\Run: [EV_Autowatcher_Download-Carbon0x] C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Activities present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-4055183432-471262313-3685020261-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" File not found
O9:64bit: - Extra 'Tools' menuitem : Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" File not found
O9 - Extra Button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\paltalk.exe (AVM Software Inc.)
O9 - Extra Button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" File not found
O9 - Extra 'Tools' menuitem : Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files (x86)\Fiddler2\Fiddler.exe" File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 208.59.247.45 208.59.247.46
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D1CAAD8-6D06-4F95-AB66-F1BBC1C7FADB}: DhcpNameServer = 208.59.247.45 208.59.247.46
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: NameServer = 107.6.133.8,23.23.180.210
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF1B28AD-68A0-41A8-9CB9-D47A0A08BBC4}: DhcpNameServer = 208.59.247.45 208.59.247.46
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/02/18 21:16:28 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Jeremy\Desktop\OTL.exe
[2014/02/18 14:33:43 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\RK_Quarantine
[2014/02/18 14:08:35 | 000,119,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/02/18 07:56:48 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJMIG
[2014/02/18 07:53:07 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan
[2014/02/18 07:45:56 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\RAW
[2014/02/16 21:28:55 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\FRST-OlderVersion
[2014/02/16 05:26:50 | 006,573,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/02/16 05:26:50 | 005,693,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/02/16 02:29:51 | 000,000,000 | ---D | C] -- C:\FRST
[2014/02/16 02:29:37 | 002,152,448 | ---- | C] (Farbar) -- C:\Users\Jeremy\Desktop\FRST64.exe
[2014/02/16 01:44:02 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/02/16 01:43:52 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/02/16 01:43:52 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/02/16 01:43:52 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/02/16 01:43:48 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/02/16 01:43:48 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/02/16 01:43:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/02/16 01:43:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/02/16 01:43:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/02/16 01:43:46 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/02/16 01:43:46 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/02/16 01:43:46 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/02/16 01:43:46 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/02/16 01:43:46 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/02/16 01:43:45 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/02/16 01:43:45 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/02/16 01:40:46 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/02/16 01:40:46 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/02/15 14:28:36 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\Smackdown
[2014/02/14 09:36:54 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/02/14 09:17:46 | 004,721,920 | ---- | C] (Piriform Ltd) -- C:\Users\Jeremy\Desktop\ccsetup410.exe
[2014/02/13 07:02:26 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/13 07:01:29 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/13 07:01:29 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/13 07:01:28 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/13 07:01:28 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/13 07:01:27 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/13 07:01:27 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/13 07:01:27 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/13 07:01:26 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/13 07:01:26 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/13 07:01:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/13 07:01:25 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/13 07:01:25 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/13 07:01:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/13 07:01:25 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/13 07:01:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/13 07:01:25 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/13 07:01:23 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/13 07:01:23 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/13 07:01:23 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/13 07:01:23 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/13 07:01:20 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/13 07:01:19 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/13 07:01:15 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/13 02:31:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/13 02:31:57 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/13 02:31:45 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/13 02:31:45 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/13 02:31:44 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/13 02:31:44 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/13 02:31:39 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/13 02:31:38 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/13 02:31:38 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/13 02:31:37 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/13 02:31:37 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/13 02:31:37 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/13 02:31:37 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/13 02:31:37 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/13 02:31:37 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/13 02:31:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/13 02:31:36 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/13 02:31:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/13 02:31:36 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/13 02:31:29 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/13 02:31:28 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/11 01:33:03 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\backups
[2014/02/09 17:02:39 | 055,915,216 | ---- | C] (Microsoft Corporation) -- C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe
[2014/02/09 16:50:42 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Documents\Fiddler2
[2014/02/09 16:49:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Fiddler2
[2014/02/09 15:17:03 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\TeamViewer
[2014/02/09 15:16:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2014/02/09 15:16:32 | 005,814,120 | ---- | C] (TeamViewer GmbH) -- C:\Users\Jeremy\Desktop\TeamViewer_Setup_en.exe
[2014/02/09 00:42:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/02/09 00:41:51 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/02/09 00:41:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/02/09 00:41:43 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/02/09 00:41:43 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/02/09 00:41:43 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/02/08 07:15:25 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Local\CrashDumps
[2014/02/04 01:57:41 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\2C241749.sys
[2014/02/02 01:27:26 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\Desktop\For Malware Bytes
[2014/02/02 01:26:45 | 012,589,848 | ---- | C] (Malwarebytes Corp.) -- C:\Users\Jeremy\Desktop\mbar-1.07.0.1009.exe
[2014/02/01 01:34:58 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Roaming\chc
[2014/01/29 09:34:28 | 000,000,000 | ---D | C] -- C:\Users\Jeremy\AppData\Local\Enhanceviews_Autowatcher
[2014/01/27 08:04:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Share YouTube Videos
[2014/01/27 08:04:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Share YouTube Videos
[2014/01/23 07:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Badoo
[2014/01/23 07:58:52 | 003,230,432 | ---- | C] (Badoo) -- C:\Users\Jeremy\Desktop\badoo.desktop.installer-1.6.58.exe
[2014/01/20 16:10:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3 Song Plays Increaser
[2014/01/20 16:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3 Song Plays Increaser
========== Files - Modified Within 30 Days ==========
[2014/02/18 21:16:28 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Jeremy\Desktop\OTL.exe
[2014/02/18 21:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/18 20:47:33 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/18 19:08:01 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job
[2014/02/18 15:02:04 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/18 15:02:04 | 000,021,296 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/18 14:54:12 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/18 14:53:45 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/18 14:53:40 | 468,156,415 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/18 14:33:30 | 004,408,320 | ---- | M] () -- C:\Users\Jeremy\Desktop\RogueKillerX64.exe
[2014/02/18 14:08:35 | 000,119,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/02/18 14:08:00 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/02/18 07:55:38 | 000,144,295 | ---- | M] () -- C:\Users\Jeremy\Documents\IMG_20140218_0001.jpg
[2014/02/18 01:08:01 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job
[2014/02/16 21:35:59 | 000,001,928 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/16 21:35:36 | 001,038,072 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2014/02/16 21:35:36 | 000,421,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
[2014/02/16 21:35:36 | 000,334,136 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
[2014/02/16 21:35:36 | 000,080,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswstm.sys
[2014/02/16 21:35:36 | 000,078,648 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2014/02/16 21:35:35 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/02/16 21:28:55 | 002,152,448 | ---- | M] (Farbar) -- C:\Users\Jeremy\Desktop\FRST64.exe
[2014/02/14 09:22:43 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/14 09:17:46 | 004,721,920 | ---- | M] (Piriform Ltd) -- C:\Users\Jeremy\Desktop\ccsetup410.exe
[2014/02/13 07:05:06 | 000,825,320 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/13 07:05:06 | 000,697,808 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/13 07:05:06 | 000,136,356 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/13 07:04:56 | 000,825,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/11 01:16:47 | 000,003,239 | ---- | M] () -- C:\Users\Jeremy\Desktop\Instructions.rtf
[2014/02/09 17:09:47 | 004,979,072 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/02/09 17:02:59 | 055,915,216 | ---- | M] (Microsoft Corporation) -- C:\Users\Jeremy\Desktop\IE11-Windows6.1-x64-en-us.exe
[2014/02/09 15:16:59 | 000,001,164 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/02/09 15:16:33 | 005,814,120 | ---- | M] (TeamViewer GmbH) -- C:\Users\Jeremy\Desktop\TeamViewer_Setup_en.exe
[2014/02/09 02:49:51 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/09 02:49:51 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/09 02:32:37 | 000,008,362 | ---- | M] () -- C:\Users\Jeremy\Desktop\Tiffany.rtf
[2014/02/09 00:41:36 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/02/09 00:41:33 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/02/09 00:41:33 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/02/09 00:41:32 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/02/09 00:40:40 | 000,921,000 | ---- | M] (Oracle Corporation) -- C:\Users\Jeremy\Desktop\jxpiinstall.exe
[2014/02/07 02:56:54 | 000,000,132 | ---- | M] () -- C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2014/02/06 06:51:19 | 000,001,003 | ---- | M] () -- C:\Users\Jeremy\Desktop\Dat White Boy (Fixes).rtf
[2014/02/06 06:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 06:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 06:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 05:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 05:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 05:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 05:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 05:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 05:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 05:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 05:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 05:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 05:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 04:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 04:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 04:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 04:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 04:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 04:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 04:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 04:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 03:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 03:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/04 01:57:41 | 000,091,352 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\2C241749.sys
[2014/02/02 01:26:46 | 012,589,848 | ---- | M] (Malwarebytes Corp.) -- C:\Users\Jeremy\Desktop\mbar-1.07.0.1009.exe
[2014/01/27 08:05:00 | 000,001,153 | ---- | M] () -- C:\Users\Public\Desktop\Share YouTube Videos.lnk
[2014/01/26 08:39:32 | 000,000,132 | ---- | M] () -- C:\Users\Jeremy\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2014/01/23 07:59:51 | 000,001,010 | ---- | M] () -- C:\Users\Jeremy\Application Data\Microsoft\Internet Explorer\Quick Launch\Badoo.Desktop.lnk
[2014/01/23 07:58:53 | 003,230,432 | ---- | M] (Badoo) -- C:\Users\Jeremy\Desktop\badoo.desktop.installer-1.6.58.exe
[2014/01/22 03:15:50 | 000,077,217 | ---- | M] () -- C:\Users\Jeremy\Desktop\15558771527681369792.jpeg.jpg
[2014/01/20 16:12:17 | 000,001,648 | ---- | M] () -- C:\Users\Jeremy\Desktop\MP3SongPlays.exe - Shortcut.lnk
[2014/01/20 16:10:50 | 000,001,121 | ---- | M] () -- C:\Users\Public\Desktop\Mp3 Song Plays Increaser.lnk
========== Files Created - No Company Name ==========
[2014/02/18 14:33:30 | 004,408,320 | ---- | C] () -- C:\Users\Jeremy\Desktop\RogueKillerX64.exe
[2014/02/18 07:55:38 | 000,144,295 | ---- | C] () -- C:\Users\Jeremy\Documents\IMG_20140218_0001.jpg
[2014/02/11 01:16:47 | 000,003,239 | ---- | C] () -- C:\Users\Jeremy\Desktop\Instructions.rtf
[2014/02/09 16:49:56 | 000,001,890 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fiddler2.lnk
[2014/02/09 15:16:59 | 000,001,176 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
[2014/02/09 15:16:59 | 000,001,164 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/02/09 00:43:58 | 000,000,784 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/02/09 00:37:24 | 000,008,362 | ---- | C] () -- C:\Users\Jeremy\Desktop\Tiffany.rtf
[2014/02/06 06:39:44 | 000,001,003 | ---- | C] () -- C:\Users\Jeremy\Desktop\Dat White Boy (Fixes).rtf
[2014/01/27 08:05:00 | 000,001,153 | ---- | C] () -- C:\Users\Public\Desktop\Share YouTube Videos.lnk
[2014/01/23 07:59:51 | 000,001,140 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Badoo Desktop.lnk
[2014/01/23 07:59:51 | 000,001,010 | ---- | C] () -- C:\Users\Jeremy\Application Data\Microsoft\Internet Explorer\Quick Launch\Badoo.Desktop.lnk
[2014/01/22 03:15:50 | 000,077,217 | ---- | C] () -- C:\Users\Jeremy\Desktop\15558771527681369792.jpeg.jpg
[2014/01/20 16:12:17 | 000,001,648 | ---- | C] () -- C:\Users\Jeremy\Desktop\MP3SongPlays.exe - Shortcut.lnk
[2014/01/20 16:10:50 | 000,001,121 | ---- | C] () -- C:\Users\Public\Desktop\Mp3 Song Plays Increaser.lnk
[2013/11/18 05:11:45 | 000,217,176 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2013/11/07 01:52:42 | 000,077,312 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/09/26 18:05:41 | 000,000,133 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\mbam.context.scan
[2013/07/27 04:40:15 | 000,000,307 | ---- | C] () -- C:\Users\Jeremy\vst_perfect_declipper.ini
[2013/07/09 03:12:26 | 002,600,164 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\TempMediaPlay.wav
[2013/05/01 04:21:36 | 000,002,886 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2013/04/03 08:09:14 | 000,000,016 | ---- | C] () -- C:\Windows\msocreg32.dat
[2013/04/03 08:09:14 | 000,000,016 | ---- | C] () -- C:\ProgramData\autobk.inc
[2013/03/13 07:48:26 | 000,000,258 | RHS- | C] () -- C:\Users\Jeremy\ntuser.pol
[2013/03/13 07:20:50 | 000,157,696 | ---- | C] () -- C:\Windows\SysWow64\OggEnc.exe
[2013/03/13 07:20:50 | 000,145,408 | ---- | C] () -- C:\Windows\SysWow64\Lame.exe
[2013/03/13 07:20:50 | 000,076,800 | ---- | C] () -- C:\Windows\SysWow64\Faac.exe
[2012/12/27 00:23:42 | 000,431,901 | ---- | C] () -- C:\Users\Jeremy\.websiteauditor.properties
[2012/12/27 00:08:10 | 000,182,823 | ---- | C] () -- C:\Users\Jeremy\.spyglass.properties
[2012/12/26 23:51:54 | 000,427,977 | ---- | C] () -- C:\Users\Jeremy\.websiteauditor.properties.bak
[2012/12/06 04:09:15 | 000,000,132 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Adobe AIFF Format CS5 Prefs
[2012/11/03 21:56:13 | 000,000,017 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\resmon.resmoncfg
[2012/10/18 04:39:39 | 000,002,560 | ---- | C] () -- C:\Windows\_MSRSTRT.EXE
[2012/10/18 04:32:22 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2012/10/18 04:32:22 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2012/10/10 01:22:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/10/10 01:22:20 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/10/08 21:30:36 | 000,221,313 | ---- | C] () -- C:\Windows\hpoins19.dat
[2012/10/08 21:30:36 | 000,013,898 | ---- | C] () -- C:\Windows\hpomdl19.dat
[2012/05/24 21:32:49 | 000,000,600 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\PUTTY.RND
[2012/02/27 04:36:51 | 000,019,456 | ---- | C] () -- C:\Users\Jeremy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/02/25 04:54:18 | 000,000,132 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/02/24 04:04:41 | 000,000,132 | ---- | C] () -- C:\Users\Jeremy\AppData\Roaming\Adobe BMP Format CS5 Prefs
========== ZeroAccess Check ==========
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 21:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 08:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 08:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 08:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== Alternate Data Streams ==========
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34
< End of report >
-
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.02.18.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Jeremy :: JEREMY-PC [administrator]
2/18/2014 2:08:40 PM
mbar-log-2014-02-18 (14-08-40).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 261207
Time elapsed: 23 minute(s), 19 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
RogueKiller V8.8.7 _x64_ [Feb 11 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Jeremy [Admin rights]
Mode : Remove -- Date : 02/18/2014 14:44:00
| ARK || FAK || MBR |
¤¤¤ Bad processes : 1 ¤¤¤
[sUSP PATH] Enhanceviews Autowatcher v2.45.exe -- C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe [-] -> KILLED [TermProc]
¤¤¤ Registry Entries : 14 ¤¤¤
[RUN][sUSP PATH] HKCU\[...]\Run : EV_Autowatcher_Download-Carbon0x (C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe [-]) -> DELETED
[RUN][sUSP PATH] HKUS\S-1-5-21-4055183432-471262313-3685020261-1000\[...]\Run : EV_Autowatcher_Download-Carbon0x (C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe [-]) -> [0x2] The system cannot find the file specified.
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> [0x2] The system cannot find the file specified.
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyDocs (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowUser (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyPics (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyMusic (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowSetProgramAccessAndDefaults (0) -> REPLACED (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> REPLACED (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Scheduled tasks : 1 ¤¤¤
¤¤¤ Startup Entries : 0 ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ Browser Addons : 0 ¤¤¤
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤
¤¤¤ External Hives: ¤¤¤
¤¤¤ Infection : ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
127.0.0.1 localhost
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HD103UJ ATA Device +++++
--- User ---
[MBR] bcc1727eb4d27fb881a41e96255b5396
[bSP] beac72b8fa020a816c05c3802bf54d68 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 953867 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) ST3500413AS ATA Device +++++
--- User ---
[MBR] 960ee0263e7e86714a4c1b9dca087975
[bSP] 1a5f2db44097e7f4dc4ae1dda7b13ac3 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 15166 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 31141888 | Size: 461733 Mo
User = LL1 ... OK!
User = LL2 ... OK!
Finished : << RKreport[0]_D_02182014_144400.txt >>
RKreport[0]_S_02182014_143752.txt
-
I found the microsoft fix it link which I found under Automatically open the Reset Internet Explorer Settings dialog box after I clicked on it. However, it says 'This Microsoft Fix it Failed To Process.'
-
This is what I did before, and I don't see any options that have to do with Internet Explorer other than the option to make it my default browser. Where is the Reset Internet Explorer Settings dialog box because I don't see it anywhere. I can't start Internet Explorer so I don't know how I'm supposed to do this.
-
Sorry I'm still not understanding. I can't open Internet Explorer to follow the steps they provide. At the bottom when it says to go to run and type in inetcpl.cpl, I do that but don't see a Reset Internet Explorer Setting dialog box. Is there a direct link to Microsoft Fix it button? I would like to do it that way since it sounds like the easiest way to move onto the next step. I will have to get back to this tonight.
-
I'm sorry can you tell me where the fixit button is? I don't see it on the page.
-
Well I'm still having the problem where program process will still keep running even after I exit the program. Also, since applying this fix my Internet Explorer I finally got working again stopped working and won't even launch now.
-
Had to attach this cause the post was too long.
-
BSOD's, Program Hang Ups, Browser and Program Crashes, Slow PC
in Resolved Malware Removal Logs
Posted
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Jeremy at 2014-03-13 02:10:22
Running from C:\Users\Jeremy\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
AAMS Auto Audio Mastering System V2.5 (HKLM-x32\...\AAMS Auto Audio Mastering System V2.5) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19140 - Adobe Systems Incorporated) Hidden
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Audition 1.5 (HKLM-x32\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Audition 3.0 (HKLM-x32\...\Adobe Audition 3.0) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Audition 3.0 Vista Compatibility (HKLM\...\{75d2897c-87aa-4a06-8710-3ebda9f02de0}.sdb) (Version: - )
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (HKLM\...\PremElem100) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content (HKLM-x32\...\Adobe Premiere Elements 10 Content) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 10 Content (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 1 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 2 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 10 HD Content 3 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AIM for Windows (HKCU\...\AIM) (Version: - AOL Inc.)
AIPL WarmTone DX v2.2 (HKLM-x32\...\AIPL WarmTone DX v2.2) (Version: - )
Antares Autotune VST v5.09 (HKLM-x32\...\Antares Autotune VST_is1) (Version: - )
Antares Microphone Modeler - ZONE (HKLM-x32\...\Antares Microphone Modeler - ZONE) (Version: - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2013 - Avast Software)
Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo)
Blaine's Alias Title (HKLM\...\{2758AEE7-EDC9-49B6-9498-7FF378944F3C}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Bloom/Negative Effects (HKLM\...\{4FC89A20-FA00-4AD7-B5E6-AC64E67C4273}) (Version: 1.1.0 - Blaine's Movie Maker Blog)
Blaine's Cartoonify Effects (HKLM\...\{442935B7-87F8-4D86-9E76-41F5A0D82132}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Color Fade Effects (HKLM\...\{1A2D9795-4979-447B-BB34-B8DE7A45B8CE}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Contrast Effects (HKLM\...\{B9BB9850-4A9F-4D16-8089-82EDA9F69650}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Custom Dreamy Look Title (HKLM\...\{36F14E9E-3F89-43EF-948D-D4E1A9021508}) (Version: 2.0.1 - Blaine's Movie Maker Blog)
Blaine's Custom Speed Effects (HKLM\...\{35F7B5BB-670F-4E71-9ED2-C772F17B3C8F}) (Version: 2.0.1 - Blaine's Movie Maker Blog)
Blaine's Film Looks Effects (HKLM\...\{95BCCCA2-447E-4F8F-A4C5-49D5700BE627}) (Version: 1.0.1 - Blaine's Movie Maker Blog)
Blaine's Letterbox Effects (HKLM\...\{53EE9AAB-CD12-454C-BDD8-32BDC289757F}) (Version: 1.0.3 - Blaine's Movie Maker Blog)
Blaine's Pixelate Effects (HKLM\...\{299687D9-4E2A-41F5-84B4-2145AD3A866A}) (Version: 1.0.2 - Blaine's Movie Maker Blog)
Blaine's TV Signal Effects (HKLM\...\{344B6293-5ED2-4091-A574-8D5D14D65AB3}) (Version: 1.0.0 - Blaine's Movie Maker Blog)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.31.1038.0 - Logitech) Hidden
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series On-screen Manual (HKLM-x32\...\Canon MG2200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon MG2200 series User Registration (HKLM-x32\...\Canon MG2200 series User Registration) (Version: - Canon Inc.)
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 1.0.0 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 1.0.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Canon PowerShot ELPH 110 HS_IXUS 125 HS Camera User Guide (HKLM-x32\...\CameraUserGuide-PSELPH110HS_IXUS125HS) (Version: 1.0.0.7 - Canon Inc.)
Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.0.0 - Canon Inc.)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.7.0.11 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.1.1.19 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3099 - CDBurnerXP)
ClickFix Lite for Adobe Audition version 3.04 (remove only) (HKLM-x32\...\ClickFix Lite for Adobe Audition version 3.04) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.50.4.0 - Conexant)
ContaCam (HKLM-x32\...\ContaCam) (Version: 4.0.5 - Contaware.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer)
EULAlyzer 2.2 (HKLM-x32\...\EULAlyzer_is1) (Version: 2.2.0 - BrightFort LLC)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FastStone Capture 6.8 (HKLM-x32\...\FastStone Capture) (Version: 6.8 - FastStone Soft)
Fiddler (HKLM-x32\...\Fiddler2) (Version: 2.4.5.9 - Telerik)
FileZilla Client 3.7.4.1 (HKLM-x32\...\FileZilla Client) (Version: 3.7.4.1 - Tim Kosse)
foobar2000 v1.1.10 (HKLM-x32\...\foobar2000) (Version: 1.1.10 - Peter Pawlowski)
Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright© 2005-2013 FreeSoundRecorder Technologies, Inc.)
FreeUndelete 2.1.36867.1 (HKLM-x32\...\{0F5ADA2F-C0B2-4AD6-8FF7-7DFA9D6B4CBA}) (Version: 2.1.36867.1 - Recoveronix)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.24.000 - Runtime Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
HandBrake 0.9.5 (HKLM-x32\...\HandBrake) (Version: 0.9.5 - )
HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 10.1.5 Standard (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.1.5 - )
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.30 - Logitech Inc.)
LWS Facebook (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.31.1044.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.30.1395.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Video Mask Maker (x32 Version: 13.30.1379.0 - Logitech) Hidden
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.31.1038.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Malwarebytes Anti-Malware version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10329.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2015.0811 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
MixMeister Studio 7.2.2 (HKLM-x32\...\MixMeister Studio 7.2.2_is1) (Version: - )
Movie Maker 6.0 for Windows 7 (64-bit) (HKLM\...\{A7395F20-2B22-4CB8-8510-B452C0F47E02}) (Version: 6.0.0 - Microsoft Corporation)
Moyea FLV to Video Converter Pro version 1.29.2.11 (HKLM-x32\...\{A777CB31-A5EC-4E32-A462-2E24F45D4D4F}_is1) (Version: - )
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mp3 Song Plays Increaser (HKLM-x32\...\{FBC0353C-CAFA-4648-91BC-9299774A80E8}) (Version: 1.0.3 - mp3songplays.com)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OLYMPUS Master 2 (HKLM-x32\...\{3A1AB8E6-748E-4B95-AA2D-FE9952EB3106}) (Version: 1.0.13 - OLYMPUS IMAGING CORP.)
Paltalk Messenger 11.2 (HKLM-x32\...\Paltalk Messenger) (Version: 11.2.0 - AVM Software Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
PRE10STI64Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Rapture 1.2.2 (HKLM-x32\...\Rapture_x64_is1) (Version: 18.0 - Cakewalk Music Software)
Recuva (HKLM\...\Recuva) (Version: 1.37 - Piriform)
Sandboxie 4.04 (64-bit) (HKLM\...\Sandboxie) (Version: 4.04 - Sandboxie Holdings, LLC)
Share YouTube Videos version 1 (HKLM-x32\...\{55DAC5D1-B178-42B2-86A3-94A3E0B4F3DD}_is1) (Version: 1 - )
Simple Search-Replace (HKLM-x32\...\{85BEDB91-5AB4-4066-8946-4EE980950F82}) (Version: 1.08.0000 - RJL Software, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SmartSound Common Data (HKLM-x32\...\InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}) (Version: 1.1.0 - SmartSound Software Inc.)
SmartSound Common Data (x32 Version: 1.1.0 - SmartSound Software Inc.) Hidden
SmartSound Premiere Elements 10 x64 Plugin (HKLM\...\{3DAE9A67-DD8D-4EDB-91F7-7B5132B1864D}) (Version: 5.70.0001 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (HKLM-x32\...\InstallShield_{1D273D91-D7D5-4036-8B84-EB4615FF5F81}) (Version: 5.7.1 - SmartSound Software Inc.)
SmartSound Sonicfire Pro 5 (x32 Version: 5.7.1 - SmartSound Software Inc.) Hidden
Sonic Foundry ACID 4.0e (HKLM-x32\...\{9B7DE025-A6AF-446B-86BE-3BD9604B498A}) (Version: 4.0.408 - Sonic Foundry)
Sony Sound Forge 7.0 (HKLM-x32\...\{0712667C-A171-49AE-A098-4ACDA28625F8}) (Version: 7.0.214 - Sony)
Spotify (HKCU\...\Spotify) (Version: 0.9.6.81.gd359a796 - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
System Requirements Lab for Intel (HKLM-x32\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.25942 - TeamViewer)
Thread Manager 2.4.0.0 (HKLM-x32\...\{78F4E027-355C-45C0-90DC-F89DFC618761}_is1) (Version: 2.4.0.0 - Digital Generation)
Universal Audio v4.4.0 Native (HKLM-x32\...\Universal Audio v4.4.0 Native) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2596598) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{8F32B14E-F85E-482C-BF8C-C04E1A5ADE4F}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Waves Mercury Bundle (HKLM-x32\...\Waves Mercury Bundle) (Version: 5.0 - Team AiR)
Waves SSL Collection v1.2 (HKLM-x32\...\Waves SSL Collection v1.2) (Version: - )
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Encoder 9 Series x64 Edition (HKLM\...\Windows Media Encoder 9) (Version: - )
Windows Media Encoder 9 Series x64 Edition (Version: 10.0.0.3809 - Microsoft Corporation) Hidden
==================== Restore Points =========================
03-03-2014 13:10:17 Windows Modules Installer
03-03-2014 13:20:12 Windows Update
07-03-2014 19:55:46 Windows Update
08-03-2014 18:05:48 Revo Uninstaller's restore point - VLC media player 2.1.2
13-03-2014 00:26:14 Windows Update
==================== Hosts content: ==========================
2012-02-03 07:35 - 2014-02-25 11:43 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {000BB44C-CE99-4636-893C-73FD773565F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {1F98F092-786D-4758-93FA-BB2417F803F3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {45063B76-A9B1-4603-9713-97C6707EF7C9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-02-16] (AVAST Software)
Task: {683E96DA-D02F-49A0-B2C5-92EE1ABC6674} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.)
Task: {68FD1AED-AB87-4272-804A-71E26C6C771A} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/uninstall.html?aaa=KICMLJLMNJHMNJJMNJNJCNLJMJHMLMCNLMMJJJNJCNHMJMKJKJCNNJNJKMGMMJNJNJHMHMJJGMKJJNJICMIMCNGMCNPMFMGMCNOMPMCNGMNMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMLMJNHICMEKMICNJJCKJNBJCMFLKJNIKJCJGIJNKJCMJNNICMJNDJCMKJBJ"
Task: {72AC25D4-AFF2-4C7F-83D2-00CCA50383AB} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {77F35599-F36B-4ED7-B88D-EAF50A444D3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-05] (Google Inc.)
Task: {C0D1F864-CDC5-4232-974C-01C2003C9936} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
Task: {EE44E6C4-F4D7-46EB-B9D2-0080B4AEE915} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-08] (Adobe Systems Incorporated)
Task: {F0EFFE04-2F5C-4341-8D1C-D8FC357FF2C9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-15] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000Core.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4055183432-471262313-3685020261-1000UA.job => C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2010-01-02 10:42 - 2010-01-02 10:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-01-20 18:07 - 2011-01-27 11:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-08 03:48 - 2013-11-08 03:48 - 01279512 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\hitleap-viewer.exe
2014-01-27 09:04 - 2014-03-09 18:45 - 01094144 _____ () C:\Program Files (x86)\Share YouTube Videos\Share YouTube Videos.exe
2011-12-02 11:07 - 2011-12-02 11:07 - 02046976 _____ () C:\Program Files (x86)\foobar2000\foobar2000.exe
2014-03-09 05:58 - 2014-03-09 05:17 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030900\algo.dll
2014-03-12 16:04 - 2014-03-12 15:20 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14031201\algo.dll
2013-12-15 15:26 - 2013-12-15 15:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-04-11 20:58 - 2014-02-14 10:09 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-28 05:52 - 2014-03-08 13:53 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll
2013-11-18 06:11 - 2013-11-14 14:00 - 01235456 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avformat-lav-55.dll
2013-11-18 06:11 - 2013-11-14 14:00 - 08113152 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avcodec-lav-55.dll
2013-11-18 06:11 - 2013-11-14 14:00 - 00358912 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avutil-lav-52.dll
2013-11-18 06:11 - 2013-11-14 14:00 - 00235008 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\libbluray.dll
2013-11-18 06:11 - 2013-11-14 14:00 - 00385024 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll
2013-11-18 06:11 - 2013-11-14 14:00 - 00212480 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avfilter-lav-3.dll
2013-11-18 06:11 - 2013-11-14 14:00 - 00120832 _____ () C:\Program Files (x86)\K-Lite Codec Pack\Filters\LAV\avresample-lav-1.dll
2010-04-21 08:48 - 2010-04-21 08:48 - 00066560 _____ () C:\Program Files (x86)\foobar2000\zlib1.dll
2011-12-02 11:04 - 2011-12-02 11:04 - 00148480 _____ () C:\Program Files (x86)\foobar2000\shared.dll
2011-12-02 11:06 - 2011-12-02 11:06 - 00299008 _____ () C:\Program Files (x86)\foobar2000\components\foo_cdda.dll
2011-12-02 11:06 - 2011-12-02 11:06 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_dsp_std.dll
2011-12-02 11:05 - 2011-12-02 11:05 - 00171008 _____ () C:\Program Files (x86)\foobar2000\components\foo_unpack.dll
2011-12-02 11:05 - 2011-12-02 11:05 - 00483840 _____ () C:\Program Files (x86)\foobar2000\components\foo_converter.dll
2012-02-03 05:27 - 2011-02-24 13:13 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_monkey.dll
2011-12-02 11:06 - 2011-12-02 11:06 - 01130496 _____ () C:\Program Files (x86)\foobar2000\components\foo_ui_std.dll
2011-12-02 11:06 - 2011-12-02 11:06 - 00365056 _____ () C:\Program Files (x86)\foobar2000\components\foo_albumlist.dll
2011-12-02 11:05 - 2011-12-02 11:05 - 00276480 _____ () C:\Program Files (x86)\foobar2000\components\foo_fileops.dll
2011-12-02 11:05 - 2011-12-02 11:05 - 00283136 _____ () C:\Program Files (x86)\foobar2000\components\foo_rgscan.dll
2011-12-02 11:05 - 2011-12-02 11:05 - 01483264 _____ () C:\Program Files (x86)\foobar2000\components\foo_input_std.dll
2011-12-02 11:05 - 2011-12-02 11:05 - 00237568 _____ () C:\Program Files (x86)\foobar2000\components\foo_freedb2.dll
2013-11-08 02:47 - 2013-11-08 02:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\control\..\cef\hitleap-viewer-browser.exe
2013-11-08 02:47 - 2013-11-08 02:47 - 36561408 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\libcef.dll
2013-11-08 02:47 - 2013-11-08 02:47 - 01089024 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\hitleap-viewer-browser.exe
2013-11-08 02:47 - 2013-11-08 02:47 - 00862208 _____ () C:\Program Files (x86)\HitLeap\HitLeap Viewer 2.8\core\cef\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: Adobe LM Service => 3
MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: ICCS => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ImageBrowser EX Agent.lnk => C:\Windows\pss\ImageBrowser EX Agent.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MailWasher.lnk => C:\Windows\pss\MailWasher.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PalTalk.lnk => C:\Windows\pss\PalTalk.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tube Bot.lnk => C:\Windows\pss\Tube Bot.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_10354613.lnk => C:\Windows\pss\_uninst_10354613.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_24441005.lnk => C:\Windows\pss\_uninst_24441005.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jeremy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^_uninst_51818170.lnk => C:\Windows\pss\_uninst_51818170.lnk.Startup
MSCONFIG\startupreg: AddMeFastBotv4.exe => D:\- Jeremy\- Programs\- Website Tools\- Bots\AddMeFastBotv4.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Jeremy\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BrowseForTheCause => C:\Program Files (x86)\BrowseForTheCause\BrowseForTheCause.exe
MSCONFIG\startupreg: BrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\BrowserSyncSetup.exe"repair update startup
MSCONFIG\startupreg: CAHeadless => C:\Program Files (x86)\Adobe\Elements 10 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: ContaCam => C:\Program Files (x86)\ContaCam\ContaCam.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Dell DataSafe Online => C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe
MSCONFIG\startupreg: EV_Autowatcher_Download-Carbon0x => C:\Users\Jeremy\Desktop\Market\Enhanceviews Autowatcher v2.45.exe
MSCONFIG\startupreg: Facebook Update => "C:\Users\Jeremy\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: FileZilla Server Interface => "C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Jeremy\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_6D3B45FEBE36B822DCB3796A57AA2386 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: IEBrowserSync => "C:\Users\Jeremy\AppData\Roaming\BrowserSync\IE\IEBrowserSync.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Media Finder => "C:\Program Files (x86)\Media Finder\Media Finder.exe" /opentotray
MSCONFIG\startupreg: OM2_Monitor => "C:\Program Files (x86)\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
MSCONFIG\startupreg: Pinger => "C:\Program Files (x86)\Pinger\Pinger.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Jeremy\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Jeremy\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: ThreadManager.exe => C:\Program Files (x86)\Thread Manager\ThreadManager.exe
MSCONFIG\startupreg: urlspace => C:\Users\Jeremy\Desktop\Market\When Asleep\jingling.exe -h
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/12/2014 10:28:40 PM) (Source: Application Error) (User: )
Description: Faulting application name: ReverbNationPromoter.exe, version: 2.0.1.0, time stamp: 0x5211d86c
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xe0434f4d
Fault offset: 0x000000000000940d
Faulting process id: 0x%9
Faulting application start time: 0xReverbNationPromoter.exe0
Faulting application path: ReverbNationPromoter.exe1
Faulting module path: ReverbNationPromoter.exe2
Report Id: ReverbNationPromoter.exe3
Error: (03/12/2014 10:28:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: ReverbNationPromoter.exe, version: 2.0.1.0, time stamp: 0x5211d86c
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xe0434f4d
Fault offset: 0x000000000000940d
Faulting process id: 0x%9
Faulting application start time: 0xReverbNationPromoter.exe0
Faulting application path: ReverbNationPromoter.exe1
Faulting module path: ReverbNationPromoter.exe2
Report Id: ReverbNationPromoter.exe3
Error: (03/12/2014 10:28:17 PM) (Source: Application Error) (User: )
Description: Faulting application name: ReverbNationPromoter.exe, version: 2.0.1.0, time stamp: 0x5211d86c
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18229, time stamp: 0x51fb1677
Exception code: 0xe0434f4d
Fault offset: 0x000000000000940d
Faulting process id: 0x%9
Faulting application start time: 0xReverbNationPromoter.exe0
Faulting application path: ReverbNationPromoter.exe1
Faulting module path: ReverbNationPromoter.exe2
Report Id: ReverbNationPromoter.exe3
Error: (03/09/2014 10:34:16 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 1f10
Start Time: 01cf3ba43994e85c
Termination Time: 102
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: dc5d1a36-a797-11e3-8582-d067e52c8165
Error: (03/09/2014 01:17:13 AM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 15f0
Start Time: 01cf3af7ea13a236
Termination Time: 89
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 0fdb6ea9-a74a-11e3-8582-d067e52c8165
Error: (03/08/2014 02:15:02 PM) (Source: MsiInstaller) (User: Jeremy-PC)
Description: Product: Adobe AIR -- Error 1714. The older version of Adobe AIR cannot be removed. Contact your technical support group. System Error 1612.
Error: (03/08/2014 00:53:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 22.0.0.4916, time stamp: 0x51bf939f
Faulting module name: NPSWF32_12_0_0_70.dll, version: 12.0.0.70, time stamp: 0x530164e1
Exception code: 0x80000003
Fault offset: 0x0034764d
Faulting process id: 0x1528
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (03/08/2014 00:15:45 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: e10
Start Time: 01cf3a4e378c310f
Termination Time: 299
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: e15078fd-a6dc-11e3-8582-d067e52c8165
Error: (03/04/2014 07:11:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: plugin-container.exe, version: 27.0.1.5156, time stamp: 0x52fc0fcf
Faulting module name: mozalloc.dll, version: 27.0.1.5156, time stamp: 0x52fbe972
Exception code: 0x80000003
Fault offset: 0x0000119c
Faulting process id: 0x169c
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (03/04/2014 07:11:39 PM) (Source: Application Hang) (User: )
Description: The program firefox.exe version 27.0.1.5156 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 147c
Start Time: 01cf37b69d422d22
Termination Time: 85
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: 5211460e-a3f2-11e3-85b5-d067e52c8165
System errors:
=============
Error: (03/05/2014 11:21:55 PM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (03/04/2014 10:36:23 PM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (03/04/2014 10:09:05 PM) (Source: DCOM) (User: Jeremy-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jeremy-PCJeremyS-1-5-21-4055183432-471262313-3685020261-1000LocalHost (Using LRPC)
Error: (03/04/2014 10:02:54 PM) (Source: DCOM) (User: Jeremy-PC)
Description: machine-defaultLocalActivation{9BA05972-F6A8-11CF-A442-00A0C90A8F39}{9BA05972-F6A8-11CF-A442-00A0C90A8F39}Jeremy-PCJeremyS-1-5-21-4055183432-471262313-3685020261-1000LocalHost (Using LRPC)
Error: (03/03/2014 09:27:45 PM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (03/03/2014 09:11:30 PM) (Source: WMPNetworkSvc) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
Error: (03/03/2014 09:29:11 AM) (Source: DCOM) (User: )
Description: {0002DF01-0000-0000-C000-000000000046}
Error: (03/02/2014 11:23:01 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5
Error: (03/02/2014 11:22:37 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5
Error: (03/02/2014 11:22:14 AM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for Start with the following error:
%%5
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-10-06 01:34:22.151
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-06 01:34:22.098
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-06 01:34:22.044
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-10-06 01:34:21.990
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 15:23:06.934
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 15:23:06.888
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 15:23:06.841
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-08-09 15:23:06.795
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-27 11:19:20.910
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-06-27 11:19:20.872
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Percentage of memory in use: 78%
Total physical RAM: 6056.63 MB
Available physical RAM: 1322.84 MB
Total Pagefile: 12111.44 MB
Available Pagefile: 6439.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:450.91 GB) (Free:249.62 GB) NTFS
Drive d: (Files) (Fixed) (Total:931.51 GB) (Free:88.48 GB) NTFS
Drive e: (Media) (Fixed) (Total:931.51 GB) (Free:139.61 GB) NTFS
Drive f: (Backup) (Fixed) (Total:2794.52 GB) (Free:0.01 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 3468B252)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 9D4CFAAC)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or Vista) (Size: 932 GB) (Disk ID: 34ECB17F)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 4.
==================== End Of Log ============================