fokker313

February 3, 2015

much thanks, it will take a few days for me to accomplish the above requirements, i will update asap .... again thanks kevin

February 2, 2015

Hello and welome,

P2P/Piracy Warning:

Addition.txt log is attached to your reply, FRST must have been used. Can you also post the primary log FRST.txt. Logs are save here: C:\FRST\Logs

ok thanks, the log i found is below, I am new to this site and I appreciate your kind attention!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2015

Ran by Doc's (administrator) on DOCS-PC on 01-02-2015 16:09:21

Running from C:\Users\Doc's\AppData\Local\Temp\ig2d4pqv.tmp

Loaded Profiles: Doc's (Available profiles: Doc's)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc.exe

(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeSvc2.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe

(Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(M-Audio) C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe

(Anonymizer) C:\Program Files (x86)\Anonymizer\Anonymizer Universal\AnonMgmtSvc.exe

(Elex do Brasil Participações Ltda) C:\Program Files (x86)\iSafe\iSafeTray.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe

(Avid Technology, Inc.) C:\Windows\System32\M-AudioTaskBarIcon.exe

(Google Inc.) C:\Users\Doc's\AppData\Local\Google\Update\GoogleUpdate.exe

(Simple Star, Inc.) C:\Program Files (x86)\Walgreens\Walgreens PhotoShow 4\data\Xtras\mssysmgr.exe

() C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Anonymizer) C:\Program Files (x86)\Anonymizer\Anonymizer Universal\Anonymizer Universal.exe

(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

(Dolby Laboratories Inc.) C:\Dolby PCEE4\pcee4.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Stronghold Online Backup) C:\Users\Doc's\AppData\Local\Strongvault Online Backup\SMessaging.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe

(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE

(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

(iSkySoft) C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe

(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe

(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

(Adobe) C:\Users\Doc's\AppData\Local\Temp\install_flashplayer16x32_chrd_dn_aaa_aih.exe

(Apple Inc.) C:\Program Files (x86)\Safari\Safari.exe

(Apple Inc.) C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe

() C:\Program Files (x86)\SDDUpdater\updater.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2011-11-15] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2816336 2012-03-19] (ELAN Microelectronics Corp.)

HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020576 2012-02-20] (Atheros Commnucations)

HKLM\...\Run: [M-Audio Taskbar Icon] => C:\Windows\system32\M-AudioTaskBarIcon.exe [798728 2010-12-07] (Avid Technology, Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1021128 2014-11-20] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [296984 2012-01-05] (NTI Corporation)

HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Dolby PCEE4\pcee4.exe [506712 2011-06-01] (Dolby Laboratories Inc.)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1105488 2012-03-23] (Dritek System Inc.)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)

HKLM-x32\...\Run: [PopularScreensavers Search Scope Monitor] => C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin\7iSrchMn.exe [42536 2013-05-18] (MindSpark)

HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [448856 2014-08-19] (DivX, LLC)

HKLM-x32\...\Run: [sMessaging] => C:\Users\Doc's\AppData\Local\Strongvault Online Backup\SMessaging.exe [31664 2012-04-04] (Stronghold Online Backup)

HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-26] (AVAST Software)

HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [377368 2014-03-11] (Power Software Ltd)

HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)

HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe [2000896 2014-04-04] (iSkySoft)

HKLM-x32\...\Run: [gmsd_us_84] => [X]

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Run: [Google Update] => C:\Users\Doc's\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-07-12] (Google Inc.)

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Run: [Walgreens PhotoShow Media Manager] => C:\Program Files (x86)\Walgreens\Walgreens PhotoShow 4\data\Xtras\mssysmgr.exe [237568 2006-04-20] (Simple Star, Inc.)

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Run: [WeatherBug] => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe [146736 2013-11-13] ()

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Run: [Anonymizer Universal] => C:\Program Files (x86)\Anonymizer\Anonymizer Universal\Anonymizer Universal.exe [3928600 2014-10-21] (Anonymizer)

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1

HKU\S-1-5-18\...\RunOnce: [isMyWinLockerReboot] => msiexec.exe /qn /x{voidguid}

HKU\S-1-5-18\...\Policies\Explorer: [HideSCAHealth] 1

IFEO\bpsvc.exe: [Debugger] tasklist.exe

IFEO\dprotectsvc.exe: [Debugger] tasklist.exe

IFEO\jumpflip: [Debugger] tasklist.exe

IFEO\protectedsearch.exe: [Debugger] tasklist.exe

IFEO\searchinstaller.exe: [Debugger] tasklist.exe

IFEO\searchprotection.exe: [Debugger] tasklist.exe

IFEO\searchprotector.exe: [Debugger] tasklist.exe

IFEO\searchsettings.exe: [Debugger] tasklist.exe

IFEO\searchsettings64.exe: [Debugger] tasklist.exe

IFEO\snapdo.exe: [Debugger] tasklist.exe

IFEO\stinst32.exe: [Debugger] tasklist.exe

IFEO\stinst64.exe: [Debugger] tasklist.exe

IFEO\umbrella.exe: [Debugger] tasklist.exe

IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

IFEO\volaro: [Debugger] tasklist.exe

IFEO\vonteera: [Debugger] tasklist.exe

IFEO\websteroids.exe: [Debugger] tasklist.exe

IFEO\websteroidsservice.exe: [Debugger] tasklist.exe

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\Doc's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk

ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)

Startup: C:\Users\Doc's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

CHR HKU\S-1-5-21-373963065-2517038359-3763730876-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=https://www.yahoo.com?fr=hp-avast&type=avastbcl

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.key-find.com/web/?type=ds&ts=1397259501&from=amt&uid=ST9500325AS_5VETHXTWXXXX5VETHXTW&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.key-find.com/web/?type=ds&ts=1397259501&from=amt&uid=ST9500325AS_5VETHXTWXXXX5VETHXTW&q={searchTerms}

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hp&ts=1397259501&from=amt&uid=ST9500325AS_5VETHXTWXXXX5VETHXTW

HKU\S-1-5-21-373963065-2517038359-3763730876-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

URLSearchHook: HKLM-x32 - (No Name) - {92ed4bbd-83f2-4c70-bb4e-f8d3716143fe} - No File

SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0A0EyDyE0DtA0ByE0CtN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=695285060

SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=orgnl&chnl=&cd=2XzuyEtN2Y1L1Qzu0D0CtD0E0AtC0A0A0EyDyE0DtA0ByE0CtN0D0Tzu0CtAtCyEtN1L2XzutBtFtBtFtDtFtAyEyE&cr=695285060

SearchScopes: HKLM-x32 -> {1AF919F4-D7C6-93B8-6BAF-2421B23AF4C4} URL = http://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.key-find.com/web/?type=ds&ts=1397259501&from=amt&uid=ST9500325AS_5VETHXTWXXXX5VETHXTW&q={searchTerms}

SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKU\S-1-5-21-373963065-2517038359-3763730876-1000 -> DefaultScope {DB5F73D5-888B-4D6A-A376-8BCCEE0E5A60} URL =

BHO: No Name -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> No File

BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)

BHO: No Name -> {34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5} -> No File

BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No File

BHO-x32: No Name -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> No File

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)

BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO-x32: No Name -> {ab56dfde-0c14-45b3-9df6-7b0eba617870} -> No File

BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: No Name -> {df22384f-cf68-4d19-969f-10423715528b} -> No File

Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File

Toolbar: HKLM - No Name - {6fcaba44-a441-481f-895e-bddfd81a6cc2} - No File

Toolbar: HKLM - No Name - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - No File

Toolbar: HKLM-x32 - No Name - {92ed4bbd-83f2-4c70-bb4e-f8d3716143fe} - No File

Toolbar: HKLM-x32 - No Name - {6fcaba44-a441-481f-895e-bddfd81a6cc2} - No File

Toolbar: HKLM-x32 - No Name - {a0154e07-2b48-475c-a82a-80efd84ea33e} - No File

Toolbar: HKU\S-1-5-21-373963065-2517038359-3763730876-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File

Toolbar: HKU\S-1-5-21-373963065-2517038359-3763730876-1000 -> No Name - {92ED4BBD-83F2-4C70-BB4E-F8D3716143FE} - No File

Toolbar: HKU\S-1-5-21-373963065-2517038359-3763730876-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File

Toolbar: HKU\S-1-5-21-373963065-2517038359-3763730876-1000 -> No Name - {A0154E07-2B48-475C-A82A-80EFD84EA33E} - No File

DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}

Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)

Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1

FireFox:

========

FF ProfilePath: C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default

FF DefaultSearchEngine: Yahoo!

FF SelectedSearchEngine: Yahoo!

FF Keyword.URL: https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p=

FF NetworkProxy: "type",

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_257.dll ()

FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)

FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)

FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll No File

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )

FF Plugin-x32: @PopularScreensavers_7i.com/Plugin -> C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin\NP7iStub.dll No File

FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll No File

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-373963065-2517038359-3763730876-1000: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File

FF Plugin HKU\S-1-5-21-373963065-2517038359-3763730876-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Doc's\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-373963065-2517038359-3763730876-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Doc's\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

FF user.js: detected! => C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default\user.js

FF SearchPlugin: C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default\searchplugins\yahoo_ff.xml

FF Extension: TheTorntv V10 - C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default\Extensions\44e4876d5886435183fea8e@44f892d6c2ac4a44858c85e3636.com [2014-08-03]

FF Extension: Plus-HD-1.3 - C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default\Extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com [2014-07-05]

FF Extension: enterprise 1.1 - C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default\Extensions\e38c01fb-ffb2-4c7e-b4c7-1f47c844d855@gmail.com [2014-09-03]

FF Extension: Slick Savings - C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default\Extensions\{54FBE89E-C878-46bb-A064-AB327EE26EBC} [2014-12-18]

FF Extension: Start Page - C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default\Extensions\{62DD0A97-FDD4-421b-94A5-D1A9434450C7} [2014-12-18]

FF Extension: Ebay Shopping Assistant by Spigot - C:\Users\Doc's\AppData\Roaming\Mozilla\Firefox\Profiles\77211p5r.default\Extensions\{CA8C84C6-3918-41b1-BE77-049B2BDD887C} [2014-12-18]

FF HKLM-x32\...\Firefox\Extensions: [7iffxtbr@PopularScreensavers_7i.com] - C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin

FF Extension: PopularScreensavers - C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin [2013-05-18]

FF HKLM-x32\...\Firefox\Extensions: [39ffxtbr@MapsGalaxy_39.com] - C:\Program Files (x86)\MapsGalaxy_39\bar\1.bin

FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-06-27]

FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta198.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta198\ff

FF HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Firefox\Extensions: [lfind@nijadsoft.net] - C:\Program Files (x86)\LyricsFinder\FF

FF HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Firefox\Extensions: [lwoofer@lyricswoofer.co] - C:\Program Files (x86)\LyricsWoofer\122.xpi

FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:

=======

CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Doc's\AppData\Local\funmoods.crx [Not Found]

CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Doc's\AppData\Local\funmoods-speeddial_sf.crx [Not Found]

CHR HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Chrome\Extension: [amfclgbdpgndipgoegfpkkgobahigbcl] - C:\Users\Doc's\AppData\Local\Smartbar/Application\1Extension.crx [Not Found]

CHR HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Doc's\AppData\Local\funmoods.crx [Not Found]

CHR HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Doc's\AppData\Local\funmoods-speeddial_sf.crx [Not Found]

CHR HKU\S-1-5-21-373963065-2517038359-3763730876-1000\...\Chrome\Extension: [nlndmljfcnlkbcbbneenigbpikmdfcdh] - C:\Users\Doc's\AppData\Local\CRE\nlndmljfcnlkbcbbneenigbpikmdfcdh.crx [2013-08-11]

CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Doc's\AppData\Local\funmoods.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [bicnnkjibmphdeigoodpjlcklcnaobdj] - C:\Program Files (x86)\TornTV.com\torntv10.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [cekmkdkefndbeciggfanobcemjnppbbb] - C:\Program Files (x86)\LessTabs\Chrome\cekmkdkefndbeciggfanobcemjnppbbb.crx [2013-08-05]

CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Doc's\AppData\Local\funmoods-speeddial_sf.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [gnbcopcndefcccgdofjadnafjljgofam] - C:\Program Files (x86)\LyricsFinder\Chrome.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-11]

CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - C:\Program Files (x86)\Iminent\Iminent.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\BetterExperience\Chrome\common.crx [2014-01-31]

CHR HKLM-x32\...\Chrome\Extension: [jnikkfemnfogahcandhlchoengjbeaij] - C:\Program Files (x86)\LyricsWoofer\122.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [lgnbhdnimikkoodkogjlcllngimhlapp] - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Doc's\AppData\Roaming\PlusWinks\PlusWinks.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [nlndmljfcnlkbcbbneenigbpikmdfcdh] - C:\Users\Doc's\AppData\Local\CRE\nlndmljfcnlkbcbbneenigbpikmdfcdh.crx [2013-08-11]

CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Doc's\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [Not Found]

CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [Not Found]

Opera:

=======

OPR Extension: (enterprise 1.1) - C:\Users\Doc's\AppData\Roaming\Opera Software\Opera Stable\Extensions\kamobkapmbfjeihgdegmieoldlbkogjb [2014-09-03]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AnonMgmtSvc; C:\Program Files (x86)\Anonymizer\Anonymizer Universal\AnonMgmtSvc.exe [220184 2014-10-21] (Anonymizer)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-02-20] (Atheros Commnucations) [File not signed]

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-11] (AVAST Software)

S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-11] (Avast Software)

S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [75624 2012-01-05] (Alcohol Soft Development Team)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2449592 2014-11-12] (Microsoft Corporation)

R2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [118056 2014-04-23] (Elex do Brasil Participações Ltda)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [256536 2012-01-05] (NTI Corporation)

S2 PopularScreensavers_7iService; C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin\7ibarsvc.exe [42504 2013-05-18] (COMPANYVERS_NAME)

S3 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]

R2 USBMIDIAudioDevMon; C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe [1636872 2010-04-13] (M-Audio)

S2 VjdOuv; C:\ProgramData\tapSSXEo\VjdOuv.exe [2734456 2015-01-13] (Small Island Development)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424624 2015-01-12] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-01-31] (Advanced Micro Devices, Inc.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-11] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-11] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-11] (AVAST Software)

R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-11] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-11] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-11] (AVAST Software)

R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-11] (AVAST Software)

R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-11] ()

R3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [232960 2014-04-23] (Elex do Brasil Participações Ltda)

S3 iSafeKrnlBoot; C:\Windows\System32\DRIVERS\iSafeKrnlBoot.sys [43520 2014-04-23] (Elex do Brasil Participações Ltda)

R1 iSafeKrnlKit; C:\Program Files (x86)\iSafe\iSafeKrnlKit.sys [66048 2014-04-23] (Elex do Brasil Participações Ltda)

R1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [48128 2014-04-23] (Elex do Brasil Participações Ltda)

S3 MAUSBMIDI; C:\Windows\System32\DRIVERS\MAudioUSBMIDI.sys [200200 2010-04-13] (M-Audio)

R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-26] (CACE Technologies, Inc.)

S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()

R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-09-09] (Duplex Secure Ltd.)

S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-11-11] (MCCI Corporation)

S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)

R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-11] (Avast Software)

R1 {1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64; C:\Windows\System32\drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64.sys [48792 2015-01-25] (StdLib)

R1 {371bcf01-e691-44bf-9345-60788e5d16a5}Gw64; C:\Windows\System32\drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw64.sys [48792 2015-01-28] (StdLib)

R1 {4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw64; C:\Windows\System32\drivers\{4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw64.sys [48792 2015-01-21] (StdLib)

R1 {5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw64; C:\Windows\System32\drivers\{5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw64.sys [48792 2015-01-22] (StdLib)

R1 {8d9208df-94f9-4c96-a224-97b37b0df94e}Gw64; C:\Windows\System32\drivers\{8d9208df-94f9-4c96-a224-97b37b0df94e}Gw64.sys [48792 2015-01-04] (StdLib)

U3 aa765cfc; C:\Windows\System32\Drivers\aa765cfc.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero size file/folder)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 16:09 - 2015-02-01 16:09 - 00000000 ____D () C:\FRST

2015-02-01 15:43 - 2015-02-01 15:43 - 00001555 _____ () C:\Users\Doc's\Desktop\hijackthis - Shortcut.lnk

2015-02-01 15:32 - 2015-02-01 15:32 - 00015818 _____ () C:\Users\Doc's\Documents\hijackthis.log

2015-01-31 23:25 - 2015-01-31 23:35 - 130030423 _____ () C:\Users\Doc's\Downloads\msert.exe.download

2015-01-31 18:23 - 2015-01-31 18:23 - 00001998 _____ () C:\Windows\PFRO.log

2015-01-31 00:29 - 2015-02-01 12:36 - 00000336 _____ () C:\Windows\setupact.log

2015-01-31 00:29 - 2015-01-31 00:29 - 00000000 _____ () C:\Windows\setuperr.log

2015-01-29 18:43 - 2015-01-29 18:43 - 00245475 _____ () C:\Users\Doc's\Downloads\photo.php

2015-01-28 22:14 - 2015-01-28 22:14 - 00002015 _____ () C:\Users\Doc's\Desktop\FastDownload.com.lnk

2015-01-28 22:14 - 2015-01-28 22:14 - 00002007 _____ () C:\Users\Doc's\Desktop\GameTeam.com.lnk

2015-01-28 22:14 - 2015-01-28 22:14 - 00002005 _____ () C:\Users\Doc's\Desktop\GameTop.com.lnk

2015-01-28 18:48 - 2015-01-28 12:35 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{371bcf01-e691-44bf-9345-60788e5d16a5}Gw64.sys

2015-01-26 10:10 - 2015-01-26 10:14 - 00019691 _____ () C:\Users\Doc's\Downloads\www.google.com.dms

2015-01-25 17:40 - 2015-01-31 04:00 - 00000278 _____ () C:\Windows\Tasks\Anonymizer Universal Updates.job

2015-01-25 17:40 - 2015-01-25 17:40 - 00003016 _____ () C:\Windows\System32\Tasks\Anonymizer Universal Updates

2015-01-25 14:25 - 2015-01-25 14:25 - 00000000 ____D () C:\AdwCleaner

2015-01-25 12:36 - 2015-01-25 12:36 - 00000330 _____ () C:\Windows\system32\2015-01-25-17-36-28.043-aswFe.exe-2388.log

2015-01-25 12:21 - 2015-01-25 12:36 - 00000247 _____ () C:\Windows\system32\2015-01-25-17-21-38.051-aswFe.exe-7880.log

2015-01-25 12:21 - 2015-01-25 12:21 - 00000197 _____ () C:\Windows\system32\2015-01-25-17-21-18.085-AvastVBoxSVC.exe-9100.log

2015-01-25 11:49 - 2015-01-25 11:49 - 00000247 _____ () C:\Windows\system32\2015-01-25-16-49-40.021-aswFe.exe-9184.log

2015-01-25 11:49 - 2015-01-25 11:49 - 00000197 _____ () C:\Windows\system32\2015-01-25-16-49-15.004-AvastVBoxSVC.exe-7596.log

2015-01-25 11:30 - 2015-01-25 11:30 - 00000247 _____ () C:\Windows\system32\2015-01-25-16-30-32.037-aswFe.exe-4208.log

2015-01-25 11:30 - 2015-01-25 11:30 - 00000197 _____ () C:\Windows\system32\2015-01-25-16-30-18.011-AvastVBoxSVC.exe-3840.log

2015-01-25 08:51 - 2015-01-25 05:45 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{1d7d694e-604c-4da2-9100-b2601d3a1c57}Gw64.sys

2015-01-24 16:44 - 2015-01-24 16:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anonymizer

2015-01-24 16:44 - 2015-01-24 16:44 - 00000000 ____D () C:\Program Files (x86)\Anonymizer

2015-01-23 16:10 - 2015-01-23 16:10 - 00000000 ____T () C:\Windows\SysWOW64\Ñ

2015-01-23 15:35 - 2015-01-23 15:35 - 00000000 ____T () C:\Windows\SysWOW64\E

2015-01-23 15:32 - 2015-01-23 15:32 - 00000000 ____T () C:\Windows\SysWOW64\O

2015-01-23 00:08 - 2015-01-23 00:08 - 00000197 _____ () C:\Windows\system32\2015-01-23-05-08-53.046-AvastVBoxSVC.exe-4484.log

2015-01-22 20:10 - 2015-01-22 12:54 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{5c281c6e-0132-4ac6-ad9d-d1d95d218412}Gw64.sys

2015-01-22 17:00 - 2015-01-22 17:01 - 00000280 _____ () C:\Windows\system32\2015-01-22-22-00-35.096-aswFe.exe-3172.log

2015-01-21 20:43 - 2015-01-21 10:43 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{4cff408a-d9e7-47c3-a711-95133fcf7f45}Gw64.sys

2015-01-21 19:40 - 2015-01-21 19:40 - 00000280 _____ () C:\Windows\system32\2015-01-22-00-40-33.025-aswFe.exe-7040.log

2015-01-21 19:39 - 2015-01-21 19:38 - 06280608 _____ () C:\Users\Doc's\Downloads\hotspot-shield.exe

2015-01-21 19:34 - 2015-01-21 19:34 - 00000280 _____ () C:\Windows\system32\2015-01-22-00-34-06.086-aswFe.exe-6344.log

2015-01-20 23:39 - 2015-01-20 23:39 - 00000197 _____ () C:\Windows\system32\2015-01-21-04-39-57.025-AvastVBoxSVC.exe-4768.log

2015-01-20 21:11 - 2015-01-20 21:12 - 00000280 _____ () C:\Windows\system32\2015-01-21-02-11-59.020-aswFe.exe-7764.log

2015-01-20 21:10 - 2015-01-20 21:10 - 00000280 _____ () C:\Windows\system32\2015-01-21-02-10-51.006-aswFe.exe-9004.log

2015-01-20 21:02 - 2015-01-20 21:02 - 00000280 _____ () C:\Windows\system32\2015-01-21-02-02-22.004-aswFe.exe-6008.log

2015-01-20 18:33 - 2015-01-20 18:33 - 00000000 ____T () C:\Windows\SysWOW64\G

2015-01-20 14:19 - 2015-01-20 14:43 - 00000000 ____D () C:\Users\Doc's\AppData\Local\SoftonicAssistant

2015-01-20 00:08 - 2015-01-20 00:08 - 00000280 _____ () C:\Windows\system32\2015-01-20-05-08-11.099-aswFe.exe-7612.log

2015-01-19 23:18 - 2015-01-19 23:19 - 00000280 _____ () C:\Windows\system32\2015-01-20-04-18-58.059-aswFe.exe-6628.log

2015-01-19 16:44 - 2015-01-19 16:44 - 00000197 _____ () C:\Windows\system32\2015-01-19-21-44-11.088-AvastVBoxSVC.exe-5832.log

2015-01-18 15:44 - 2015-01-18 15:44 - 00000197 _____ () C:\Windows\system32\2015-01-18-20-44-14.041-AvastVBoxSVC.exe-3396.log

2015-01-17 22:51 - 2015-01-17 22:51 - 00000197 _____ () C:\Windows\system32\2015-01-18-03-51-08.061-AvastVBoxSVC.exe-4380.log

2015-01-17 22:27 - 2015-01-17 22:27 - 00000197 _____ () C:\Windows\system32\2015-01-18-03-27-25.099-AvastVBoxSVC.exe-3164.log

2015-01-17 16:13 - 2015-01-17 16:13 - 00000197 _____ () C:\Windows\system32\2015-01-17-21-13-00.043-AvastVBoxSVC.exe-4696.log

2015-01-17 13:39 - 2015-01-17 13:39 - 00000000 ____H () C:\Users\Doc's\Documents\Default.rdp

2015-01-17 13:07 - 2015-01-17 13:07 - 00000197 _____ () C:\Windows\system32\2015-01-17-18-07-26.027-AvastVBoxSVC.exe-6328.log

2015-01-17 11:13 - 2015-01-17 11:13 - 00000197 _____ () C:\Windows\system32\2015-01-17-16-13-55.037-AvastVBoxSVC.exe-4780.log

2015-01-17 10:42 - 2015-01-17 10:42 - 00003124 _____ () C:\Windows\System32\Tasks\{BB637A49-9A49-4603-95E6-16068FF3E37F}

2015-01-17 10:30 - 2015-01-17 10:30 - 00000197 _____ () C:\Windows\system32\2015-01-17-15-30-20.095-AvastVBoxSVC.exe-4536.log

2015-01-17 10:25 - 2015-01-17 10:25 - 00000000 _____ () C:\Windows\SysWOW64\sho3F94.tmp

2015-01-16 14:01 - 2015-01-24 15:42 - 00000000 ____D () C:\ProgramData\Browser

2015-01-16 00:50 - 2015-01-16 00:50 - 00000197 _____ () C:\Windows\system32\2015-01-16-05-50-42.003-AvastVBoxSVC.exe-2228.log

2015-01-15 22:05 - 2015-01-15 22:05 - 00000197 _____ () C:\Windows\system32\2015-01-16-03-05-31.004-AvastVBoxSVC.exe-7108.log

2015-01-15 21:52 - 2015-01-15 21:52 - 00000000 ____D () C:\MovieWizard

2015-01-14 15:57 - 2015-01-14 15:57 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\Lazy Turtle Games

2015-01-14 15:56 - 2015-01-17 22:47 - 00000000 ____D () C:\Windows\The Return of Monte Cristo

2015-01-14 15:56 - 2015-01-17 22:47 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Return of Monte Cristo

2015-01-14 15:56 - 2015-01-17 22:47 - 00000000 ____D () C:\Program Files (x86)\The Return of Monte Cristo

2015-01-14 15:49 - 2015-01-14 15:49 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\To the Moon - Freebird Games

2015-01-13 16:47 - 2014-12-18 22:06 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll

2015-01-13 16:47 - 2014-12-18 20:46 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys

2015-01-13 16:47 - 2014-12-11 12:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2015-01-13 16:47 - 2014-12-05 23:17 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll

2015-01-13 16:47 - 2014-12-05 22:50 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncsi.dll

2015-01-13 16:47 - 2014-12-05 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlaapi.dll

2015-01-13 16:46 - 2014-12-12 00:35 - 05553592 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-01-13 16:46 - 2014-12-12 00:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-01-13 16:46 - 2014-12-12 00:31 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-01-13 16:46 - 2014-12-12 00:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-01-13 16:46 - 2014-12-12 00:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-01-13 16:46 - 2014-12-12 00:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-01-13 16:46 - 2014-12-12 00:07 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-01-13 11:27 - 2015-01-13 11:27 - 00000197 _____ () C:\Windows\system32\2015-01-13-16-27-10.042-AvastVBoxSVC.exe-6360.log

2015-01-13 10:30 - 2015-01-13 10:30 - 00003102 _____ () C:\Windows\System32\Tasks\{811E6CDB-C394-4F2F-9B3F-B82A71505F01}

2015-01-13 10:27 - 2015-01-13 10:27 - 00000000 ____D () C:\ProgramData\2666cdac00005bfc

2015-01-13 10:20 - 2015-01-13 10:20 - 00000197 _____ () C:\Windows\system32\2015-01-13-15-20-53.065-AvastVBoxSVC.exe-4436.log

2015-01-13 09:44 - 2015-01-13 09:44 - 00000197 _____ () C:\Windows\system32\2015-01-13-14-44-02.031-AvastVBoxSVC.exe-3516.log

2015-01-13 08:46 - 2015-01-13 08:46 - 00000000 _____ () C:\Windows\SysWOW64\sho2EEC.tmp

2015-01-13 08:37 - 2015-01-13 08:37 - 00000197 _____ () C:\Windows\system32\2015-01-13-13-37-24.008-AvastVBoxSVC.exe-4672.log

2015-01-13 02:44 - 2015-01-25 12:25 - 00000000 ____D () C:\Users\Doc's\AppData\Local\MovieWizard

2015-01-13 02:27 - 2015-01-13 02:27 - 00000197 _____ () C:\Windows\system32\2015-01-13-07-27-46.032-AvastVBoxSVC.exe-7064.log

2015-01-13 02:26 - 2014-04-23 05:19 - 00043520 _____ (Elex do Brasil Participações Ltda) C:\Windows\system32\Drivers\iSafeKrnlBoot.sys

2015-01-13 01:52 - 2015-01-17 22:47 - 00000000 ____D () C:\Windows\System32\Tasks\SDD

2015-01-13 01:52 - 2015-01-17 22:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip

2015-01-13 01:52 - 2015-01-17 22:47 - 00000000 ____D () C:\Program Files (x86)\SDDUpdater

2015-01-13 01:51 - 2015-01-17 22:47 - 00000000 ____D () C:\ProgramData\tapSSXEo

2015-01-13 01:51 - 2015-01-13 10:39 - 00000000 ____D () C:\ProgramData\MovieWizard

2015-01-12 12:27 - 2015-01-12 12:27 - 00000197 _____ () C:\Windows\system32\2015-01-12-17-27-15.015-AvastVBoxSVC.exe-4688.log

2015-01-09 00:34 - 2015-01-09 00:34 - 00000197 _____ () C:\Windows\system32\2015-01-09-05-34-50.082-AvastVBoxSVC.exe-6216.log

2015-01-06 00:52 - 2015-01-06 00:52 - 00000197 _____ () C:\Windows\system32\2015-01-06-05-52-05.010-AvastVBoxSVC.exe-4320.log

2015-01-04 23:58 - 2015-01-05 00:03 - 34305058 _____ () C:\Users\Doc's\Downloads\torbrowser-install-4.0.2_en-US.exe

2015-01-04 21:04 - 2015-01-24 16:52 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\Anonymizer

2015-01-04 20:59 - 2014-09-03 17:27 - 00034248 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

2015-01-04 20:58 - 2015-01-04 20:58 - 00000000 ____D () C:\ProgramData\Anonymizer

2015-01-04 19:41 - 2015-01-04 19:41 - 00000280 _____ () C:\Windows\system32\2015-01-05-00-41-31.066-aswFe.exe-5240.log

2015-01-04 19:31 - 2015-01-04 19:35 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\StormFall

2015-01-04 19:31 - 2015-01-04 19:31 - 00000000 ____D () C:\Users\Doc's\AppData\Local\Pirates

2015-01-04 19:27 - 2015-01-04 15:48 - 00048792 _____ (StdLib) C:\Windows\system32\Drivers\{8d9208df-94f9-4c96-a224-97b37b0df94e}Gw64.sys

2015-01-04 13:29 - 2015-01-04 13:29 - 00000197 _____ () C:\Windows\system32\2015-01-04-18-29-50.043-AvastVBoxSVC.exe-5620.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-02-01 15:47 - 2013-07-14 08:02 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-373963065-2517038359-3763730876-1000UA.job

2015-02-01 15:33 - 2012-11-10 14:02 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-02-01 15:10 - 2013-11-11 12:25 - 00001296 _____ () C:\Windows\Tasks\Plus-HD-1.3-updater.job

2015-02-01 15:10 - 2013-11-11 12:24 - 00001906 _____ () C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job

2015-02-01 15:10 - 2013-11-11 12:24 - 00001830 _____ () C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job

2015-02-01 15:10 - 2013-11-11 12:24 - 00001198 _____ () C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job

2015-02-01 15:01 - 2012-11-12 22:05 - 00000296 _____ () C:\Windows\Tasks\Registry Optimizer_DEFAULT.job

2015-02-01 14:41 - 2013-08-22 20:21 - 00000000 ____D () C:\Users\Doc's\AppData\Local\Strongvault Online Backup

2015-02-01 14:35 - 2013-12-22 18:24 - 00000000 ____D () C:\Program Files (x86)\iSafe

2015-02-01 14:26 - 2012-05-29 10:06 - 01712809 _____ () C:\Windows\WindowsUpdate.log

2015-02-01 13:34 - 2014-04-27 19:40 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job

2015-02-01 13:16 - 2014-02-24 16:34 - 00000436 _____ () C:\Windows\Tasks\PC Optimizer Pro Idle.job

2015-02-01 13:02 - 2012-11-10 06:45 - 00000000 ____D () C:\Users\Doc's\AppData\Local\Adobe

2015-02-01 11:22 - 2014-09-03 22:22 - 00001764 _____ () C:\Windows\Tasks\6b79e399-be4e-475d-8d39-03fad3612fe0-5_user.job

2015-02-01 11:22 - 2014-09-03 22:22 - 00001744 _____ () C:\Windows\Tasks\6b79e399-be4e-475d-8d39-03fad3612fe0-5.job

2015-02-01 11:21 - 2014-09-03 22:21 - 00002578 _____ () C:\Windows\Tasks\6b79e399-be4e-475d-8d39-03fad3612fe0-4.job

2015-02-01 11:21 - 2014-09-03 22:21 - 00001872 _____ () C:\Windows\Tasks\6b79e399-be4e-475d-8d39-03fad3612fe0-1.job

2015-02-01 11:20 - 2014-09-03 22:20 - 00004482 _____ () C:\Windows\Tasks\6b79e399-be4e-475d-8d39-03fad3612fe0-11.job

2015-02-01 10:44 - 2014-01-17 19:30 - 00000000 ____D () C:\Program Files (x86)\WinZipper

2015-02-01 08:47 - 2013-07-14 08:02 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-373963065-2517038359-3763730876-1000Core.job

2015-01-31 23:18 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-01-31 23:18 - 2009-07-13 23:45 - 00024608 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-01-31 22:59 - 2013-06-27 15:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update

2015-01-31 22:59 - 2012-11-10 06:53 - 00000000 ____D () C:\Users\Doc's\AppData\Local\CrashDumps

2015-01-31 22:57 - 2014-02-24 16:34 - 00000414 _____ () C:\Windows\Tasks\PC Optimizer Pro64 startups.job

2015-01-31 22:57 - 2014-02-22 23:35 - 00000462 _____ () C:\Windows\Tasks\SDMsgUpdate (Local).job

2015-01-31 22:57 - 2014-02-22 23:35 - 00000454 _____ () C:\Windows\Tasks\SDMsgUpdate (TE).job

2015-01-31 22:57 - 2013-12-19 17:08 - 00000458 _____ () C:\Windows\Tasks\RegPowerClean.job

2015-01-31 22:57 - 2013-06-10 15:44 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job

2015-01-31 22:57 - 2013-06-02 21:53 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

2015-01-31 22:56 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2015-01-31 19:21 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF

2015-01-31 18:34 - 2013-07-05 07:45 - 00000000 ____D () C:\Users\Doc's\Desktop\Doc's VIDS

2015-01-31 18:32 - 2012-11-22 00:38 - 00000000 ____D () C:\Users\Doc's\Desktop\Browsers & Torrent

2015-01-31 18:21 - 2012-11-12 22:03 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\Azureus

2015-01-31 18:18 - 2013-08-17 08:17 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\vlc

2015-01-31 16:03 - 2013-09-19 19:25 - 00000000 ____D () C:\Users\Doc's\Desktop\MOVIES&TV SHOWS

2015-01-30 18:09 - 2013-12-22 18:24 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\iSafe

2015-01-29 00:29 - 2009-07-13 22:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy

2015-01-28 22:16 - 2012-11-23 11:53 - 00000000 ___RD () C:\Users\Doc's\Desktop\GAMES

2015-01-28 22:14 - 2013-06-19 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GameTop.com

2015-01-28 22:14 - 2013-06-19 12:08 - 00000000 ____D () C:\Program Files (x86)\GameTop.com

2015-01-28 22:05 - 2012-11-12 22:05 - 00000304 _____ () C:\Windows\Tasks\Registry Optimizer_UPDATES.job

2015-01-28 18:31 - 2009-07-13 21:34 - 00000537 _____ () C:\Windows\win.ini

2015-01-26 00:34 - 2012-11-10 14:02 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-01-26 00:33 - 2012-03-19 12:08 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-01-26 00:33 - 2012-03-19 12:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-01-25 21:10 - 2014-07-05 22:25 - 00000000 ____D () C:\Users\Doc's\Desktop\empty 2

2015-01-24 17:40 - 2013-09-19 19:25 - 00000000 ____D () C:\Users\Doc's\Desktop\Computer Stuff

2015-01-20 23:24 - 2013-07-29 21:41 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\Zip Opener Packages

2015-01-20 23:24 - 2013-06-02 21:49 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\LavFilters

2015-01-20 23:24 - 2013-06-02 21:49 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\Codec Pack Packages

2015-01-20 21:37 - 2013-11-18 20:33 - 00000000 ____D () C:\temp

2015-01-19 09:12 - 2014-01-17 19:30 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\WinZipper

2015-01-19 09:09 - 2012-11-14 17:12 - 00000000 ____D () C:\Windows\System32\Tasks\Games

2015-01-18 11:20 - 2012-11-14 18:46 - 00000000 ____D () C:\Program Files (x86)\Mystery Case Files - Huntsville

2015-01-18 11:19 - 2012-03-19 12:10 - 00000000 ____D () C:\ProgramData\Temp

2015-01-17 22:47 - 2014-01-07 14:59 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\dvdcss

2015-01-17 22:47 - 2013-12-22 18:24 - 00000000 ____D () C:\Windows\system32\log

2015-01-17 22:47 - 2013-10-18 17:21 - 00000000 ____D () C:\ProgramData\McAfee Security Scan

2015-01-17 22:47 - 2012-11-10 03:21 - 00000000 ____D () C:\Users\Doc's

2015-01-17 22:47 - 2012-05-29 10:29 - 00000000 ____D () C:\ProgramData\Atheros

2015-01-17 22:47 - 2012-03-19 12:05 - 00000000 ____D () C:\ProgramData\BackupManager

2015-01-17 22:47 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration

2015-01-17 21:47 - 2013-10-26 00:46 - 00000000 ____D () C:\Program Files (x86)\qualitink

2015-01-17 21:45 - 2014-07-11 12:39 - 00003880 _____ () C:\Windows\System32\Tasks\BrowserSafeguard

2015-01-17 16:15 - 2012-11-12 18:38 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\Skype

2015-01-17 10:42 - 2014-04-20 01:29 - 00000000 ____D () C:\ProgramData\BetterExperience

2015-01-17 00:19 - 2013-07-27 04:58 - 00000160 _____ () C:\Users\Doc's\AppData\Roaming\WB.CFG

2015-01-16 00:34 - 2013-07-12 02:02 - 00000000 ____D () C:\Windows\system32\MRT

2015-01-16 00:22 - 2012-11-12 18:39 - 113365784 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-01-14 19:03 - 2013-10-02 00:11 - 00000000 ____D () C:\Program Files (x86)\Foxy Games

2015-01-13 02:27 - 2012-11-10 03:25 - 00001603 _____ () C:\Users\Doc's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-01-13 01:52 - 2013-12-12 10:42 - 00000000 ____D () C:\ProgramData\Updater

2015-01-13 01:50 - 2012-11-10 13:53 - 00000000 ____D () C:\Program Files (x86)\Safari

2015-01-12 00:38 - 2014-11-23 23:59 - 00159361 _____ () C:\Users\Doc.mp4

2015-01-09 22:47 - 2014-04-07 08:38 - 00000000 ____D () C:\Users\Doc's\Desktop\Empty 4

2015-01-08 20:49 - 2014-04-07 17:50 - 00000000 ____D () C:\Users\Doc's\Desktop\EMPTY 7

2015-01-08 15:30 - 2009-07-14 00:13 - 00804720 _____ () C:\Windows\system32\PerfStringBackup.INI

2015-01-06 11:55 - 2014-09-03 22:20 - 00000000 ____D () C:\Program Files (x86)\enterprise 1.1

2015-01-06 09:21 - 2013-11-11 12:24 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-1.3

2015-01-06 04:36 - 2010-11-20 22:27 - 00298120 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2015-01-04 17:43 - 2014-03-23 17:05 - 00000000 ____D () C:\Program Files (x86)\JetAudio

2015-01-04 17:43 - 2013-08-20 19:50 - 00000000 ____D () C:\Program Files (x86)\Bejeweled 3 new

2015-01-04 17:34 - 2014-12-31 21:21 - 00000000 ____D () C:\ProgramData\BlueStacksSetup

2015-01-04 17:34 - 2013-10-28 22:42 - 00000000 ____D () C:\Windows\Minidump

2015-01-04 13:44 - 2014-03-18 18:17 - 00000000 ____D () C:\Users\Doc's\AppData\Roaming\uTorrent

==================== Files in the root of some directories =======

2013-12-22 18:09 - 2013-12-22 18:09 - 0000068 _____ () C:\Users\Doc's\AppData\Roaming\photoshow_express_setup.txt

2013-12-04 23:19 - 2013-12-05 00:31 - 0003408 _____ () C:\Users\Doc's\AppData\Roaming\result1.db

2012-11-12 16:35 - 2015-01-31 19:12 - 0033193 _____ () C:\Users\Doc's\AppData\Roaming\UserTile.png

2013-07-27 04:58 - 2015-01-17 00:19 - 0000160 _____ () C:\Users\Doc's\AppData\Roaming\WB.CFG

2013-06-15 00:01 - 2014-01-28 00:19 - 0000005 _____ () C:\Users\Doc's\AppData\Roaming\WBPU-TTL.DAT

2014-03-23 17:23 - 2014-03-23 17:23 - 0003584 _____ () C:\Users\Doc's\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2013-06-02 10:04 - 2013-06-02 10:04 - 0000017 _____ () C:\Users\Doc's\AppData\Local\resmon.resmoncfg

2014-04-22 09:57 - 2014-04-22 09:57 - 0000057 _____ () C:\ProgramData\Ament.ini

2012-05-29 10:40 - 2012-05-29 10:45 - 0002454 _____ () C:\ProgramData\clear.fiSDK20.log

2013-12-04 23:20 - 2013-12-05 09:24 - 0002763 _____ () C:\ProgramData\connector.swf

2012-05-29 10:44 - 2012-05-29 10:44 - 0000032 _____ () C:\ProgramData\PS.log

2014-02-22 13:38 - 2014-02-22 13:38 - 0000079 _____ () C:\ProgramData\spds90.txt

Some content of TEMP:

====================

C:\Users\Doc's\AppData\Local\Temp\ct_2016.exe

C:\Users\Doc's\AppData\Local\Temp\install_flashplayer16x32_chrd_dn_aaa_aih.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-01-24 09:38

==================== End Of Log ============================

February 1, 2015

Please help with the possible infection ...... windows 7, 64bit ......computer gives corrupt error message as "can not open" .... file corrupted...... also when online some video's will not play... shows a green screen with no error message .... flash player up to date....thanks in advance

Logfile of Trend Micro Haddition.txtijackThis v2.0.5

Scan saved at 3:31:59 PM, on 2/1/2015

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.17496)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\iSafe\iSafeTray.exe

C:\Users\Doc's\AppData\Local\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Walgreens\Walgreens PhotoShow 4\data\Xtras\mssysmgr.exe

C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe

C:\Program Files (x86)\Anonymizer\Anonymizer Universal\Anonymizer Universal.exe

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\MagicDisc\MagicDisc.exe

C:\Users\Doc's\AppData\Local\Strongvault Online Backup\SMessaging.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Program Files\AVAST Software\Avast\avastui.exe

C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe

C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Users\Doc's\AppData\Local\Temp\jia9y3ww.tmp\install_flashplayer16x32_chrd_dn_aaa_aih.exe

C:\Program Files (x86)\Safari\Safari.exe

C:\Program Files (x86)\Safari\Apple Application Support\WebKit2WebProcess.exe

C:\Users\Doc's\AppData\Local\Temp\nkczste8.tmp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.key-find.com/?type=hp&ts=1397259501&from=amt&uid=ST9500325AS_5VETHXTWXXXX5VETHXTW

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=56626&homepage=https://www.yahoo.com?fr=hp-avast&type=avastbcl

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=da598694-8074-4084-8e21-ea8bcf79d624&searchtype=ds&q={searchTerms}&installDate=28/09/2013

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=US&userid=da598694-8074-4084-8e21-ea8bcf79d624&searchtype=ds&q={searchTerms}&installDate=28/09/2013

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe,

O2 - BHO: (no name) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - (no file)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: (no name) - {ab56dfde-0c14-45b3-9df6-7b0eba617870} - (no file)

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll

O2 - BHO: (no name) - {df22384f-cf68-4d19-969f-10423715528b} - (no file)

O3 - Toolbar: (no name) - {92ed4bbd-83f2-4c70-bb4e-f8d3716143fe} - (no file)

O3 - Toolbar: (no name) - {6fcaba44-a441-481f-895e-bddfd81a6cc2} - (no file)

O3 - Toolbar: (no name) - {a0154e07-2b48-475c-a82a-80efd84ea33e} - (no file)

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [Dolby Home Theater v4] "C:\Dolby PCEE4\pcee4.exe" -autostart

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [PopularScreensavers Search Scope Monitor] "C:\PROGRA~2\POPULA~2\bar\1.bin\7isrchmn.exe" /m=2 /w /h

O4 - HKLM\..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe

O4 - HKLM\..\Run: [sMessaging] "C:\Users\Doc's\AppData\Local\Strongvault Online Backup\SMessaging.exe"

O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE -startup

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [iSkysoft Helper Compact.exe] C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe

O4 - HKCU\..\Run: [Google Update] "C:\Users\Doc's\AppData\Local\Google\Update\GoogleUpdate.exe" /c

O4 - HKCU\..\Run: [Walgreens PhotoShow Media Manager] C:\PROGRA~2\WALGRE~1\WALGRE~1\data\Xtras\mssysmgr.exe

O4 - HKCU\..\Run: [WeatherBug] C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe

O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe" -automount

O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

O4 - HKCU\..\Run: [Anonymizer Universal] C:\Program Files (x86)\Anonymizer\Anonymizer Universal\Anonymizer Universal.exe /tray

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe

O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe

O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll

O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll

O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll

O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 (file missing)

O9 - Extra button: (no name) - {6ED0A312-78F5-493C-A90C-5DAF321D0BF8} - C:\ProgramData\WeCareReminder\IEMenuItem.dll (file missing) (HKCU)

O9 - Extra 'Tools' menuitem: We-Care Add-on - {6ED0A312-78F5-493C-A90C-5DAF321D0BF8} - C:\ProgramData\WeCareReminder\IEMenuItem.dll (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -

O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL

O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll

O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Anonymizer Management Service (AnonMgmtSvc) - Anonymizer - C:\Program Files (x86)\Anonymizer\Anonymizer Universal\AnonMgmtSvc.exe

O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe

O23 - Service: Alcohol Virtual Drive Auto-mount Service (AxAutoMntSrv) - Alcohol Soft Development Team - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)

O23 - Service: iSafeService - Elex do Brasil Participações Ltda - C:\Program Files (x86)\iSafe\iSafeSvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: PopularScreensaversService (PopularScreensavers_7iService) - COMPANYVERS_NAME - C:\PROGRA~2\POPULA~2\bar\1.bin\7ibarsvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: StarWind AE Service (StarWindServiceAE) - StarWind Software - C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: USB MIDI Series Audio Device Monitor (USBMIDIAudioDevMon) - M-Audio - C:\Program Files (x86)\M-Audio\USB MIDI Series\AudioDevMon.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: VjdOuv - Small Island Development - C:\ProgramData\tapSSXEo\VjdOuv.exe

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files (x86)\WinZipper\winzipersvc.exe

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--

End of file - 15816 bytes

Sign In

fokker313

Posts

Joined

Last visited

Content Type

Events

Profiles

Forums

Posts posted by fokker313

Need help .... with possible infection

Need help .... with possible infection

Need help .... with possible infection

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information