Have log, not sure what to do next..Please help

[Billiam]

# AdwCleaner v3.016 - Report created 25/12/2013 at 08:17:29
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : 70e6ca8c
Service Found : Level Quality Watcher
Service Found : Updater Service for AMZN
Service Found : vToolbarUpdater17.1.3

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\User\AppData\Local\funmoods.crx
File Found : C:\Users\User\AppData\Local\funmoods-speeddial_sf.crx
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Found : C:\Users\User\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Found : C:\Users\User\Desktop\Optimizer Pro.lnk
File Found : C:\Windows\System32\AdpeakProxy64.dll
File Found : C:\Windows\System32\Tasks\Escolade
File Found : C:\Windows\System32\Tasks\Funmoods
Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Found C:\Program Files (x86)\Amazon Browser Bar
Folder Found C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\FLV_Runner
Folder Found C:\Program Files (x86)\Games_Bar_A
Folder Found C:\Program Files (x86)\optimizer pro
Folder Found C:\Program Files\Level Quality Watcher
Folder Found C:\Program Files\PC Optimizer Pro
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\AVG SafeGuard toolbar
Folder Found C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Found C:\ProgramData\PC Optimizer Pro
Folder Found C:\Searchprotect
Folder Found C:\Users\User\AppData\Local\Amazon Browser Bar
Folder Found C:\Users\User\AppData\Local\AVG SafeGuard toolbar
Folder Found C:\Users\User\AppData\Local\Conduit
Folder Found C:\Users\User\AppData\Local\eSupport.com
Folder Found C:\Users\User\AppData\Local\NativeMessaging
Folder Found C:\Users\User\AppData\Local\Searchprotect
Folder Found C:\Users\User\AppData\Local\SwvUpdater
Folder Found C:\Users\User\AppData\Local\TBHostSupport
Folder Found C:\Users\User\AppData\Local\WhiteListing
Folder Found C:\Users\User\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found C:\Users\User\AppData\LocalLow\Conduit
Folder Found C:\Users\User\AppData\LocalLow\FLV_Runner
Folder Found C:\Users\User\AppData\LocalLow\Games_Bar_A
Folder Found C:\Users\User\AppData\LocalLow\PriceGong
Folder Found C:\Users\User\AppData\Roaming\Funmoods
Folder Found C:\Users\User\AppData\Roaming\iPumper
Folder Found C:\Users\User\AppData\Roaming\optimizer pro
Folder Found C:\Users\User\AppData\Roaming\pccustubinstaller
Folder Found C:\Users\User\AppData\Roaming\pdfforge

***** [ Shortcuts ] *****

***** [ Registry ] *****

Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Found : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Key Found : HKCU\Software\Alexa Internet
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\FLV_Runner
Key Found : HKCU\Software\AppDataLow\Software\Games_Bar_A
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\Scorpion Saver
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AVG SafeGuard toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\Escolade
Key Found : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : HKCU\Software\Google\Chrome\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Key Found : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CEA379-7178-4758-9C80-969876E32395}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Found : HKCU\Software\Optimizer Pro
Key Found : HKCU\Software\pc optimizer pro
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Alexa Internet
Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\Escolade
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : [x64] HKCU\Software\Optimizer Pro
Key Found : [x64] HKCU\Software\pc optimizer pro
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\Software\Adpeak, Inc.
Key Found : HKLM\Software\AVG SafeGuard toolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Found : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Found : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
Key Found : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
Key Found : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Found : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\AdpeakProxy.exe
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{008F6853-9CB4-41C5-A950-39D55E5E06BA}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{07CEA379-7178-4758-9C80-969876E32395}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{87BEF026-9269-413C-A5B3-11F35451380E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8D03FA45-4B8C-4427-BE67-EE8885147151}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9976DD51-3673-4E9E-B028-88A44490BDC9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Found : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Found : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Found : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8D03FA45-4B8C-4427-BE67-EE8885147151}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3201318
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3275393
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\FLV_Runner
Key Found : HKLM\Software\Games_Bar_A
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\kekfoodhbhpjhjcdecjngamojfhknooc
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Found : HKLM\Software\InstallCore
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22E3F053-7A33-4E79-9C88-ECE55CDE2185}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BBBFB56-A40C-41D8-B815-C4583BA1B10F}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8030CFE5-A99E-4200-AC76-E93D66CB843C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9639DAE1-D1BE-49FF-A4EB-B497F26D6E15}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07CEA379-7178-4758-9C80-969876E32395}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9976DD51-3673-4E9E-B028-88A44490BDC9}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Games_Bar_A Toolbar
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Updater By Sweetpacks
Key Found : [x64] HKLM\SOFTWARE\Amazon Browser Bar
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Key Found : [x64] HKLM\SOFTWARE\Scorpion Saver
Key Found : [x64] HKLM\SOFTWARE\systweak
Key Found : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ntfdsaftsfdfdxx@mozilla.org]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9tbp03gf.default\prefs.js ]

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found : homepage
Found : search_url
Found : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [23910 octets] - [25/12/2013 08:17:29]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [23971 octets] ##########
 

[kevinf80]

Hello and

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Re-run AdwCleaner, this time select the clean function to remove all entries...

 

Post that log.

 

Next,

 

Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop.

 

Double click zip file and extract to your  Desktop:

 

 

 

 

you will now have 3 versions of the tool on the Desktop:

 

 

 

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html[/url

 

Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open:

 

 

 

 

Copy and paste the following script from the code box and paste into the field.

 

 

standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp;installedprogs;  

 

 

Select the "Run Script" tab. The following window will open:

 

 

 

 

 

 

Please be patient and do not use the PC when the scan is in progress.

 

When complete you maybe asked to re-boot your PC, if so please do

 

 

Post the produced log in your next reply…..

 

Thanks,

 

Kevin..

[Billiam]

# AdwCleaner v3.016 - Report created 25/12/2013 at 17:13:02
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : User - USER-PC
# Running from : C:\Users\User\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : 70e6ca8c
Service Deleted : Level Quality Watcher
Service Deleted : Updater Service for AMZN
Service Deleted : vToolbarUpdater17.1.3

***** [ Files / Folders ] *****

Folder Deleted : C:\Searchprotect
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\PC Optimizer Pro
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\Program Files (x86)\Amazon Browser Bar
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\FLV_Runner
Folder Deleted : C:\Program Files (x86)\Games_Bar_A
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Program Files\PC Optimizer Pro
Folder Deleted : C:\Users\User\AppData\Local\Amazon Browser Bar
[!] Folder Deleted : C:\Users\User\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\User\AppData\Local\Conduit
Folder Deleted : C:\Users\User\AppData\Local\eSupport.com
Folder Deleted : C:\Users\User\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\User\AppData\Local\Searchprotect
Folder Deleted : C:\Users\User\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\User\AppData\Local\TBHostSupport
Folder Deleted : C:\Users\User\AppData\Local\WhiteListing
Folder Deleted : C:\Users\User\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\User\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\User\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\User\AppData\LocalLow\FLV_Runner
Folder Deleted : C:\Users\User\AppData\LocalLow\Games_Bar_A
Folder Deleted : C:\Users\User\AppData\Roaming\Funmoods
Folder Deleted : C:\Users\User\AppData\Roaming\iPumper
Folder Deleted : C:\Users\User\AppData\Roaming\optimizer pro
Folder Deleted : C:\Users\User\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\User\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jljbhenkepchpiknajdnfglojnccebbi
File Deleted : C:\END
File Deleted : C:\Windows\System32\AdpeakProxy64.dll
File Deleted : C:\Users\User\AppData\Local\funmoods.crx
File Deleted : C:\Users\User\AppData\Local\funmoods-speeddial_sf.crx
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\user data\default\local storage\hxxp_pricegong.conduitapps.com_0.localstorage
File Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_storage.conduit.com_0.localstorage
File Deleted : C:\Windows\System32\Tasks\Escolade
File Deleted : C:\Windows\System32\Tasks\Funmoods

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [12x3q@3244516.com]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ntfdsaftsfdfdxx@mozilla.org]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kekfoodhbhpjhjcdecjngamojfhknooc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\poheodfamflhhhdcmjfeggbgigeefaco
Key Deleted : HKCU\Software\Google\Chrome\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jljbhenkepchpiknajdnfglojnccebbi
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB
Key Deleted : HKLM\SOFTWARE\Classes\AlxSSB.AlxTBSSB.1
Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy
Key Deleted : HKLM\SOFTWARE\Classes\AlxTB2.ToolBarProxy.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\AdpeakProxy.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\PricePeepInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3201318
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3275393
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{008F6853-9CB4-41C5-A950-39D55E5E06BA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69A72A8A-84ED-4A75-8CE7-263DBEF3E5D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{87BEF026-9269-413C-A5B3-11F35451380E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8D03FA45-4B8C-4427-BE67-EE8885147151}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{07CEA379-7178-4758-9C80-969876E32395}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9976DD51-3673-4E9E-B028-88A44490BDC9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51F04BD6-3888-4849-864C-617FAE709CE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C953EC4-8CFA-44FB-B32E-1249E5505091}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D03FA45-4B8C-4427-BE67-EE8885147151}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E394E0-D331-431F-B76D-E3A19193D5F6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BEAA0C04-ED15-4C17-800B-28716025A4E4}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DA9FC525-41ED-4C00-B046-946DA7CDD305}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07CEA379-7178-4758-9C80-969876E32395}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F443A627-5009-4323-9C1D-7FD598D0D712}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3BBD3C14-4C16-4989-8366-95BC9179779D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55BB532-2438-4ECE-820E-3E2C86861893}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07CEA379-7178-4758-9C80-969876E32395}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9976DD51-3673-4E9E-B028-88A44490BDC9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E57091A7-B5F0-4C42-9329-72ED3E59ED31}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3BBBFB56-A40C-41D8-B815-C4583BA1B10F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22E3F053-7A33-4E79-9C88-ECE55CDE2185}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9639DAE1-D1BE-49FF-A4EB-B497F26D6E15}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8030CFE5-A99E-4200-AC76-E93D66CB843C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EA582743-9076-4178-9AA6-7393FDF4D5CE}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{3BBD3C14-4C16-4989-8366-95BC9179779D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A55BB532-2438-4ECE-820E-3E2C86861893}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0923E315-2D8B-48CE-A37C-AE9A42F9711C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A1BBE49-C6F1-40EA-9D2F-262F0AF6DDE3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2022154E-7E3E-4809-871E-1B45A6FC7058}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{292ECB89-350E-45D2-816F-52C15305B144}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{36CC2180-B6BF-4951-9578-6B0C40044AAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44A36944-22C6-4A08-BC7C-161F3E540DBF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6247DD2C-8CF9-4041-A235-93691D71B8B4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{835BED79-DF7E-4096-B355-ED43FA2EA87B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E863BD6-50DE-47D0-A6F1-3C1F6DB72451}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9DD36F1E-5111-41C5-ADED-A2A11A2FF3E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A2FB8217-E320-434E-BA79-513E357AD54F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A9CEBBF4-9129-479A-9231-E833ED3D3A8F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AFD4D1F9-167C-4884-95AE-B5A9797B0D16}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B3EAD50C-ECB0-459A-9EDA-F505AB99675B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C47788B1-9604-4D7A-A684-F4D450F2D7D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CA3B41D0-D4C1-4808-B248-75DA27238828}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D4A2FF6C-087F-4D40-8DFE-92AAD484BFB8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D88B9D5C-A9CF-4C69-906D-1CCA5D85A2EF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F83AF01C-AA2F-469F-8BE7-D178FB15FD07}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Alexa Internet
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\Escolade
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Scorpion Saver
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\FLV_Runner
Key Deleted : HKCU\Software\AppDataLow\Software\Games_Bar_A
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Adpeak, Inc.
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\Updater By Sweetpacks
Key Deleted : HKLM\Software\FLV_Runner
Key Deleted : HKLM\Software\Games_Bar_A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV_Runner Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Games_Bar_A Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Amazon Browser Bar
Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver
Key Deleted : [x64] HKLM\SOFTWARE\systweak
Key Deleted : [x64] HKLM\SOFTWARE\Updater By Sweetpacks
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9tbp03gf.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [24236 octets] - [25/12/2013 08:17:29]
AdwCleaner[R1].txt - [24022 octets] - [25/12/2013 17:12:21]
AdwCleaner[s0].txt - [23491 octets] - [25/12/2013 17:13:02]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [23552 octets] ##########
 

[kevinf80]

Have you ran Zoek, can I see that log..

[Billiam]

Zoek.exe v5.0.0.0 Updated 23-December-2013
Tool run by User on Thu 12/26/2013 at  7:32:28.04.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.com [scan all users] [script inserted]

===== Runcheck  7:32:36.54 =====

--- Create Environment Variables  7:32:37.21
--- Checking Input  7:32:43.42
--- AU AppData Check  7:32:46.27
--- Remove From Windows Installer  7:32:49.61
 

[Billiam]

Page 1 of 2

 

Zoek.exe v5.0.0.0 Updated 23-December-2013
Tool run by User on Thu 12/26/2013 at  7:32:28.04.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\User\Desktop\zoek.com [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2013-12-25-223706.log 87845 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1525555391-1446012260-2589697447-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1525555391-1446012260-2589697447-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1525555391-1446012260-2589697447-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Installed Programs ======================

Adobe Flash Player 11 ActiveX 
Adobe Reader XI (11.0.05) 
Adobe Shockwave Player 11.6 
Apple Application Support 
Apple Mobile Device Support 
Apple Software Update 
AVG 2014 
AVG SafeGuard toolbar 
Battlefield 3T 
Battlelog Web Plugins 
Bing Bar 
Bonjour 
Call of Duty: Black Ops - Multiplayer 
Call of Duty: Black Ops II - Multiplayer 
Call of Duty: Black Ops II 
Call of Duty: Modern Warfare 3 - Dedicated Server 
Call of Duty: Modern Warfare 3 - Multiplayer 
Call of Duty: Modern Warfare 3 
CCleaner 
Content Manager 
Cool Reader version 3.0.56 
CPUID CPU-Z 1.62 
Creative ALchemy 
Creative Audio Console 
Creative Software AutoUpdate 
eReg 
ESN Sonar 
Google Chrome 
Google Drive 
Google Toolbar for Internet Explorer 
Google Update Helper 
HiJackThis 
HP Officejet Pro 8600 Basic Device Software 
HP Officejet Pro 8600 Help 
HP Officejet Pro 8600 Product Improvement Study 
HP Update 
I.R.I.S. OCR 
iCloud 
iTunes 
Java 7 Update 25 
Java Auto Updater 
Jawbone Updater 
Logitech Gaming Software 
Logitech Gaming Software 8.40 
Logitech SetPoint 6.51 
M.M.O.7 Update Tool 
magicJack 
magicJack Recovery Tool 1.0 
McAfee Security Scan Plus 
Microsoft .NET Framework 4 Client Profile 
Microsoft Office 2007 Service Pack 3 (SP3) 
Microsoft Office Access MUI (English) 2007 
Microsoft Office Access Setup Metadata MUI (English) 2007 
Microsoft Office Excel MUI (English) 2007 
Microsoft Office File Validation Add-In 
Microsoft Office Groove MUI (English) 2007 
Microsoft Office Groove Setup Metadata MUI (English) 2007 
Microsoft Office InfoPath MUI (English) 2007 
Microsoft Office Office 64-bit Components 2007 
Microsoft Office OneNote MUI (English) 2007 
Microsoft Office Outlook MUI (English) 2007 
Microsoft Office PowerPoint MUI (English) 2007 
Microsoft Office Proof (English) 2007 
Microsoft Office Proof (French) 2007 
Microsoft Office Proof (Spanish) 2007 
Microsoft Office Proofing (English) 2007 
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) 
Microsoft Office Publisher MUI (English) 2007 
Microsoft Office Shared 64-bit MUI (English) 2007 
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 
Microsoft Office Shared MUI (English) 2007 
Microsoft Office Shared Setup Metadata MUI (English) 2007 
Microsoft Office Ultimate 2007 
Microsoft Office Word MUI (English) 2007 
Microsoft Silverlight 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 
Mozilla Firefox 26.0 (x86 en-US) 
Mozilla Maintenance Service 
NVIDIA 3D Vision Controller Driver 310.70 
NVIDIA 3D Vision Driver 311.06 
NVIDIA Control Panel 311.06 
NVIDIA Graphics Driver 311.06 
NVIDIA Install Application 
NVIDIA PhysX 
NVIDIA PhysX System Software 9.12.1031 
NVIDIA Stereoscopic 3D Driver 
NVIDIA Update 1.11.3 
NVIDIA Update Components 
OpenAL 
Origin 
PDF Architect 
PDFCreator 
QuickTime 
Realtek High Definition Audio Driver 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) 
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition  
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition  
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition  
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition  
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition  
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition 
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition  
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition  
Smart Technology Programming Software 7.0.23.0 
Steam 
swMSM 
Update for 2007 Microsoft Office System (KB967642) 
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) 
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) 
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) 
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) 
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) 
Update for Microsoft Office 2007 Help for Common Features (KB963673) 
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition 
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition 
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition 
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition 
Update for Microsoft Office Access 2007 Help (KB963663) 
Update for Microsoft Office Excel 2007 Help (KB963678) 
Update for Microsoft Office Infopath 2007 Help (KB963662) 
Update for Microsoft Office OneNote 2007 Help (KB963670) 
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition 
Update for Microsoft Office Outlook 2007 Help (KB963677) 
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition 
Update for Microsoft Office Powerpoint 2007 Help (KB963669) 
Update for Microsoft Office Publisher 2007 Help (KB963667) 
Update for Microsoft Office Script Editor Help (KB963671) 
Update for Microsoft Office Word 2007 Help (KB963665) 
Ventrilo Client for Windows x64 
Visual Studio 2010 x64 Redistributables 
Visual Studio 2012 x64 Redistributables 
Visual Studio 2012 x86 Redistributables 
Windows Mobile Device Center 

==== Running Processes ======================

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files (x86)\PDF Architect\HelperService.exe
C:\Program Files (x86)\PDF Architect\ConversionService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\SysWOW64\UTSCSI.EXE
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Windows\SysWOW64\CtHelper.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater17.2.0 deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9tbp03gf.default

user.js not found
---- Lines mysearch removed from prefs.js ----
user_pref("browser.startup.homepage", "http://mysearch.avg.com?cid={E78AF464-39BD-4941-9407-31378981D8F3}&mid=8d6b63207c3947d0af3cd1509d16823a-4919697
---- FireFox user.js and prefs.js backups ----

prefs_20131226_0740_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml deleted
C:\ProgramData\AVG Security Toolbar deleted
C:\ProgramData\AVG SafeGuard toolbar deleted
C:\Users\User\AppData\Local\AVG SafeGuard toolbar deleted
C:\Users\User\AppData\LocalLow\AVG SafeGuard toolbar deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted
"C:\PROGRA~2\AVG SafeGuard toolbar\vprot.exe" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\17.2.0\avgdttbx.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.2.0\SiteSafety.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.2.0\log4cplusU.dll" deleted
"C:\PROGRA~2\AVG SafeGuard toolbar" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\17.2.0" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\17.2.0" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\17.2.0" deleted

==== System Specs ======================

Windows: Windows 7 Professional Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4096 MB
CPU Info: Intel® Core2 Duo CPU     E8400  @ 3.00GHz
CPU Speed: 3042.3 MHz
Sound Card: Speakers (Creative SB Audigy) |
Realtek Digital Output (Realtek |
SPDIF Out (Creative SB Audigy) |
Display Adapters: NVIDIA GeForce 8800 GT  | NVIDIA GeForce 8800 GT  | NVIDIA GeForce 8800 GT  | NVIDIA GeForce 8800 GT  | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: NVIDIA nForce Networking Controller
CD / DVD Drives: 1x (D: | ) D: ATAPI   DVD A  DH20A4P
Ports: COM1 LPT1
Mouse: 13 Button Wheel Mouse Present
Hard Disks: C:  233.7GB
Hard Disks - Free: C:  111.3GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 07/12/07 | A M I  - 7000712
Time Zone: Eastern Standard Time
Motherboard *: MSI MS-7350
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Default Browser: Google Chrome 31.0.1650.57
Internet Explorer Version: 11.0.9600.16476
Mozilla Firefox version: 26.0 (x86 en-US)
Google Chrome version: 31.0.1650.57
Adobe Reader version: 11.0.04.63
Shockwave Player version: 11.6.8r638

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\User\AppData\Local\Temp ====
2013-12-25 16:22:19 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\User\AppData\Local\Temp\System.Data.SQLite.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2013-12-11 19:05:57 E0D3CD5841E5C7BE7B94BA946AF1E498 116736 ----a-w- C:\Windows\Sysnative\drivers\drmk.sys
2013-12-11 19:05:57 1E0B4CBBA91C6B041A14ECC2186F7E24 230400 ----a-w- C:\Windows\Sysnative\drivers\portcls.sys
====== C:\Windows\Tasks ======
2013-11-29 21:12:21 FC9CBAC00451C86E1D07C0813287781C 3604 ----a-w- C:\Windows\Sysnative\Tasks\HPCustParticipation HP Officejet Pro 8600
2013-11-27 16:22:18 979DD9675A5394F2BA93539FE589854A 3854 ----a-w- C:\Windows\Sysnative\Tasks\BrowserSafeguard Update Task
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-11-29 21:09:00 -------- d-----w- C:\Program Files\HP
2013-11-27 10:59:48 -------- d-----w- C:\Program Files\iPod
2013-11-27 10:59:47 -------- d-----w- C:\Program Files\iTunes
======= C:\PROGRA~2 =====
2013-12-24 18:59:18 -------- d-----w- C:\PROGRA~2\Mozilla Maintenance Service
2013-11-29 21:12:38 -------- d-----w- C:\PROGRA~2\Microsoft
2013-11-29 21:09:48 -------- d-----w- C:\PROGRA~2\HP
2013-11-29 01:30:18 -------- d-----w- C:\PROGRA~2\Trend Micro
2013-11-27 10:59:47 -------- d-----w- C:\PROGRA~2\iTunes
======= C: =====
====== C:\Users\User\AppData\Roaming ======
2013-12-25 23:52:54 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2013-12-25 23:51:51 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2013-12-25 22:37:06 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2013-12-25 22:37:06 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2013-12-25 22:37:06 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp
2013-12-25 22:37:06 -------- d-----w- C:\Users\Default\AppData\Local\Temp
2013-12-25 22:37:06 -------- d-----w- C:\Users\Default User\AppData\Local\Temp
2013-12-24 18:59:28 -------- d-----w- C:\Users\User\AppData\Local\Mozilla
2013-11-29 21:11:25 -------- d-----w- C:\Users\User\AppData\Roaming\HpUpdate
2013-11-29 21:08:41 -------- d-----w- C:\Users\User\AppData\Local\HP
2013-11-29 05:48:03 -------- d-----w- C:\Users\User\AppData\Local\BrowserSafeguard
====== C:\Users\User ======
2013-12-25 13:14:23 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\User\Downloads\AdwCleaner.exe
2013-12-24 18:59:18 -------- d-----w- C:\ProgramData\Mozilla
2013-12-17 21:41:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2013-11-29 21:11:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2013-11-29 21:09:51 -------- d-----w- C:\ProgramData\HP
2013-11-29 21:08:55 D26149DC46624C3A56BD002B136D49D1 57 ----a-w- C:\ProgramData\Ament.ini
2013-11-27 16:27:51 -------- d-----w- C:\ProgramData\TEMP
2013-11-27 16:22:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard
2013-11-27 11:00:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2013-11-27 10:59:47 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-26 13:10:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

====== C: exe-files ==
2013-12-25 23:58:30 70B074A55D11CFC833C0D944AA3E775F 4807704 ----a-w- C:\Windows\Temp\ri_{8F41877B-B4F4-4507-90F7-C810C7AAE086}.exe
2013-12-25 23:57:28 D270B6446287C161283545505D9C52CE 14101352 ----a-w- C:\Program Files (x86)\AVG\AVG2014\Notification\Launcher.exe
2013-12-25 22:19:10 6BA93C79A16FE609576DED447D54C5D6 73017 ----a-r- C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\User\AppData\Roaming\Microsoft\Installer\{24521E5B-24F2-4E84-AA44-8D1BB13140E2}\_A34AC8711C930F51A13608.exe
2013-12-25 13:14:23 AF5C84446657B48C9B9B870C46438261 1233962 ----a-w- C:\Users\User\Downloads\AdwCleaner.exe
2013-12-24 18:59:20 99F20CB58E61DAAD19935122AEE8B376 106212 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2013-12-24 18:59:18 3B9398E0146855B1DC0E3D9769C80F01 119408 ----a-w- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2013-12-19 16:12:55 76372C6FBD71C9EE8CC6765D54E22FE7 550211 ----a-w- C:\temp\000.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"SearchProtect"="\SearchProtect\bin\cltmng.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1525555391-1446012260-2589697447-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"cdloader"="C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe MAGICJACK"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"CmTray"="C:\Program Files (x86)\Content Manager\launchCM.exe"
"TBHostSupport"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\User\AppData\Local\TBHostSupport\TBHostSupport.dll,DLLRunTBHostSupportPlugin"
"BrowserSafeguard"="C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe"
"AVG-Secure-Search-Update_1213b"="C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=8d6b63207c3947d0af3cd1509d16823a-491969759e33ac5f836d52f702595cec4416b29d /CMPID=1213b"

[HKEY_USERS\S-1-5-21-1525555391-1446012260-2589697447-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\Steam.exe -silent"
"cdloader"="C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe MAGICJACK"
"Driver Detective"="C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false"
"SetDefaultMIDI"="MIDIDef.exe"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"SearchProtect"="\SearchProtect\bin\cltmng.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-1525555391-1446012260-2589697447-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"InetReg"="C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe /PreProcess=RegFlash.exe /Delay=6"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"CTHelper"="CTHELPER.EXE"
"CTxfiHlp"="CTXFIHLP.EXE"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"vProt"="C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
"AsioThk32Reg"="REGSVR32.EXE /S CTASIO.DLL"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
"cdloader"="C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe MAGICJACK"
"EADM"="C:\Program Files (x86)\Origin\Origin.exe -AutoStart"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"CmTray"="C:\Program Files (x86)\Content Manager\launchCM.exe"
"TBHostSupport"="C:\Windows\SysWOW64\Rundll32.exe C:\Users\User\AppData\Local\TBHostSupport\TBHostSupport.dll,DLLRunTBHostSupportPlugin"
"BrowserSafeguard"="C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe"
"AVG-Secure-Search-Update_1213b"="C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=8d6b63207c3947d0af3cd1509d16823a-491969759e33ac5f836d52f702595cec4416b29d /CMPID=1213b"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="  "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"
"ProfilerU"="C:\Program Files\SmartTechnology\Software\ProfilerU.exe"
"SaiMfd"="C:\Program Files\SmartTechnology\Software\SaiMfd.exe"
"AsioReg"="REGSVR32 /S CTASIO.DLL"
"AsioThk32Reg"="%SYSTEMROOT%\SYSWOW64\REGSVR32.EXE /S %SYSTEMROOT%\SYSWOW64\CTASIO.DLL"
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="  "

==== Startup Folders ======================

2013-10-31 12:36:40 826 ----a-w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk
2013-11-29 21:17:05 1932 ----a-w- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600.lnk
2013-02-16 02:04:11 1864 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\BrowserSafeguard Update Task" [C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe]
"C:\Windows\SysNative\tasks\BuzzSocialPoints_DNS_Checker" [C:\Windows\BuzzSocialPointsChecker\BSP_li.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Officejet Pro 8600" ["C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{50AD2F92-7B85-400A-A3F3-C9680FBE1509}" [C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe]
"C:\Windows\SysNative\tasks\{6A2D1831-6F68-4DFC-9D42-FDF732B9DBC1}" [C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe]
"C:\Windows\SysNative\tasks\{CE2A6C29-4C2D-4F61-B3B3-706E6B85EBF1}" [C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"avg@toolbar"="C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.2.0.38" []

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9tbp03gf.default
ADC539F67D3198679F480974EE203678 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.210.11
6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
edaibbiobngpbmeonadpbfafbkimjbdd - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx[11/04/2012 11:45 AM]
ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.2.0.38\avg.crx[]

Logitech SetPoint - User - Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd
Google Wallet - User - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.rr.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.rr.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
O4 - HKCU\..\Run: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [cdloader] "C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [CmTray] "C:\Program Files (x86)\Content Manager\launchCM.exe"
O4 - HKCU\..\Run: [TBHostSupport] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\User\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
O4 - HKCU\..\Run: [browserSafeguard] "C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe"
O4 - HKCU\..\Run: [AVG-Secure-Search-Update_1213b] C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=8d6b63207c3947d0af3cd1509d16823a-491969759e33ac5f836d52f702595cec4416b29d /CMPID=1213b
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1525555391-1446012260-2589697447-1002\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1525555391-1446012260-2589697447-1002\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - HKUS\S-1-5-18\..\Run: [searchProtect] \SearchProtect\bin\cltmng.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [searchProtect] \SearchProtect\bin\cltmng.exe (User 'Default user')
O4 - Startup: Launch Jawbone Updater.lnk = ?
O4 - Startup: Monitor Ink Alerts - HP Officejet Pro 8600.lnk = ?
O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://www.MarketConnection.com
O15 - Trusted Zone: http://www.MySodexho.com
O15 - Trusted Zone: http://www.MySodexo.com
O15 - Trusted Zone: http://www.Sodexo.com
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
O16 - DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} (Creative Software AutoUpdate 2) - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll (file missing)
O20 - AppInit_DLLs:  
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: PDF Architect Helper Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\HelperService.exe
O23 - Service: PDF Architect Service - pdfforge GmbH - C:\Program Files (x86)\PDF Architect\ConversionService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\Windows\system32\UTSCSI.EXE
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 

[Billiam]

Page 2 of 2

 

==== Sysinternals Autoruns Log ======================

HKLM\System\CurrentControlSet\Services
   AdobeARMservice
     "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
     Adobe Acrobat Updater keeps your Adobe software up to date.
     Adobe Systems Incorporated
     1.7.4.0
     c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe
     4/4/2013 4:05 PM
   AdobeFlashPlayerUpdateSvc
     C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
     This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes.
     Adobe Systems Incorporated
     11.9.900.170
     c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
     12/1/2013 1:09 PM
   Apple Mobile Device
     "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe"
     Provides the interface to Apple mobile devices.
     Apple Inc.
     17.323.0.9
     c:\program files (x86)\common files\apple\mobile device support\applemobiledeviceservice.exe
     5/17/2012 10:06 PM
   AVGIDSAgent
     "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe"
     Provides Identity Protection Against Cyber Crime.
     AVG Technologies CZ, s.r.o.
     14.0.0.4255
     c:\program files (x86)\avg\avg2014\avgidsagent.exe
     11/11/2013 4:02 PM
   avgwd
     "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe"
     AVG Watchdog Service
     AVG Technologies CZ, s.r.o.
     14.0.0.4204
     c:\program files (x86)\avg\avg2014\avgwdsvc.exe
     9/23/2013 6:33 PM
   Bonjour Service
     "C:\Program Files\Bonjour\mDNSResponder.exe"
     Enables hardware devices and software services to automatically configure themselves on the network and advertise their presence.
     Apple Inc.
     3.0.0.10
     c:\program files\bonjour\mdnsresponder.exe
     8/31/2011 12:52 AM
   Creative ALchemy AL6 Licensing Service
     "C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe"
     Provides licensing services for Creative ALchemy.
     Creative Labs
     2.80.12.6
     c:\program files (x86)\common files\creative labs shared\service\al6licensing.exe
     2/16/2007 9:53 AM
   Creative Audio Engine Licensing Service
     "C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe"
     Provides licensing services for Creative Audio Engine.
     Creative Labs
     2.80.12.6
     c:\program files (x86)\common files\creative labs shared\service\ctaelicensing.exe
     2/16/2007 9:53 AM
   CTAudSvcService
     C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
     Creative Audio Service
     Creative Technology Ltd
     3.32.0.0
     c:\program files (x86)\creative\shared files\ctaudsvc.exe
     2/11/2010 9:23 PM
   gupdate
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
     Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
     Google Inc.
     1.2.183.21
     c:\program files (x86)\google\update\googleupdate.exe
     3/9/2010 1:10 AM
   gupdatem
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
     Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
     Google Inc.
     1.2.183.21
     c:\program files (x86)\google\update\googleupdate.exe
     3/9/2010 1:10 AM
   gusvc
     "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
     Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work.
     Google
     2.4.2617.4952
     c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
     3/2/2012 4:13 PM
   iPod Service
     "C:\Program Files\iPod\bin\iPodService.exe"
     iPod hardware management services
     Apple Inc.
     11.1.3.8
     c:\program files\ipod\bin\ipodservice.exe
     11/2/2013 1:57 AM
   LBTServ
     C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
     Logitech Bluetooth Service
     Logitech, Inc.
     5.50.98.0
     c:\program files\common files\logishrd\bluetooth\lbtserv.exe
     10/1/2012 2:17 AM
   McComponentHostService
     "C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe"
     McAfee Security Scan Component Host Service
     McAfee, Inc.
     2.1.119.0
     c:\program files (x86)\mcafee security scan\2.1.121\mcchsvc.exe
     3/8/2010 7:52 AM
   MozillaMaintenance
     "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
     The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled.
     Mozilla Foundation
     26.0.0.5087
     c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
     12/5/2013 12:09 PM
   nvsvc
     "C:\Windows\system32\nvvsvc.exe"
     Provides system and desktop level support to the NVIDIA display driver
     NVIDIA Corporation
     8.17.13.1106
     c:\windows\system32\nvvsvc.exe
     1/18/2013 9:37 AM
   nvUpdatusService
     C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
     NVIDIA Settings Update Manager service, used to check new updates from NVIDIA server.
     NVIDIA Corporation
     1.11.3.0
     c:\program files (x86)\nvidia corporation\nvidia update core\daemonu.exe
     11/30/2012 10:31 PM
   PDF Architect Helper Service
     "C:\Program Files (x86)\PDF Architect\HelperService.exe"
     PDF Architect Helper Service
     pdfforge GmbH
     1.0.0.1
     c:\program files (x86)\pdf architect\helperservice.exe
     4/8/2013 10:09 AM
   PDF Architect Service
     "C:\Program Files (x86)\PDF Architect\ConversionService.exe"
     PDF Architect Conversion Service
     pdfforge GmbH
     1.1.83.9982
     c:\program files (x86)\pdf architect\conversionservice.exe
     4/8/2013 10:09 AM
   PnkBstrA
     C:\Windows\system32\PnkBstrA.exe
     PunkBuster Service Component [v1036] http://www.evenbalance.com
     c:\windows\syswow64\pnkbstra.exe
     1/16/2012 11:16 AM
   Steam Client Service
     "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService
     Steam Client Service monitors and updates Steam content
     Valve Corporation
     2.4.35.50
     c:\program files (x86)\common files\steam\steamservice.exe
     12/11/2013 1:57 PM
   Stereo Service
     "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
     Provides system support for NVIDIA Stereoscopic 3D driver
     NVIDIA Corporation
     7.17.13.1106
     c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
     1/18/2013 8:51 AM
   UTSCSI
     C:\Windows\system32\UTSCSI.EXE
     UTSCSI Application
     1.0.0.2
     c:\windows\syswow64\utscsi.exe
     8/16/2006 2:56 AM

HKLM\System\CurrentControlSet\Services
   adp94xx
     \SystemRoot\system32\DRIVERS\adp94xx.sys
     Adaptec Windows SAS/SATA Storport Driver
     Adaptec, Inc.
     1.6.6.4
     c:\windows\system32\drivers\adp94xx.sys
     12/5/2008 6:54 PM
   adpahci
     \SystemRoot\system32\DRIVERS\adpahci.sys
     Adaptec Windows SATA Storport Driver
     Adaptec, Inc.
     1.6.6.1
     c:\windows\system32\drivers\adpahci.sys
     5/1/2007 12:30 PM
   adpu320
     \SystemRoot\system32\DRIVERS\adpu320.sys
     Adaptec StorPort Ultra320 SCSI Driver (X64)
     Adaptec, Inc.
     7.2.0.0
     c:\windows\system32\drivers\adpu320.sys
     2/27/2007 7:04 PM
   aliide
     \SystemRoot\system32\drivers\aliide.sys
     ALi mini IDE Driver
     Acer Laboratories Inc.
     1.2.0.0
     c:\windows\system32\drivers\aliide.sys
     7/13/2009 6:19 PM
   amdsata
     \SystemRoot\system32\drivers\amdsata.sys
     AHCI 1.2 Device Driver
     Advanced Micro Devices
     1.1.2.5
     c:\windows\system32\drivers\amdsata.sys
     3/18/2010 7:45 PM
   amdsbs
     \SystemRoot\system32\DRIVERS\amdsbs.sys
     AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform
     AMD Technologies Inc.
     3.6.1540.127
     c:\windows\system32\drivers\amdsbs.sys
     3/20/2009 1:36 PM
   amdxata
     system32\drivers\amdxata.sys
     Storage Filter Driver
     Advanced Micro Devices
     1.1.2.5
     c:\windows\system32\drivers\amdxata.sys
     3/19/2010 11:18 AM
   androidusb
     System32\Drivers\androidusb.sys
     ADB Interface
     Google Inc
     1.0.1.1
     c:\windows\system32\drivers\androidusb.sys
     4/29/2010 1:55 AM
   arc
     \SystemRoot\system32\DRIVERS\arc.sys
     Adaptec RAID Storport Driver
     Adaptec, Inc.
     5.2.0.10384
     c:\windows\system32\drivers\arc.sys
     5/24/2007 4:27 PM
   arcsas
     \SystemRoot\system32\DRIVERS\arcsas.sys
     Adaptec SAS RAID WS03 Driver
     Adaptec, Inc.
     5.2.0.16119
     c:\windows\system32\drivers\arcsas.sys
     1/14/2009 2:27 PM
   Avgdiska
     system32\DRIVERS\avgdiska.sys
     AVG File Vault Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4251
     c:\windows\system32\drivers\avgdiska.sys
     11/5/2013 3:55 PM
   AVGIDSDriver
     system32\DRIVERS\avgidsdrivera.sys
     AVG Technologies IDS Application Activity Monitor Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4250
     c:\windows\system32\drivers\avgidsdrivera.sys
     11/4/2013 3:52 PM
   AVGIDSHA
     system32\DRIVERS\avgidsha.sys
     AVG Technologies IDS Application Activity Monitor Helper Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4215
     c:\windows\system32\drivers\avgidsha.sys
     10/24/2013 3:25 PM
   Avgldx64
     system32\DRIVERS\avgldx64.sys
     AVG AVI Loader Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4219
     c:\windows\system32\drivers\avgldx64.sys
     10/31/2013 5:00 PM
   Avgloga
     system32\DRIVERS\avgloga.sys
     AVG Logging Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4219
     c:\windows\system32\drivers\avgloga.sys
     10/31/2013 4:49 PM
   Avgmfx64
     system32\DRIVERS\avgmfx64.sys
     AVG Resident Shield Minifilter Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4206
     c:\windows\system32\drivers\avgmfx64.sys
     9/30/2013 5:49 PM
   Avgrkx64
     system32\DRIVERS\avgrkx64.sys
     AVG Anti-Rootkit Driver
     AVG Technologies CZ, s.r.o.
     14.0.0.4202
     c:\windows\system32\drivers\avgrkx64.sys
     9/9/2013 5:42 PM
   Avgtdia
     system32\DRIVERS\avgtdia.sys
     AVG Network connection watcher
     AVG Technologies CZ, s.r.o.
     14.0.0.4089
     c:\windows\system32\drivers\avgtdia.sys
     8/1/2013 9:06 AM
   avgtp
     \??\C:\Windows\system32\drivers\avgtpx64.sys
     AVG Technologies
     17.0.0.3
     c:\windows\system32\drivers\avgtpx64.sys
     8/29/2013 2:25 AM
   b06bdrv
     \SystemRoot\system32\DRIVERS\bxvbda.sys
     Broadcom NetXtreme II GigE VBD
     Broadcom Corporation
     4.8.2.0
     c:\windows\system32\drivers\bxvbda.sys
     2/13/2009 5:18 PM
   b57nd60a
     system32\DRIVERS\b57nd60a.sys
     Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver.
     Broadcom Corporation
     10.100.4.0
     c:\windows\system32\drivers\b57nd60a.sys
     4/26/2009 6:14 AM
   BrFiltLo
     \SystemRoot\system32\DRIVERS\BrFiltLo.sys
     Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver
     Brother Industries, Ltd.
     1.10.0.2
     c:\windows\system32\drivers\brfiltlo.sys
     8/6/2006 8:51 PM
   BrFiltUp
     \SystemRoot\system32\DRIVERS\BrFiltUp.sys
     Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver
     Brother Industries, Ltd.
     1.4.0.1
     c:\windows\system32\drivers\brfiltup.sys
     8/6/2006 8:51 PM
   Brserid
     \SystemRoot\System32\Drivers\Brserid.sys
     Brotehr Serial I/F Driver (WDM)
     Brother Industries Ltd.
     1.0.1.6
     c:\windows\system32\drivers\brserid.sys
     8/6/2006 8:51 PM
   BrSerWdm
     \SystemRoot\System32\Drivers\BrSerWdm.sys
     Brother Serial driver (WDM version)
     Brother Industries Ltd.
     1.0.0.20
     c:\windows\system32\drivers\brserwdm.sys
     8/6/2006 8:51 PM
   BrUsbMdm
     \SystemRoot\System32\Drivers\BrUsbMdm.sys
     Brother USB MDM Driver
     Brother Industries Ltd.
     1.0.0.12
     c:\windows\system32\drivers\brusbmdm.sys
     8/6/2006 8:51 PM
   BrUsbSer
     \SystemRoot\System32\Drivers\BrUsbSer.sys
     Brother USB Serial Driver
     Brother Industries Ltd.
     1.0.1.3
     c:\windows\system32\drivers\brusbser.sys
     8/9/2006 7:11 AM
   cmdide
     \SystemRoot\system32\drivers\cmdide.sys
     CMD PCI IDE Bus Driver
     CMD Technology, Inc.
     2.0.7.0
     c:\windows\system32\drivers\cmdide.sys
     7/13/2009 6:19 PM
   COMMONFX
     system32\drivers\COMMONFX.SYS
     Creative Common FX Plug-in
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\commonfx.sys
     10/11/2012 8:16 AM
   COMMONFX.DLL
     system32\COMMONFX.DLL
     Creative Common FX Plug-in
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\system32\commonfx.dll
     4/9/2007 8:08 AM
   COMMONFX.SYS
     \SystemRoot\System32\drivers\COMMONFX.SYS
     Creative Common FX Plug-in
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\commonfx.sys
     10/11/2012 8:16 AM
   cpuz136
     \??\C:\Users\User\AppData\Local\Temp\cpuz136\cpuz136_x64.sys
     File not found: C:\Users\User\AppData\Local\Temp\cpuz136\cpuz136_x64.sys
    
   CT20XUT.DLL
     system32\CT20XUT.DLL
     Creative 20X Utility Effects
     Creative Technology Ltd.
     6.0.1.1241
     c:\windows\system32\ct20xut.dll
     4/9/2007 8:08 AM
   ctac32k
     system32\drivers\ctac32k.sys
     Creative AC3 SW Decoder Device Driver (WDM)
     Creative Technology Ltd
     6.0.1.1371
     c:\windows\system32\drivers\ctac32k.sys
     10/11/2012 8:18 AM
   ctaud2k
     system32\drivers\ctaud2k.sys
     Creative WDM Audio Device Driver
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\ctaud2k.sys
     10/11/2012 8:15 AM
   CTAUDFX
     system32\drivers\CTAUDFX.SYS
     Creative SB FX Plug-in
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\ctaudfx.sys
     10/11/2012 8:16 AM
   CTAUDFX.DLL
     system32\CTAUDFX.DLL
     Creative SB FX Plug-in
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\system32\ctaudfx.dll
     4/9/2007 8:08 AM
   CTAUDFX.SYS
     \SystemRoot\System32\drivers\CTAUDFX.SYS
     Creative SB FX Plug-in
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\ctaudfx.sys
     10/11/2012 8:16 AM
   CTEAPSFX.DLL
     system32\CTEAPSFX.DLL
     APS FX Plug-in
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\system32\cteapsfx.dll
     4/9/2007 8:08 AM
   CTEDSPFX.DLL
     system32\CTEDSPFX.DLL
     E-MU E-DSP Effects Plugin Module
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\system32\ctedspfx.dll
     4/9/2007 8:08 AM
   CTEDSPIO.DLL
     system32\CTEDSPIO.DLL
     E-MU E-DSP I/O Plugin
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\system32\ctedspio.dll
     4/9/2007 8:08 AM
   CTEDSPSY.DLL
     system32\CTEDSPSY.DLL
     E-MU E-DSP DSP System Plugin
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\system32\ctedspsy.dll
     4/9/2007 8:08 AM
   CTERFXFX
     system32\drivers\CTERFXFX.SYS
     E-MU E-DSP Effects Plugin Module
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\cterfxfx.sys
     10/11/2012 8:16 AM
   CTERFXFX.DLL
     system32\CTERFXFX.DLL
     E-MU E-DSP Effects Plugin Module
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\system32\cterfxfx.dll
     4/9/2007 8:08 AM
   CTERFXFX.SYS
     \SystemRoot\System32\drivers\CTERFXFX.SYS
     E-MU E-DSP Effects Plugin Module
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\cterfxfx.sys
     10/11/2012 8:16 AM
   CTEXFIFX.DLL
     system32\CTEXFIFX.DLL
     Creative XFi Effects
     Creative Technology Ltd.
     6.0.1.1241
     c:\windows\system32\ctexfifx.dll
     4/9/2007 8:08 AM
   CTHWIUT.DLL
     system32\CTHWIUT.DLL
     Creative Utility Effects
     Creative Technology Ltd.
     6.0.1.1241
     c:\windows\system32\cthwiut.dll
     4/9/2007 8:08 AM
   ctprxy2k
     system32\drivers\ctprxy2k.sys
     Creative Proxy Device Driver (WDM)
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\ctprxy2k.sys
     10/11/2012 8:15 AM
   CTSBLFX
     system32\drivers\CTSBLFX.SYS
     Creative SB FX Plug-in
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\ctsblfx.sys
     10/11/2012 8:16 AM
   CTSBLFX.DLL
     system32\CTSBLFX.DLL
     Creative SB FX Plug-in
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\system32\ctsblfx.dll
     4/9/2007 8:08 AM
   CTSBLFX.SYS
     \SystemRoot\System32\drivers\CTSBLFX.SYS
     Creative SB FX Plug-in
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\ctsblfx.sys
     10/11/2012 8:16 AM
   ctsfm2k
     system32\drivers\ctsfm2k.sys
     SoundFont® Manager (WDM)
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\ctsfm2k.sys
     10/11/2012 8:14 AM
   DrvAgent64
     \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
     DriverAgent Direct I/O for 64-bit Windows
     Phoenix Technologies
     1.0.0.1
     c:\windows\syswow64\drivers\drvagent64.sys
     12/14/2009 5:23 AM
   ebdrv
     \SystemRoot\system32\DRIVERS\evbda.sys
     Broadcom NetXtreme II 10 GigE VBD
     Broadcom Corporation
     4.8.13.0
     c:\windows\system32\drivers\evbda.sys
     12/31/2008 11:29 AM
   elxstor
     \SystemRoot\system32\DRIVERS\elxstor.sys
     Storport Miniport Driver for LightPulse HBAs
     Emulex
     7.2.10.211
     c:\windows\system32\drivers\elxstor.sys
     2/3/2009 5:52 PM
   emupia
     system32\drivers\emupia2k.sys
     E-mu Plug-in Architecture Driver (WDM)
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\emupia2k.sys
     10/11/2012 8:14 AM
   GEARAspiWDM
     system32\DRIVERS\GEARAspiWDM.sys
     CD DVD Filter
     GEAR Software Inc.
     2.2.3.0
     c:\windows\system32\drivers\gearaspiwdm.sys
     5/3/2012 2:56 PM
   ha10kx2k
     system32\drivers\ha10kx2k.sys
     Creative EMU10KX HAL (WDM)
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\ha10kx2k.sys
     10/11/2012 8:15 AM
   hap16v2k
     system32\drivers\hap16v2k.sys
     Creative EMU10KX-P16v HAL (WDM)
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\hap16v2k.sys
     10/11/2012 8:15 AM
   hap17v2k
     system32\drivers\hap17v2k.sys
     Creative EMU10KX-P17v HAL (WDM)
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\system32\drivers\hap17v2k.sys
     10/11/2012 8:15 AM
   hcw85cir
     \SystemRoot\system32\drivers\hcw85cir.sys
     Hauppauge WinTV 885 Consumer IR Driver for eHome
     Hauppauge Computer Works, Inc.
     1.31.27127.0
     c:\windows\system32\drivers\hcw85cir.sys
     5/11/2009 3:26 AM
   HpSAMD
     \SystemRoot\system32\drivers\HpSAMD.sys
     Smart Array SAS/SATA Controller Media Driver
     Hewlett-Packard Company
     6.12.6.64
     c:\windows\system32\drivers\hpsamd.sys
     4/20/2010 1:32 PM
   iaStorV
     \SystemRoot\system32\drivers\iaStorV.sys
     Intel Matrix Storage Manager driver - x64
     Intel Corporation
     8.6.2.1014
     c:\windows\system32\drivers\iastorv.sys
     6/10/2010 7:46 PM
   iirsp
     \SystemRoot\system32\DRIVERS\iirsp.sys
     Intel/ICP Raid Storport Driver
     Intel Corp./ICP vortex GmbH
     5.4.22.0
     c:\windows\system32\drivers\iirsp.sys
     12/13/2005 4:47 PM
   IntcAzAudAddService
     system32\drivers\RTKVHD64.sys
     Realtek® High Definition Audio Function Driver
     Realtek Semiconductor Corp.
     6.0.1.6662
     c:\windows\system32\drivers\rtkvhd64.sys
     6/19/2012 3:50 AM
   LGBusEnum
     system32\drivers\LGBusEnum.sys
     Logitech WingMan Virtual Bus Enumerator Driver
     Logitech Inc.
     3.4.131.0
     c:\windows\system32\drivers\lgbusenum.sys
     11/23/2009 8:36 PM
   LGVirHid
     system32\drivers\LGVirHid.sys
     Logitech GamePanel Virtual Hid Device Driver
     Logitech Inc.
     3.4.131.0
     c:\windows\system32\drivers\lgvirhid.sys
     11/23/2009 8:36 PM
   LHidFilt
     system32\DRIVERS\LHidFilt.Sys
     Logitech HID Filter Driver.
     Logitech, Inc.
     5.50.80.0
     c:\windows\system32\drivers\lhidfilt.sys
     9/18/2012 4:26 AM
   libusb0
     system32\DRIVERS\libusb0.sys
     LibUSB-Win32 - Kernel Driver
     http://libusb-win32.sourceforge.net
     1.2.5.0
     c:\windows\system32\drivers\libusb0.sys
     7/24/2011 12:21 AM
   LMouFilt
     system32\DRIVERS\LMouFilt.Sys
     Logitech Mouse Filter Driver.
     Logitech, Inc.
     5.50.80.0
     c:\windows\system32\drivers\lmoufilt.sys
     9/18/2012 4:26 AM
   LSI_FC
     \SystemRoot\system32\DRIVERS\lsi_fc.sys
     LSI Fusion-MPT FC Driver (StorPort)
     LSI Corporation
     1.28.3.52
     c:\windows\system32\drivers\lsi_fc.sys
     12/9/2008 5:46 PM
   LSI_SAS
     \SystemRoot\system32\DRIVERS\lsi_sas.sys
     LSI Fusion-MPT SAS Driver (StorPort)
     LSI Corporation
     1.28.3.52
     c:\windows\system32\drivers\lsi_sas.sys
     5/18/2009 7:20 PM
   LSI_SAS2
     \SystemRoot\system32\DRIVERS\lsi_sas2.sys
     LSI SAS Gen2 Driver (StorPort)
     LSI Corporation
     2.0.2.71
     c:\windows\system32\drivers\lsi_sas2.sys
     5/18/2009 7:31 PM
   LSI_SCSI
     \SystemRoot\system32\DRIVERS\lsi_scsi.sys
     LSI Fusion-MPT SCSI Driver (StorPort)
     LSI Corporation
     1.28.3.67
     c:\windows\system32\drivers\lsi_scsi.sys
     4/16/2009 5:13 PM
   lsnfd
     system32\drivers\lsnfd.sys
     File not found: system32\drivers\lsnfd.sys
    
   megasas
     \SystemRoot\system32\DRIVERS\megasas.sys
     MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64
     LSI Corporation
     4.5.1.64
     c:\windows\system32\drivers\megasas.sys
     5/18/2009 8:09 PM
   MegaSR
     \SystemRoot\system32\DRIVERS\MegaSR.sys
     LSI MegaRAID Software RAID Driver
     LSI Corporation, Inc.
     13.5.409.2009
     c:\windows\system32\drivers\megasr.sys
     5/18/2009 8:25 PM
   nfrd960
     \SystemRoot\system32\DRIVERS\nfrd960.sys
     IBM ServeRAID Controller Driver
     IBM Corporation
     7.10.0.0
     c:\windows\system32\drivers\nfrd960.sys
     6/6/2006 4:11 PM
   NVENETFD
     system32\DRIVERS\nvm62x64.sys
     NVIDIA MCP Networking Function Driver.
     NVIDIA Corporation
     1.0.1.210
     c:\windows\system32\drivers\nvm62x64.sys
     10/17/2008 4:01 PM
   nvlddmkm
     system32\DRIVERS\nvlddmkm.sys
     NVIDIA Windows Kernel Mode Driver, Version 311.06
     NVIDIA Corporation
     9.18.13.1106
     c:\windows\system32\drivers\nvlddmkm.sys
     1/18/2013 8:22 AM
   nvraid
     \SystemRoot\system32\drivers\nvraid.sys
     NVIDIAr nForce RAID Driver
     NVIDIA Corporation
     10.6.0.18
     c:\windows\system32\drivers\nvraid.sys
     3/19/2010 3:59 PM
   nvstor
     system32\drivers\nvstor.sys
     NVIDIAr nForce Sata Performance Driver
     NVIDIA Corporation
     10.6.0.18
     c:\windows\system32\drivers\nvstor.sys
     3/19/2010 3:45 PM
   ossrv
     system32\drivers\ctoss2k.sys
     Creative OS Services Driver (WDM)
     Creative Technology Ltd.
     6.0.1.1377
     c:\windows\system32\drivers\ctoss2k.sys
     10/11/2012 8:15 AM
   ql2300
     \SystemRoot\system32\DRIVERS\ql2300.sys
     QLogic Fibre Channel Stor Miniport Driver
     QLogic Corporation
     9.1.8.6
     c:\windows\system32\drivers\ql2300.sys
     1/22/2009 6:05 PM
   ql40xx
     \SystemRoot\system32\DRIVERS\ql40xx.sys
     QLogic iSCSI Storport Miniport Driver
     QLogic Corporation
     2.1.3.20
     c:\windows\system32\drivers\ql40xx.sys
     5/18/2009 8:18 PM
   SaiK0CCB
     system32\DRIVERS\SaiK0CCB.sys
     Saitek Hid Driver
     Saitek
     7.0.0.26
     c:\windows\system32\drivers\saik0ccb.sys
     4/21/2010 11:58 AM
   SaiMini
     system32\DRIVERS\SaiMini.sys
     Saitek Magic Mini Driver
     Saitek
     7.0.23.0
     c:\windows\system32\drivers\saimini.sys
     10/15/2012 4:30 AM
   SaiNtBus
     system32\drivers\SaiBus.sys
     Smart Technology Helpers
     Saitek
     7.0.23.0
     c:\windows\system32\drivers\saibus.sys
     10/15/2012 4:30 AM
   SaiU0CCB
     system32\DRIVERS\SaiU0CCB.sys
     Saitek Usb Driver
     Saitek
     7.0.0.26
     c:\windows\system32\drivers\saiu0ccb.sys
     4/21/2010 11:58 AM
   secdrv
     secdrv
     Macrovision SECURITY Driver
     Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
     4.3.86.0
     c:\windows\system32\drivers\secdrv.sys
     9/13/2006 8:18 AM
   SiSRaid2
     \SystemRoot\system32\DRIVERS\SiSRaid2.sys
     SiS RAID Stor Miniport Driver
     Silicon Integrated Systems Corp.
     5.1.1039.2600
     c:\windows\system32\drivers\sisraid2.sys
     9/24/2008 1:28 PM
   SiSRaid4
     \SystemRoot\system32\DRIVERS\sisraid4.sys
     SiS AHCI Stor-Miniport Driver
     Silicon Integrated Systems
     5.1.1039.3600
     c:\windows\system32\drivers\sisraid4.sys
     10/1/2008 4:56 PM
   stexstor
     \SystemRoot\system32\DRIVERS\stexstor.sys
     Promise  SuperTrak EX Series Driver for Windows
     Promise Technology
     5.0.1.1
     c:\windows\system32\drivers\stexstor.sys
     2/17/2009 6:03 PM
   USBAAPL64
     System32\Drivers\usbaapl64.sys
     Apple Mobile Device USB Driver
     Apple, Inc.
     1.64.0.0
     c:\windows\system32\drivers\usbaapl64.sys
     11/27/2012 6:38 PM
   viaide
     \SystemRoot\system32\drivers\viaide.sys
     VIA Generic PCI IDE Bus Driver
     VIA Technologies, Inc.
     6.0.6000.170
     c:\windows\system32\drivers\viaide.sys
     7/13/2009 6:19 PM
   vsmraid
     \SystemRoot\system32\DRIVERS\vsmraid.sys
     VIA RAID DRIVER FOR AMD-X86-64
     VIA Technologies Inc.,Ltd
     6.0.6000.6210
     c:\windows\system32\drivers\vsmraid.sys
     1/30/2009 8:18 PM

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify
   LBTWlgn
     c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
     Logitech Bluetooth Service
     Logitech, Inc.
     5.50.98.0
     c:\program files\common files\logishrd\bluetooth\lbtwlgn.dll
     10/1/2012 2:17 AM

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
   HP 5912 Status Monitor
     hpinksts5912LM.dll
     Print Status Language Monitor
     Hewlett-Packard Co.
     28.0.1180.0
     c:\windows\system32\hpinksts5912lm.dll
     6/18/2012 6:44 PM
   HP Discovery Port Monitor (HP Officejet Pro 8600)
     HPDiscoPM5912.dll
     HP Discovery Port Monitor
     Hewlett-Packard Co.
     28.0.1315.0
     c:\windows\system32\hpdiscopm5912.dll
     10/17/2012 6:31 AM
   pdfcmon
     pdfcmon.dll
     pdfcmon
     pdfforge GmbH
     0.3.0.0
     c:\windows\system32\pdfcmon.dll
     4/8/2013 5:27 PM

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries
   mdnsNSP
     C:\Program Files (x86)\Bonjour\mdnsNSP.dll
     Bonjour Namespace Provider
     Apple Inc.
     3.0.0.10
     c:\program files (x86)\bonjour\mdnsnsp.dll
     8/31/2011 12:44 AM

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64
   mdnsNSP
     C:\Program Files\Bonjour\mdnsNSP.dll
     Bonjour Namespace Provider
     Apple Inc.
     3.0.0.10
     c:\program files\bonjour\mdnsnsp.dll
     8/31/2011 12:53 AM

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   Launch LCore
     C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
     Logitech Gaming Framework
     Logitech Inc.
     8.40.83.0
     c:\program files\logitech gaming software\lcore.exe
     11/28/2012 7:03 PM
   EvtMgr6
     C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
     Logitech SetPoint Event Manager (UNICODE)
     Logitech, Inc.
     6.51.8.0
     c:\program files\logitech\setpointp\setpoint.exe
     11/4/2012 12:21 PM
   AsioThk32Reg
     %SYSTEMROOT%\SYSWOW64\REGSVR32.EXE /S %SYSTEMROOT%\SYSWOW64\CTASIO.DLL
     Creative ASIO Driver
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\syswow64\ctasio.dll
     10/11/2012 5:58 AM
   AsioReg
     REGSVR32 /S CTASIO.DLL
     Creative ASIO Driver
     Creative Technology Ltd
     5.12.1.1065
     c:\windows\system32\ctasio.dll
     8/3/2005 5:37 AM
   ProfilerU
     C:\Program Files\SmartTechnology\Software\ProfilerU.exe
     Saitek SST Profile Launcher
     Saitek
     7.0.23.0
     c:\program files\smarttechnology\software\profileru.exe
     10/15/2012 4:31 AM
   SaiMfd
     C:\Program Files\SmartTechnology\Software\SaiMfd.exe
     Saitek MFD File System Driver
     Saitek
     7.0.23.0
     c:\program files\smarttechnology\software\saimfd.exe
     10/15/2012 4:31 AM

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
   Adobe ARM
     "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
     Adobe Reader and Acrobat Manager
     Adobe Systems Incorporated
     1.7.4.0
     c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
     4/4/2013 4:05 PM
   AsioThk32Reg
     REGSVR32.EXE /S CTASIO.DLL
     Creative ASIO Driver
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\syswow64\ctasio.dll
     10/11/2012 5:58 AM
   CTHelper
     CTHELPER.EXE
     CtHelper Application
     Creative Technology Ltd
     6.0.1.1377
     c:\windows\syswow64\cthelper.exe
     10/11/2012 6:22 AM
   CTxfiHlp
     CTXFIHLP.EXE
     CTXfiHlp MFC Application
     Creative Technology Ltd
     6.0.1.1241
     c:\windows\syswow64\ctxfihlp.exe
     4/9/2007 7:32 AM
   AVG_UI
     "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
     AVG User Interface
     AVG Technologies CZ, s.r.o.
     14.0.0.4253
     c:\program files (x86)\avg\avg2014\avgui.exe
     11/7/2013 4:03 PM
   SunJavaUpdateSched
     "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
     Java Update Scheduler
     Oracle Corporation
     2.1.9.4
     c:\program files (x86)\common files\java\java update\jusched.exe
     3/12/2013 10:32 AM
   APSDaemon
     "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
     Apple Push
     Apple Inc.
     2.2.9.2
     c:\program files (x86)\common files\apple\apple application support\apsdaemon.exe
     4/16/2013 10:13 PM
   QuickTime Task
     "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
     QuickTime Task
     Apple Inc.
     7.7.4.0
     c:\program files (x86)\quicktime\qttask.exe
     5/1/2013 5:42 AM
   iTunesHelper
     "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
     iTunesHelper
     Apple Inc.
     11.1.3.8
     c:\program files (x86)\itunes\ituneshelper.exe
     11/2/2013 1:56 AM
   HP Software Update
     C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
     hpwuSchd Application
     Hewlett-Packard
     80.1.1.0
     c:\program files (x86)\hp\hp software update\hpwuschd2.exe
     4/27/2010 3:58 AM
   vProt
     "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
     File not found: C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
    

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnceEx\000
   zoek-delete
     zoek-delete.exe
     File not found: zoek-delete.exe
    

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
   McAfee Security Scan Plus.lnk
     C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
     McAfee Security Scanner Scheduler
     McAfee, Inc.
     2.1.119.0
     c:\program files (x86)\mcafee security scan\2.1.121\ssscheduler.exe
     3/8/2010 7:53 AM

C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
   Launch Jawbone Updater.lnk
     C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk
     c:\program files (x86)\jawbone\launchju.exe
     8/30/2013 3:02 PM
   Monitor Ink Alerts - HP Officejet Pro 8600.lnk
     C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600.lnk
     Print Driver Status Business Logic
     Hewlett-Packard Co.
     28.0.1315.0
     c:\program files\hp\hp officejet pro 8600\bin\hpstatusbl.dll
     10/17/2012 6:37 AM

HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
   Internet Explorer
     C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
     File not found: C:\Windows\system32\ie4uinit.exe
    
   Google Chrome
     "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
     Google Chrome
     Google Inc.
     31.0.1650.57
     c:\program files (x86)\google\chrome\application\31.0.1650.57\installer\chrmstp.exe
     11/14/2013 5:21 AM

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
   Steam
     "C:\Program Files (x86)\Steam\steam.exe" -silent
     Steam Client Bootstrapper (buildbot_winslave04_steam_steam_rel_client_win32@winslave04)
     Valve Corporation
     2.4.35.50
     c:\program files (x86)\steam\steam.exe
     12/11/2013 1:59 PM
   cdloader
     "C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe" MAGICJACK
     magicJack (cdloader2)
     magicJack L.P.
     1.0.0.1
     c:\users\user\appdata\roaming\mjusbsp\cdloader2.exe
     12/12/2007 6:34 AM
   EADM
     "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
     Origin
     Electronic Arts
     9.3.10.4710
     c:\program files (x86)\origin\origin.exe
     10/9/2013 5:10 PM
   iCloudServices
     C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
     iCloud
     Apple Inc.
     3.1.0.3
     c:\program files (x86)\common files\apple\internet services\icloudservices.exe
     4/16/2013 10:13 PM
   ApplePhotoStreams
     C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
     Apple Photostreams Uploader Executable
     Apple Inc.
     7.13.13.5
     c:\program files (x86)\common files\apple\internet services\applephotostreams.exe
     4/16/2013 10:13 PM
   CmTray
     "C:\Program Files (x86)\Content Manager\launchCM.exe"
     c:\program files (x86)\content manager\launchcm.exe
     8/18/2011 8:58 PM
   TBHostSupport
     "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\User\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin
     File not found: C:\Users\User\AppData\Local\TBHostSupport\TBHostSupport.dll
    
   BrowserSafeguard
     "C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe"
     File not found: C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe
    
   AVG-Secure-Search-Update_1213b
     C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=8d6b63207c3947d0af3cd1509d16823a-491969759e33ac5f836d52f702595cec4416b29d /CMPID=1213b
     File not found: C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=8d6b63207c3947d0af3cd1509d16823a-491969759e33ac5f836d52f702595cec4416b29d /CMPID=1213b
    

Task Scheduler
   \Adobe Flash Player Updater
     "C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe"
     Adober Flashr Player Update Service 11.9 r900
     Adobe Systems Incorporated
     11.9.900.170
     c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe
     12/1/2013 1:09 PM
   \BrowserSafeguard Update Task
     "C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe" /CheckUpdate=true
     File not found: C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe
    
   \BuzzSocialPoints_DNS_Checker
     "C:\Windows\BuzzSocialPointsChecker\BSP_li.exe"
     File not found: C:\Windows\BuzzSocialPointsChecker\BSP_li.exe
    
   \CCleanerSkipUAC
     "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
     CCleaner
     Piriform Ltd
     4.9.0.4471
     c:\program files\ccleaner\ccleaner.exe
     12/13/2013 10:35 AM
   \GoogleUpdateTaskMachineCore
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
     Google Installer
     Google Inc.
     1.2.183.21
     c:\program files (x86)\google\update\googleupdate.exe
     3/9/2010 1:10 AM
   \GoogleUpdateTaskMachineUA
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
     Google Installer
     Google Inc.
     1.2.183.21
     c:\program files (x86)\google\update\googleupdate.exe
     3/9/2010 1:10 AM
   \HPCustParticipation HP Officejet Pro 8600
     "C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe" /UA 9.5 /DDV 0x1000
     HP Customer Participation.
     Hewlett-Packard Co.
     28.0.1315.0
     c:\program files\hp\hp officejet pro 8600\bin\hpcustpartic.exe
     10/17/2012 6:34 AM
   \{50AD2F92-7B85-400A-A3F3-C9680FBE1509}
     "C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe"
     Battlefield 3T
     EA Digital Illusions CE AB
     1.6.0.0
     c:\program files (x86)\origin games\battlefield 3\bf3.exe
     2/14/2013 2:33 AM
   \{6A2D1831-6F68-4DFC-9D42-FDF732B9DBC1}
     "C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe"
     Battlefield 3T
     EA Digital Illusions CE AB
     1.6.0.0
     c:\program files (x86)\origin games\battlefield 3\bf3.exe
     2/14/2013 2:33 AM
   \{CE2A6C29-4C2D-4F61-B3B3-706E6B85EBF1}
     "C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe"
     Battlefield 3T
     EA Digital Illusions CE AB
     1.6.0.0
     c:\program files (x86)\origin games\battlefield 3\bf3.exe
     2/14/2013 2:33 AM
   \Apple\AppleSoftwareUpdate
     "C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe" -task
     Apple Software Update
     Apple Inc.
     2.1.3.127
     c:\program files (x86)\apple software update\softwareupdate.exe
     6/1/2011 7:46 PM
   \Microsoft\Windows\NetTrace\GatherNetworkInfo
     "%windir%\system32\gatherNetworkInfo.vbs"
     c:\windows\system32\gathernetworkinfo.vbs
     6/10/2009 3:36 PM

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
   AVG Shell Extension
     HKCR\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
     AVG Shell Extension
     AVG Technologies CZ, s.r.o.
     14.0.0.4208
     c:\program files (x86)\avg\avg2014\avgsea.dll
     10/7/2013 5:54 PM
   GDContextMenu
     HKCR\CLSID\{BB02B294-8425-42E5-983F-41A1FA970CD6}
     Google Drive shell extension
     Google
     1.0.0.1
     c:\program files (x86)\google\drive\contextmenu64.dll
     3/7/2013 7:30 PM
   PhotoStreamsExt
     HKCR\CLSID\{89D984B3-813B-406A-8298-118AFA3A22AE}
     Apple Photostreams UI Shell Extension
     Apple Inc.
     7.13.13.1
     c:\program files\common files\apple\internet services\shellstreams64.dll
     11/11/2013 9:12 PM

HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers
   AVG Shell Extension
     HKCR\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
     AVG Shell Extension
     AVG Technologies CZ, s.r.o.
     14.0.0.4208
     c:\program files (x86)\avg\avg2014\avgse.dll
     10/7/2013 6:38 PM
   PDFArchitectExtension
     HKCR\CLSID\{DBDB3433-0E01-40CE-A026-D9F54FAC3CA9}
     PDF Architect Shell Extension
     pdfforge GmbH
     1.1.83.9982
     c:\program files (x86)\pdf architect\contextmenuext.dll
     4/8/2013 10:11 AM
   PhotoStreamsExt
     HKCR\CLSID\{89D984B3-813B-406A-8298-118AFA3A22AE}
     Apple Photostreams UI Shell Extension
     Apple Inc.
     7.13.13.5
     c:\program files (x86)\common files\apple\internet services\shellstreams.dll
     11/19/2013 9:22 PM

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
   GDContextMenu
     HKCR\CLSID\{BB02B294-8425-42E5-983F-41A1FA970CD6}
     Google Drive shell extension
     Google
     1.0.0.1
     c:\program files (x86)\google\drive\contextmenu64.dll
     3/7/2013 7:30 PM

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
   NvCplDesktopContext
     HKCR\CLSID\{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}
     NVIDIA Display Shell Extension
     NVIDIA Corporation
     1.2.0.1
     c:\windows\system32\nvshext.dll
     1/18/2013 9:38 AM

HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers
   PDF Shell Extension
     HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}
     PDF Shell Extension
     Adobe Systems, Inc.
     11.0.3.37
     c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll
     5/11/2013 4:34 AM

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
   AVG Shell Extension
     HKCR\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
     AVG Shell Extension
     AVG Technologies CZ, s.r.o.
     14.0.0.4208
     c:\program files (x86)\avg\avg2014\avgsea.dll
     10/7/2013 5:54 PM

HKLM\Software\Wow6432Node\Classes\Folder\ShellEx\ContextMenuHandlers
   AVG Shell Extension
     HKCR\CLSID\{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}
     AVG Shell Extension
     AVG Technologies CZ, s.r.o.
     14.0.0.4208
     c:\program files (x86)\avg\avg2014\avgse.dll
     10/7/2013 6:38 PM

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers
   GDriveBlacklistedOverlay
     HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}
     Google Drive shell extension
     Google
     1.12.5329.1887
     c:\program files (x86)\google\drive\googledrivesync64.dll
     9/25/2013 7:34 PM
   GDriveSharedEditOverlay
     HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}
     Google Drive shell extension
     Google
     1.12.5329.1887
     c:\program files (x86)\google\drive\googledrivesync64.dll
     9/25/2013 7:34 PM
   GDriveSharedOverlay
     HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}
     Google Drive shell extension
     Google
     1.12.5329.1887
     c:\program files (x86)\google\drive\googledrivesync64.dll
     9/25/2013 7:34 PM
   GDriveSharedViewOverlay
     HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}
     Google Drive shell extension
     Google
     1.12.5329.1887
     c:\program files (x86)\google\drive\googledrivesync64.dll
     9/25/2013 7:34 PM
   GDriveSyncedOverlay
     HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}
     Google Drive shell extension
     Google
     1.12.5329.1887
     c:\program files (x86)\google\drive\googledrivesync64.dll
     9/25/2013 7:34 PM
   GDriveSyncingOverlay
     HKCR\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}
     Google Drive shell extension
     Google
     1.12.5329.1887
     c:\program files (x86)\google\drive\googledrivesync64.dll
     9/25/2013 7:34 PM

HKLM\Software\Microsoft\Internet Explorer\Toolbar
   Google Toolbar
     HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
     Google Toolbar
     Google Inc.
     7.5.4601.54
     c:\program files (x86)\google\google toolbar\googletoolbar_64.dll
     9/30/2013 8:11 PM

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar
   Google Toolbar
     HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
     Google Toolbar
     Google Inc.
     7.5.4601.54
     c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
     9/30/2013 8:25 PM

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     C:\Windows\System32\l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.401
     c:\windows\system32\l3codeca.acm
     7/13/2009 8:28 PM

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     C:\Windows\SysWOW64\l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.401
     c:\windows\syswow64\l3codeca.acm
     7/13/2009 8:06 PM
   vidc.cvid
     iccvid.dll
     Cinepakr Codec
     Radius Inc.
     1.10.0.13
     c:\windows\syswow64\iccvid.dll
     11/20/2010 6:59 AM

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\User\AppData\Local\Mozilla\Firefox\Profiles\9tbp03gf.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=292 folders=103 35981229 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\User\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\User\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Thu 12/26/2013 at  7:46:56.77 ======================
 

[kevinf80]

Run the following:

 

Open Malwarebytes, check for updates then run Quick scan. Full instructions follow if  Malwarebytes is not installed:

 

Download Malwarebytes from the following link and save it to your desktop.:

 

 

http://www.malwarebytes.org/mbam.php 

 

Double Click mbam-setup.exe to install the application.

• 
  

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select "Perform Quick Scan", then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
Please save the log to a location you will remember.
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
  

 

Post those logs, let me know if there are any remaining issues or concerns...

 

Kevin

[Billiam]

Part 1.

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.26.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
User :: USER-PC [administrator]

Protection: Enabled

12/26/2013 7:25:07 PM
mbam-log-2013-12-26 (19-25-07).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 233016
Time elapsed: 4 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 5
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Wow6432Node\Adpeak, Inc. (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LSNFD (PUP.Optional.Linksicle) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Quarantined and deleted successfully.

Registry Values Detected: 4
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|TBHostSupport (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\User\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: 1_di_cc_g_s_us_win7_ot_0_0000-0000 -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\lsnfd|ImagePath (PUP.Optional.Linksicle) -> Data: system32\drivers\lsnfd.sys -> Quarantined and deleted successfully.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {6DFC7FC0-C0C9-11E2-ADF2-0019DBF26BC9} -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard (PUP.Optional.BrowserSafeGuard) -> Quarantined and deleted successfully.

Files Detected: 6
C:\temp\000.exe (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\InstallServices64.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> Quarantined and deleted successfully.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.
C:\Users\User\Downloads\hijackthis.exe (PUP.Optional.DomaIQ) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BrowserSafeguard\BrowserSafeguard.lnk (PUP.Optional.BrowserSafeGuard) -> Quarantined and deleted successfully.

(end)
 

[Billiam]

Part 2

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-12-2013
Ran by User (administrator) on USER-PC on 26-12-2013 19:32:10
Running from C:\Users\User\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\UTSCSI.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
(Farbar) C:\Users\User\Downloads\FRST64 (2).exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-28] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [AsioThk32Reg] - %SYSTEMROOT%\SYSWOW64\REGSVR32.EXE /S %SYSTEMROOT%\SYSWOW64\CTASIO.DLL
HKLM\...\Run: [AsioReg] - REGSVR32 /S CTASIO.DLL
HKLM\...\Run: [ProfilerU] - C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2012-10-15] (Saitek)
HKLM\...\Run: [saiMfd] - C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2012-10-15] (Saitek)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AsioThk32Reg] - REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] - C:\Windows\\SysWOW64\CTHELPER.EXE [19456 2012-10-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [vProt] - "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware] - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent [532040 2013-04-04] (Malwarebytes Corporation)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - rundll32.exe "C:\ProgramData\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll",ProcessCleanupScript [1127496 2013-04-04] (Malwarebytes Corporation)
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [cdloader] - C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3561816 2013-11-11] (Electronic Arts)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [CmTray] - C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKCU\...\Run: [browserSafeguard] - "C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe"
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=8d6b63207c3947d0af3cd1509d16823a-491969759e33ac5f836d52f702595cec4416b29d /CMPID=1213b
MountPoints2: {971af368-317f-11e3-ac76-0019dbf26bc9} - E:\LaunchU3.exe -a
HKU\UpdatusUser\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\UpdatusUser\...\Run: [cdloader] - C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\UpdatusUser\...\Run: [Driver Detective] - C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
HKU\UpdatusUser\...\Run: [setDefaultMIDI] - MIDIDef.exe
HKU\UpdatusUser\...\RunOnce: [inetReg] - "C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
AppInit_DLLs:    [ ] ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk
ShortcutTarget: Launch Jawbone Updater.lnk -> C:\Program Files (x86)\Jawbone\LaunchJU.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600.lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:49179;https=127.0.0.1:49179
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x605BF2D636DECD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll No File
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9tbp03gf.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\\npsitesafety.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.2.0.38

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Logitech SetPoint) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.51.8_0
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-03] (McAfee, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-02-02] ()
R2 UTSCSI; C:\Windows\SysWow64\UTSCSI.EXE [45056 2013-01-31] ()

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-20] (AVG Technologies)
R3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2013-08-30] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 SaiK0CCB; C:\Windows\System32\DRIVERS\SaiK0CCB.sys [171016 2010-04-22] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
R3 SaiU0CCB; C:\Windows\System32\DRIVERS\SaiU0CCB.sys [41096 2010-04-22] (Saitek)
S3 cpuz136; \??\C:\Users\User\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-26 19:31 - 2013-12-26 19:31 - 01928716 _____ (Farbar) C:\Users\User\Downloads\FRST64 (2).exe
2013-12-26 19:24 - 2013-12-26 19:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-12-26 19:23 - 2013-12-26 19:23 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-26 19:23 - 2013-12-26 19:23 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-26 19:23 - 2013-12-26 19:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 19:23 - 2013-12-26 19:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 19:23 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-26 07:44 - 2013-10-18 01:11 - 00024064 _____ C:\Windows\zoek-delete.exe
2013-12-26 07:32 - 2013-12-25 17:37 - 00087845 _____ C:\zoek-results2013-12-25-223706.log
2013-12-25 18:58 - 2013-12-25 18:59 - 00003743 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-12-25 18:40 - 2013-12-25 17:08 - 01409177 _____ C:\Users\User\Desktop\zoek.scr
2013-12-25 18:40 - 2013-12-25 17:08 - 01409177 _____ C:\Users\User\Desktop\zoek.com
2013-12-25 18:31 - 2013-12-25 17:08 - 01281024 _____ C:\Users\User\Desktop\zoek.exe
2013-12-25 17:23 - 2013-12-26 07:46 - 00088864 _____ C:\zoek-results.log
2013-12-25 17:20 - 2013-12-25 17:20 - 00023769 _____ C:\Users\User\Desktop\afterreport.txt
2013-12-25 17:15 - 2013-12-26 07:46 - 00002350 _____ C:\Windows\PFRO.log
2013-12-25 17:15 - 2013-12-26 07:46 - 00000112 _____ C:\Windows\setupact.log
2013-12-25 17:15 - 2013-12-25 17:15 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 17:06 - 2013-12-26 07:43 - 00000000 ____D C:\zoek_backup
2013-12-25 17:05 - 2013-12-25 17:05 - 04079821 _____ C:\Users\User\Desktop\zoek.zip
2013-12-25 17:05 - 2013-12-25 17:05 - 00000000 ____D C:\Users\User\Desktop\zoek
2013-12-25 08:16 - 2013-12-25 17:17 - 00000000 ____D C:\AdwCleaner
2013-12-25 08:16 - 2013-12-25 08:16 - 00001129 _____ C:\Users\User\Desktop\AdwCleaner - Shortcut.lnk
2013-12-25 08:14 - 2013-12-25 08:14 - 01233962 _____ C:\Users\User\Downloads\AdwCleaner.exe
2013-12-25 08:04 - 2013-12-25 08:04 - 00032030 _____ C:\Users\User\Documents\cc_20131225_080402.reg
2013-12-24 13:59 - 2013-12-25 18:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-24 13:59 - 2013-12-24 13:59 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-14 07:06 - 2013-12-14 07:06 - 00000000 ____D C:\Windows\Hewlett-Packard
2013-12-12 03:03 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:03 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:03 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:03 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:02 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:02 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:02 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:02 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:02 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:02 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:02 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:02 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:02 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:02 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:02 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:02 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:02 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:02 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:02 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:02 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:02 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:02 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:02 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:02 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:02 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:02 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:02 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 03:01 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:01 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:01 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:01 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:01 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:01 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:01 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:01 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 14:06 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 14:06 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 14:06 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 14:06 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 14:06 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 14:06 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 14:06 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 14:05 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 14:05 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 14:05 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 14:05 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 14:05 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 14:05 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 14:05 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 14:05 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 14:05 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 14:05 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 14:05 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 14:05 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 13:19 - 2013-12-11 13:19 - 08641416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-11-29 16:12 - 2013-11-29 16:12 - 00003604 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8600
2013-11-29 16:11 - 2013-12-20 18:06 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2013-11-29 16:11 - 2013-11-29 16:11 - 00002206 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2013-11-29 16:11 - 2013-11-29 16:11 - 00001158 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8600.lnk
2013-11-29 16:11 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5912.dll
2013-11-29 16:09 - 2013-12-14 07:06 - 00000000 ____D C:\Program Files (x86)\HP
2013-11-29 16:09 - 2013-11-29 16:09 - 00000000 ____D C:\ProgramData\HP
2013-11-29 16:09 - 2013-11-29 16:09 - 00000000 ____D C:\Program Files\HP
2013-11-29 16:08 - 2013-11-29 16:44 - 00000000 ____D C:\Users\User\AppData\Local\HP
2013-11-29 16:08 - 2013-11-29 16:08 - 00000057 _____ C:\ProgramData\Ament.ini
2013-11-29 00:59 - 2013-11-29 00:59 - 01071584 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer11x32ax_gtba_chra_dy_aaa_aih (1).exe
2013-11-29 00:48 - 2013-11-29 00:48 - 00000000 ____D C:\Users\User\AppData\Local\BrowserSafeguard
2013-11-28 20:40 - 2013-11-28 20:45 - 00027761 _____ C:\Users\User\Downloads\Addition.txt
2013-11-28 20:39 - 2013-12-26 19:32 - 00018991 _____ C:\Users\User\Downloads\FRST.txt
2013-11-28 20:39 - 2013-11-28 20:39 - 00000000 ____D C:\FRST
2013-11-28 20:38 - 2013-11-28 20:39 - 01959024 _____ (Farbar) C:\Users\User\Downloads\FRST64 (1).exe
2013-11-28 20:37 - 2013-11-28 20:37 - 01959024 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-11-28 20:30 - 2013-11-28 20:30 - 00002971 _____ C:\Users\User\Desktop\HiJackThis.lnk
2013-11-28 20:30 - 2013-11-28 20:30 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-11-28 20:29 - 2013-11-28 20:24 - 01402880 _____ C:\Users\User\Desktop\HiJackThis.msi
2013-11-28 20:27 - 2013-11-28 20:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-11-28 20:09 - 2013-11-28 20:09 - 00251392 _____ C:\Users\User\Downloads\hijackthis_sfx.exe
2013-11-27 11:23 - 2013-12-25 08:02 - 00000828 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-11-27 11:23 - 2013-12-25 08:02 - 00000000 ____D C:\Program Files\CCleaner
2013-11-27 11:23 - 2013-11-27 11:23 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-11-27 11:22 - 2013-11-27 11:22 - 00003854 _____ C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2013-11-27 05:59 - 2013-11-27 06:00 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-27 05:59 - 2013-11-27 06:00 - 00000000 ____D C:\Program Files\iTunes
2013-11-27 05:59 - 2013-11-27 06:00 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-27 05:59 - 2013-11-27 05:59 - 00000000 ____D C:\Program Files\iPod
2013-11-26 03:05 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 03:03 - 2013-11-26 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 03:03 - 2013-11-26 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 03:02 - 2013-11-26 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 03:02 - 2013-11-26 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 03:02 - 2013-11-26 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 03:02 - 2013-11-26 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 03:02 - 2013-11-26 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 03:02 - 2013-11-26 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe

==================== One Month Modified Files and Folders =======

2013-12-26 19:32 - 2013-11-28 20:39 - 00018991 _____ C:\Users\User\Downloads\FRST.txt
2013-12-26 19:31 - 2013-12-26 19:31 - 01928716 _____ (Farbar) C:\Users\User\Downloads\FRST64 (2).exe
2013-12-26 19:24 - 2013-12-26 19:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-12-26 19:23 - 2013-12-26 19:23 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-26 19:23 - 2013-12-26 19:23 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-26 19:23 - 2013-12-26 19:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 19:23 - 2013-12-26 19:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 19:19 - 2012-12-04 11:05 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-26 18:53 - 2013-02-16 09:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-26 18:44 - 2012-12-03 15:58 - 01355042 _____ C:\Windows\WindowsUpdate.log
2013-12-26 17:08 - 2012-12-19 17:20 - 00000000 ____D C:\ProgramData\MFAData
2013-12-26 07:53 - 2009-07-14 00:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-26 07:53 - 2009-07-13 23:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-26 07:53 - 2009-07-13 23:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-26 07:47 - 2012-12-19 17:29 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-26 07:46 - 2013-12-25 17:23 - 00088864 _____ C:\zoek-results.log
2013-12-26 07:46 - 2013-12-25 17:15 - 00002350 _____ C:\Windows\PFRO.log
2013-12-26 07:46 - 2013-12-25 17:15 - 00000112 _____ C:\Windows\setupact.log
2013-12-26 07:46 - 2013-02-16 09:12 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-26 07:46 - 2012-12-03 17:15 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-26 07:46 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-26 07:43 - 2013-12-25 17:06 - 00000000 ____D C:\zoek_backup
2013-12-25 18:59 - 2013-12-25 18:58 - 00003743 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-12-25 18:59 - 2013-12-24 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-25 18:51 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-25 18:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-25 17:37 - 2013-12-26 07:32 - 00087845 _____ C:\zoek-results2013-12-25-223706.log
2013-12-25 17:20 - 2013-12-25 17:20 - 00023769 _____ C:\Users\User\Desktop\afterreport.txt
2013-12-25 17:17 - 2013-12-25 08:16 - 00000000 ____D C:\AdwCleaner
2013-12-25 17:15 - 2013-12-25 17:15 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 17:08 - 2013-12-25 18:40 - 01409177 _____ C:\Users\User\Desktop\zoek.scr
2013-12-25 17:08 - 2013-12-25 18:40 - 01409177 _____ C:\Users\User\Desktop\zoek.com
2013-12-25 17:08 - 2013-12-25 18:31 - 01281024 _____ C:\Users\User\Desktop\zoek.exe
2013-12-25 17:05 - 2013-12-25 17:05 - 04079821 _____ C:\Users\User\Desktop\zoek.zip
2013-12-25 17:05 - 2013-12-25 17:05 - 00000000 ____D C:\Users\User\Desktop\zoek
2013-12-25 08:16 - 2013-12-25 08:16 - 00001129 _____ C:\Users\User\Desktop\AdwCleaner - Shortcut.lnk
2013-12-25 08:14 - 2013-12-25 08:14 - 01233962 _____ C:\Users\User\Downloads\AdwCleaner.exe
2013-12-25 08:04 - 2013-12-25 08:04 - 00032030 _____ C:\Users\User\Documents\cc_20131225_080402.reg
2013-12-25 08:03 - 2013-11-19 22:36 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-12-25 08:02 - 2013-11-27 11:23 - 00000828 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-25 08:02 - 2013-11-27 11:23 - 00000000 ____D C:\Program Files\CCleaner
2013-12-24 13:59 - 2013-12-24 13:59 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 18:06 - 2013-11-29 16:11 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2013-12-17 17:00 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-16 03:02 - 2013-07-15 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-12-16 03:00 - 2012-12-03 17:31 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 07:06 - 2013-12-14 07:06 - 00000000 ____D C:\Windows\Hewlett-Packard
2013-12-14 07:06 - 2013-11-29 16:09 - 00000000 ____D C:\Program Files (x86)\HP
2013-12-12 03:58 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 03:21 - 2009-07-13 23:45 - 00414704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 03:03 - 2013-09-09 19:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 13:19 - 2013-12-11 13:19 - 08641416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 13:19 - 2012-12-04 11:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 13:19 - 2012-12-04 11:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 13:19 - 2012-12-04 11:05 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-03 01:48 - 2013-02-16 09:12 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 01:48 - 2013-02-16 09:12 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-29 16:44 - 2013-11-29 16:08 - 00000000 ____D C:\Users\User\AppData\Local\HP
2013-11-29 16:17 - 2012-12-03 15:59 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-29 16:12 - 2013-11-29 16:12 - 00003604 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8600
2013-11-29 16:11 - 2013-11-29 16:11 - 00002206 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2013-11-29 16:11 - 2013-11-29 16:11 - 00001158 _____ C:\Users\Public\Desktop\Shop for Supplies - HP Officejet Pro 8600.lnk
2013-11-29 16:09 - 2013-11-29 16:09 - 00000000 ____D C:\ProgramData\HP
2013-11-29 16:09 - 2013-11-29 16:09 - 00000000 ____D C:\Program Files\HP
2013-11-29 16:08 - 2013-11-29 16:08 - 00000057 _____ C:\ProgramData\Ament.ini
2013-11-29 01:01 - 2012-12-04 11:13 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2013-11-29 00:59 - 2013-11-29 00:59 - 01071584 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer11x32ax_gtba_chra_dy_aaa_aih (1).exe
2013-11-29 00:48 - 2013-11-29 00:48 - 00000000 ____D C:\Users\User\AppData\Local\BrowserSafeguard
2013-11-28 20:45 - 2013-11-28 20:40 - 00027761 _____ C:\Users\User\Downloads\Addition.txt
2013-11-28 20:39 - 2013-11-28 20:39 - 00000000 ____D C:\FRST
2013-11-28 20:39 - 2013-11-28 20:38 - 01959024 _____ (Farbar) C:\Users\User\Downloads\FRST64 (1).exe
2013-11-28 20:37 - 2013-11-28 20:37 - 01959024 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-11-28 20:30 - 2013-11-28 20:30 - 00002971 _____ C:\Users\User\Desktop\HiJackThis.lnk
2013-11-28 20:30 - 2013-11-28 20:30 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-11-28 20:30 - 2013-11-28 20:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-11-28 20:27 - 2012-12-03 15:59 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2013-11-28 20:24 - 2013-11-28 20:29 - 01402880 _____ C:\Users\User\Desktop\HiJackThis.msi
2013-11-28 20:09 - 2013-11-28 20:09 - 00251392 _____ C:\Users\User\Downloads\hijackthis_sfx.exe
2013-11-27 11:25 - 2012-12-24 23:37 - 00000000 ____D C:\Users\User\AppData\Roaming\Ventrilo
2013-11-27 11:25 - 2012-12-03 18:52 - 00000000 ____D C:\Windows\Panther
2013-11-27 11:25 - 2012-12-03 16:26 - 00000000 ____D C:\Windows\Minidump
2013-11-27 11:23 - 2013-11-27 11:23 - 00002770 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2013-11-27 11:22 - 2013-11-27 11:22 - 00003854 _____ C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2013-11-27 11:21 - 2013-05-19 16:17 - 00000000 ____D C:\Users\User\AppData\Roaming\Mozilla
2013-11-27 06:00 - 2013-11-27 05:59 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-27 06:00 - 2013-11-27 05:59 - 00000000 ____D C:\Program Files\iTunes
2013-11-27 06:00 - 2013-11-27 05:59 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-27 06:00 - 2013-09-21 06:41 - 00001789 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-27 05:59 - 2013-11-27 05:59 - 00000000 ____D C:\Program Files\iPod
2013-11-26 12:25 - 2012-12-03 16:36 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-26 08:10 - 2013-09-28 10:17 - 00000971 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-26 06:54 - 2013-12-12 03:02 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 05:19 - 2013-12-12 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 05:18 - 2013-12-12 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 05:11 - 2013-12-12 03:01 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 04:48 - 2013-12-12 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 04:46 - 2013-12-12 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 04:41 - 2013-12-12 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 04:29 - 2013-12-12 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 04:27 - 2013-12-12 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 04:23 - 2013-12-12 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 04:21 - 2013-12-12 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 04:18 - 2013-12-12 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 04:18 - 2013-12-12 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 04:16 - 2013-12-12 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 03:57 - 2013-12-12 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 03:38 - 2013-12-12 03:02 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 03:38 - 2013-12-12 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 03:35 - 2013-12-12 03:01 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 03:32 - 2013-12-12 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 03:28 - 2013-12-12 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 03:25 - 2012-12-03 15:59 - 00001423 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-26 03:21 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 03:16 - 2013-12-12 03:01 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 03:03 - 2013-11-26 03:03 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 03:03 - 2013-11-26 03:03 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 03:02 - 2013-12-12 03:01 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 03:02 - 2013-11-26 03:02 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 03:02 - 2013-11-26 03:02 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 03:02 - 2013-11-26 03:02 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 03:02 - 2013-11-26 03:02 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 03:02 - 2013-11-26 03:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 03:02 - 2013-11-26 03:02 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 03:02 - 2013-11-26 03:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 03:02 - 2013-11-26 03:02 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 03:02 - 2013-11-26 03:02 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 02:48 - 2013-12-12 03:01 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 02:32 - 2013-12-12 03:01 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 02:26 - 2013-12-12 03:01 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 02:07 - 2013-12-12 03:02 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 01:40 - 2013-12-12 03:01 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 01:34 - 2013-12-12 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 01:34 - 2013-12-12 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 01:33 - 2013-12-12 03:02 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 01:27 - 2013-12-12 03:02 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-20 00:38

==================== End Of Log ============================

[kevinf80]

You have not posted the second log from FRST "addition.txt" can you post that please...

 

Also do you recognize, know of or trust the following proxy server:

 

ProxyServer: http=127.0.0.1:49179

[Billiam]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2013 01
Ran by User (administrator) on USER-PC on 28-12-2013 11:42:16
Running from C:\Users\User\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\UTSCSI.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CtHelper.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\SeaPort.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Launch LCore] - C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-28] (Logitech Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [2419512 2012-11-04] (Logitech, Inc.)
HKLM\...\Run: [AsioThk32Reg] - %SYSTEMROOT%\SYSWOW64\REGSVR32.EXE /S %SYSTEMROOT%\SYSWOW64\CTASIO.DLL
HKLM\...\Run: [AsioReg] - REGSVR32 /S CTASIO.DLL
HKLM\...\Run: [ProfilerU] - C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2012-10-15] (Saitek)
HKLM\...\Run: [saiMfd] - C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2012-10-15] (Saitek)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AsioThk32Reg] - REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [CTHelper] - C:\Windows\\SysWOW64\CTHELPER.EXE [19456 2012-10-11] (Creative Technology Ltd)
HKLM-x32\...\Run: [CTxfiHlp] - C:\Windows\\SysWOW64\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [vProt] - "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"
Winlogon\Notify\LBTWlgn: C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
HKCU\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKCU\...\Run: [cdloader] - C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3561816 2013-11-11] (Electronic Arts)
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKCU\...\Run: [CmTray] - C:\Program Files (x86)\Content Manager\launchCM.exe [94208 2011-12-28] ()
HKCU\...\Run: [browserSafeguard] - "C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe"
HKCU\...\Run: [AVG-Secure-Search-Update_1213b] - C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=8d6b63207c3947d0af3cd1509d16823a-491969759e33ac5f836d52f702595cec4416b29d /CMPID=1213b
MountPoints2: {971af368-317f-11e3-ac76-0019dbf26bc9} - E:\LaunchU3.exe -a
HKU\UpdatusUser\...\Run: [steam] - C:\Program Files (x86)\Steam\Steam.exe [1823656 2013-12-11] (Valve Corporation)
HKU\UpdatusUser\...\Run: [cdloader] - C:\Users\User\AppData\Roaming\mjusbsp\cdloader2.exe [50592 2012-02-01] (magicJack L.P.)
HKU\UpdatusUser\...\Run: [Driver Detective] - C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false
HKU\UpdatusUser\...\Run: [setDefaultMIDI] - MIDIDef.exe
HKU\UpdatusUser\...\RunOnce: [inetReg] - "C:\Program Files (x86)\Creative\Product Registration\English\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6
AppInit_DLLs:    [ ] ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Launch Jawbone Updater.lnk
ShortcutTarget: Launch Jawbone Updater.lnk -> C:\Program Files (x86)\Jawbone\LaunchJU.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet Pro 8600.lnk
ShortcutTarget: Monitor Ink Alerts - HP Officejet Pro 8600.lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

ProxyServer: http=127.0.0.1:49179;https=127.0.0.1:49179
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.rr.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x605BF2D636DECD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO-x32: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.2.241.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll No File
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\9tbp03gf.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\\npsitesafety.dll No File
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.2.0.38

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Logitech SetPoint) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\edaibbiobngpbmeonadpbfafbkimjbdd\6.51.8_0
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM-x32\...\Chrome\Extension: [edaibbiobngpbmeonadpbfafbkimjbdd] - C:\ProgramData\Logitech\LogiSmoothChromeExt.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe [227232 2010-09-03] (McAfee, Inc.)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-02-02] ()
R2 UTSCSI; C:\Windows\SysWow64\UTSCSI.EXE [45056 2013-01-31] ()

==================== Drivers (Whitelisted) ====================

S3 androidusb; C:\Windows\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-20] (AVG Technologies)
R3 COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [151296 2007-04-12] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [252712 2007-04-10] (Creative Technology Ltd.)
R3 CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [700200 2007-04-10] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [219432 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [321832 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [190248 2007-04-10] (Creative Technology Ltd)
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [363304 2007-04-10] (Creative Technology Ltd)
S3 CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [142120 2007-04-10] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1571112 2007-04-10] (Creative Technology Ltd.)
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [123688 2007-04-10] (Creative Technology Ltd.)
R3 CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [681256 2007-04-10] (Creative Technology Ltd)
S3 libusb0; C:\Windows\System32\DRIVERS\libusb0.sys [52320 2013-08-30] (http://libusb-win32.sourceforge.net)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 SaiK0CCB; C:\Windows\System32\DRIVERS\SaiK0CCB.sys [171016 2010-04-22] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [24680 2012-10-15] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52200 2012-10-15] (Saitek)
R3 SaiU0CCB; C:\Windows\System32\DRIVERS\SaiU0CCB.sys [41096 2010-04-22] (Saitek)
S3 cpuz136; \??\C:\Users\User\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2013-12-28 11:41 - 2013-12-28 11:41 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion
2013-12-26 19:24 - 2013-12-26 19:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-12-26 19:23 - 2013-12-26 19:23 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-26 19:23 - 2013-12-26 19:23 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-26 19:23 - 2013-12-26 19:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 19:23 - 2013-12-26 19:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 19:23 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-12-26 07:44 - 2013-10-18 01:11 - 00024064 _____ C:\Windows\zoek-delete.exe
2013-12-26 07:32 - 2013-12-25 17:37 - 00087845 _____ C:\zoek-results2013-12-25-223706.log
2013-12-25 18:58 - 2013-12-25 18:59 - 00003743 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-12-25 18:40 - 2013-12-25 17:08 - 01409177 _____ C:\Users\User\Desktop\zoek.scr
2013-12-25 18:40 - 2013-12-25 17:08 - 01409177 _____ C:\Users\User\Desktop\zoek.com
2013-12-25 18:31 - 2013-12-25 17:08 - 01281024 _____ C:\Users\User\Desktop\zoek.exe
2013-12-25 17:23 - 2013-12-26 07:46 - 00088864 _____ C:\zoek-results.log
2013-12-25 17:20 - 2013-12-25 17:20 - 00023769 _____ C:\Users\User\Desktop\afterreport.txt
2013-12-25 17:15 - 2013-12-26 21:08 - 00000168 _____ C:\Windows\setupact.log
2013-12-25 17:15 - 2013-12-26 21:07 - 00004032 _____ C:\Windows\PFRO.log
2013-12-25 17:15 - 2013-12-25 17:15 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 17:06 - 2013-12-26 07:43 - 00000000 ____D C:\zoek_backup
2013-12-25 17:05 - 2013-12-25 17:05 - 04079821 _____ C:\Users\User\Desktop\zoek.zip
2013-12-25 17:05 - 2013-12-25 17:05 - 00000000 ____D C:\Users\User\Desktop\zoek
2013-12-25 08:16 - 2013-12-25 17:17 - 00000000 ____D C:\AdwCleaner
2013-12-25 08:16 - 2013-12-25 08:16 - 00001129 _____ C:\Users\User\Desktop\AdwCleaner - Shortcut.lnk
2013-12-25 08:14 - 2013-12-25 08:14 - 01233962 _____ C:\Users\User\Downloads\AdwCleaner.exe
2013-12-25 08:04 - 2013-12-25 08:04 - 00032030 _____ C:\Users\User\Documents\cc_20131225_080402.reg
2013-12-24 13:59 - 2013-12-25 18:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-24 13:59 - 2013-12-24 13:59 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-14 07:06 - 2013-12-14 07:06 - 00000000 ____D C:\Windows\Hewlett-Packard
2013-12-12 03:03 - 2013-05-10 00:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:03 - 2013-05-10 00:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:03 - 2013-05-09 23:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:03 - 2013-05-09 23:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:02 - 2013-11-26 06:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:02 - 2013-11-26 05:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:02 - 2013-11-26 05:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:02 - 2013-11-26 04:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:02 - 2013-11-26 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:02 - 2013-11-26 04:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:02 - 2013-11-26 04:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:02 - 2013-11-26 04:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:02 - 2013-11-26 04:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:02 - 2013-11-26 04:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:02 - 2013-11-26 04:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:02 - 2013-11-26 04:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:02 - 2013-11-26 04:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:02 - 2013-11-26 03:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:02 - 2013-11-26 03:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:02 - 2013-11-26 03:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:02 - 2013-11-26 03:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:02 - 2013-11-26 03:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:02 - 2013-11-26 02:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:02 - 2013-11-26 01:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:02 - 2013-11-26 01:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:02 - 2013-11-26 01:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:02 - 2013-11-26 01:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 03:01 - 2013-11-26 05:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:01 - 2013-11-26 03:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:01 - 2013-11-26 03:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:01 - 2013-11-26 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:01 - 2013-11-26 02:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:01 - 2013-11-26 02:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:01 - 2013-11-26 02:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:01 - 2013-11-26 01:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-11 14:06 - 2013-11-23 13:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-11 14:06 - 2013-11-23 12:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 14:06 - 2013-10-29 21:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 14:06 - 2013-10-29 21:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-11 14:06 - 2013-10-29 20:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 14:06 - 2013-10-18 21:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 14:06 - 2013-10-18 20:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-11 14:05 - 2013-11-11 21:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 14:05 - 2013-11-11 21:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-11 14:05 - 2013-10-11 21:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 14:05 - 2013-10-11 21:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 14:05 - 2013-10-11 21:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-11 14:05 - 2013-10-11 21:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-11 14:05 - 2013-10-11 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 14:05 - 2013-10-11 20:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 14:05 - 2013-10-11 20:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-11 14:05 - 2013-10-11 20:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-11 14:05 - 2013-10-03 21:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 14:05 - 2013-10-03 20:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 13:19 - 2013-12-11 13:19 - 08641416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-11-29 16:12 - 2013-11-29 16:12 - 00003604 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8600
2013-11-29 16:11 - 2013-12-20 18:06 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2013-11-29 16:11 - 2013-11-29 16:11 - 00002206 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2013-11-29 16:11 - 2012-10-17 04:31 - 00741480 ____N (Hewlett-Packard Co.) C:\Windows\system32\HPDiscoPM5912.dll
2013-11-29 16:09 - 2013-12-14 07:06 - 00000000 ____D C:\Program Files (x86)\HP
2013-11-29 16:09 - 2013-11-29 16:09 - 00000000 ____D C:\ProgramData\HP
2013-11-29 16:09 - 2013-11-29 16:09 - 00000000 ____D C:\Program Files\HP
2013-11-29 16:08 - 2013-11-29 16:44 - 00000000 ____D C:\Users\User\AppData\Local\HP
2013-11-29 16:08 - 2013-11-29 16:08 - 00000057 _____ C:\ProgramData\Ament.ini
2013-11-29 00:59 - 2013-11-29 00:59 - 01071584 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer11x32ax_gtba_chra_dy_aaa_aih (1).exe
2013-11-29 00:48 - 2013-11-29 00:48 - 00000000 ____D C:\Users\User\AppData\Local\BrowserSafeguard
2013-11-28 20:40 - 2013-11-28 20:45 - 00027761 _____ C:\Users\User\Downloads\Addition.txt
2013-11-28 20:39 - 2013-12-28 11:42 - 00018666 _____ C:\Users\User\Downloads\FRST.txt
2013-11-28 20:39 - 2013-12-28 11:41 - 00000000 ____D C:\FRST
2013-11-28 20:37 - 2013-12-28 11:41 - 01931176 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-11-28 20:30 - 2013-11-28 20:30 - 00002971 _____ C:\Users\User\Desktop\HiJackThis.lnk
2013-11-28 20:30 - 2013-11-28 20:30 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-11-28 20:29 - 2013-11-28 20:24 - 01402880 _____ C:\Users\User\Desktop\HiJackThis.msi
2013-11-28 20:27 - 2013-11-28 20:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-11-28 20:09 - 2013-11-28 20:09 - 00251392 _____ C:\Users\User\Downloads\hijackthis_sfx.exe

==================== One Month Modified Files and Folders =======

2013-12-28 11:42 - 2013-11-28 20:39 - 00018666 _____ C:\Users\User\Downloads\FRST.txt
2013-12-28 11:41 - 2013-12-28 11:41 - 00000000 ____D C:\Users\User\Downloads\FRST-OlderVersion
2013-12-28 11:41 - 2013-11-28 20:39 - 00000000 ____D C:\FRST
2013-12-28 11:41 - 2013-11-28 20:37 - 01931176 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2013-12-28 11:19 - 2012-12-04 11:05 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-28 10:53 - 2013-02-16 09:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-28 08:35 - 2012-12-19 17:20 - 00000000 ____D C:\ProgramData\MFAData
2013-12-28 05:08 - 2012-12-03 15:58 - 01473091 _____ C:\Windows\WindowsUpdate.log
2013-12-28 01:53 - 2013-02-16 09:12 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-26 21:15 - 2009-07-13 23:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-26 21:15 - 2009-07-13 23:45 - 00013456 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-26 21:14 - 2009-07-14 00:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-26 21:09 - 2012-12-19 17:29 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-26 21:08 - 2013-12-25 17:15 - 00000168 _____ C:\Windows\setupact.log
2013-12-26 21:08 - 2012-12-03 17:15 - 00000000 ____D C:\ProgramData\NVIDIA
2013-12-26 21:08 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-26 21:07 - 2013-12-25 17:15 - 00004032 _____ C:\Windows\PFRO.log
2013-12-26 19:24 - 2013-12-26 19:24 - 00000000 ____D C:\Users\User\AppData\Roaming\Malwarebytes
2013-12-26 19:23 - 2013-12-26 19:23 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\User\Downloads\mbam-setup-1.75.0.1300.exe
2013-12-26 19:23 - 2013-12-26 19:23 - 00001119 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-12-26 19:23 - 2013-12-26 19:23 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-26 19:23 - 2013-12-26 19:23 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-12-26 07:46 - 2013-12-25 17:23 - 00088864 _____ C:\zoek-results.log
2013-12-26 07:43 - 2013-12-25 17:06 - 00000000 ____D C:\zoek_backup
2013-12-25 18:59 - 2013-12-25 18:58 - 00003743 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-12-25 18:59 - 2013-12-24 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-25 18:51 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-12-25 18:51 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2013-12-25 17:37 - 2013-12-26 07:32 - 00087845 _____ C:\zoek-results2013-12-25-223706.log
2013-12-25 17:20 - 2013-12-25 17:20 - 00023769 _____ C:\Users\User\Desktop\afterreport.txt
2013-12-25 17:17 - 2013-12-25 08:16 - 00000000 ____D C:\AdwCleaner
2013-12-25 17:15 - 2013-12-25 17:15 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 17:08 - 2013-12-25 18:40 - 01409177 _____ C:\Users\User\Desktop\zoek.scr
2013-12-25 17:08 - 2013-12-25 18:40 - 01409177 _____ C:\Users\User\Desktop\zoek.com
2013-12-25 17:08 - 2013-12-25 18:31 - 01281024 _____ C:\Users\User\Desktop\zoek.exe
2013-12-25 17:05 - 2013-12-25 17:05 - 04079821 _____ C:\Users\User\Desktop\zoek.zip
2013-12-25 17:05 - 2013-12-25 17:05 - 00000000 ____D C:\Users\User\Desktop\zoek
2013-12-25 08:16 - 2013-12-25 08:16 - 00001129 _____ C:\Users\User\Desktop\AdwCleaner - Shortcut.lnk
2013-12-25 08:14 - 2013-12-25 08:14 - 01233962 _____ C:\Users\User\Downloads\AdwCleaner.exe
2013-12-25 08:04 - 2013-12-25 08:04 - 00032030 _____ C:\Users\User\Documents\cc_20131225_080402.reg
2013-12-25 08:03 - 2013-11-19 22:36 - 00000000 ____D C:\Program Files (x86)\PDFCreator
2013-12-25 08:02 - 2013-11-27 11:23 - 00000828 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-25 08:02 - 2013-11-27 11:23 - 00000000 ____D C:\Program Files\CCleaner
2013-12-24 13:59 - 2013-12-24 13:59 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\Users\User\AppData\Local\Mozilla
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\ProgramData\Mozilla
2013-12-24 13:59 - 2013-12-24 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-20 18:06 - 2013-11-29 16:11 - 00000000 ____D C:\Users\User\AppData\Roaming\HpUpdate
2013-12-17 17:00 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-16 03:02 - 2013-07-15 02:00 - 00000000 ____D C:\Windows\system32\MRT
2013-12-16 03:00 - 2012-12-03 17:31 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-14 07:06 - 2013-12-14 07:06 - 00000000 ____D C:\Windows\Hewlett-Packard
2013-12-14 07:06 - 2013-11-29 16:09 - 00000000 ____D C:\Program Files (x86)\HP
2013-12-12 03:58 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2013-12-12 03:21 - 2009-07-13 23:45 - 00414704 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 03:03 - 2013-09-09 19:45 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 13:19 - 2013-12-11 13:19 - 08641416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 13:19 - 2012-12-04 11:05 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 13:19 - 2012-12-04 11:05 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-11 13:19 - 2012-12-04 11:05 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-03 01:48 - 2013-02-16 09:12 - 00003890 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-12-03 01:48 - 2013-02-16 09:12 - 00003638 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-11-29 16:44 - 2013-11-29 16:08 - 00000000 ____D C:\Users\User\AppData\Local\HP
2013-11-29 16:17 - 2012-12-03 15:59 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-29 16:12 - 2013-11-29 16:12 - 00003604 _____ C:\Windows\System32\Tasks\HPCustParticipation HP Officejet Pro 8600
2013-11-29 16:11 - 2013-11-29 16:11 - 00002206 _____ C:\Users\Public\Desktop\HP Officejet Pro 8600.lnk
2013-11-29 16:09 - 2013-11-29 16:09 - 00000000 ____D C:\ProgramData\HP
2013-11-29 16:09 - 2013-11-29 16:09 - 00000000 ____D C:\Program Files\HP
2013-11-29 16:08 - 2013-11-29 16:08 - 00000057 _____ C:\ProgramData\Ament.ini
2013-11-29 01:01 - 2012-12-04 11:13 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
2013-11-29 00:59 - 2013-11-29 00:59 - 01071584 _____ (Solid State Networks) C:\Users\User\Downloads\install_flashplayer11x32ax_gtba_chra_dy_aaa_aih (1).exe
2013-11-29 00:48 - 2013-11-29 00:48 - 00000000 ____D C:\Users\User\AppData\Local\BrowserSafeguard
2013-11-28 20:45 - 2013-11-28 20:40 - 00027761 _____ C:\Users\User\Downloads\Addition.txt
2013-11-28 20:30 - 2013-11-28 20:30 - 00002971 _____ C:\Users\User\Desktop\HiJackThis.lnk
2013-11-28 20:30 - 2013-11-28 20:30 - 00000000 ____D C:\Program Files (x86)\Trend Micro
2013-11-28 20:30 - 2013-11-28 20:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2013-11-28 20:27 - 2012-12-03 15:59 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore
2013-11-28 20:24 - 2013-11-28 20:29 - 01402880 _____ C:\Users\User\Desktop\HiJackThis.msi
2013-11-28 20:09 - 2013-11-28 20:09 - 00251392 _____ C:\Users\User\Downloads\hijackthis_sfx.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2013-12-20 00:38

==================== End Of Log ============================

 

No, I am not sure about the proxy server.....quite honestly I am not sure what those are anyways.. I know that they are a destination but other than that, not sure.. sorry.

[kevinf80]

You`ve posted FRST.txt again and not Addition.txt as requested?

[Billiam]

okay, I am not sure where to get that one..

[Billiam]

found it...

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2013 01
Ran by User at 2013-12-28 15:37:12
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Reader XI (11.0.05) (x32 Version: 11.0.05)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
AVG 2014 (Version: 14.0.3658)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
Battlefield 3™ (x32 Version: 1.5.0.0)
Battlelog Web Plugins (x32 Version: 2.1.2)
Bing Bar (x32 Version: 7.2.241.0)
Bonjour (Version: 3.0.0.10)
Call of Duty: Black Ops - Multiplayer (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II (x32)
Call of Duty: Modern Warfare 3 - Dedicated Server (x32)
Call of Duty: Modern Warfare 3 - Multiplayer (x32)
Call of Duty: Modern Warfare 3 (x32)
CCleaner (Version: 4.09)
Content Manager (x32 Version: 2.70)
Cool Reader version 3.0.56 (x32 Version: 3.0.56)
CPUID CPU-Z 1.62
Creative ALchemy (x32 Version: 1.43)
Creative Audio Console (x32 Version: 1.33)
Creative Software AutoUpdate (x32 Version: 1.40)
eReg (x32 Version: 1.20.138.34)
ESN Sonar (x32 Version: 0.70.4)
Google Chrome (x32 Version: 31.0.1650.57)
Google Drive (x32 Version: 1.12.5329.1887)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.22.3)
HiJackThis (x32 Version: 1.0.0)
HP Officejet Pro 8600 Basic Device Software (Version: 28.0.1315.0)
HP Officejet Pro 8600 Help (x32 Version: 28.0.0)
HP Officejet Pro 8600 Product Improvement Study (Version: 28.0.1315.0)
HP Update (x32 Version: 5.005.000.002)
I.R.I.S. OCR (x32 Version: 12.3.4.0)
iCloud (Version: 3.1.0.40)
iTunes (Version: 11.1.3.8)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Jawbone Updater (x32 Version: 0.1)
Logitech Gaming Software (Version: 8.40.83)
Logitech Gaming Software 8.40 (Version: 8.40.83)
Logitech SetPoint 6.51 (Version: 6.51.8)
M.M.O.7 Update Tool (x32 Version: 1.1.1)
magicJack (HKCU Version: 2.0.6073.4413)
magicJack Recovery Tool 1.0 (x32)
Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Security Scan Plus (x32 Version: 2.1.121.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
NVIDIA 3D Vision Controller Driver 310.70 (Version: 310.70)
NVIDIA 3D Vision Driver 311.06 (Version: 311.06)
NVIDIA Control Panel 311.06 (Version: 311.06)
NVIDIA Graphics Driver 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenAL (x32)
Origin (x32 Version: 9.1.11.2678)
PDF Architect (x32 Version: 1.1.83.9982)
PDFCreator (x32 Version: 1.7.1)
PunkBuster Services (x32 Version: 0.991)
QuickTime (x32 Version: 7.74.80.86)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6662)
Smart Technology Programming Software 7.0.23.0 (Version: 7.0.23.0)
Steam (x32 Version: 1.0.0.0)
swMSM (x32 Version: 12.0.0.1)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Access 2007 Help (KB963663) (x32)
Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)
Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (x32)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)
Update for Microsoft Office Script Editor Help (KB963671) (x32)
Update for Microsoft Office Word 2007 Help (KB963665) (x32)
Ventrilo Client for Windows x64 (Version: 3.0.8.0)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
Windows Mobile Device Center (Version: 6.1.6965.0)

==================== Restore Points  =========================

08-12-2013 05:00:01 Scheduled Checkpoint
12-12-2013 08:00:24 Windows Update
12-12-2013 09:41:37 Removed ScorpionSaver
12-12-2013 09:42:19 Removed ScorpionSaver Services
16-12-2013 08:00:13 Windows Update
24-12-2013 05:54:19 Scheduled Checkpoint
24-12-2013 13:59:30 Windows Update
24-12-2013 14:00:20 Removed ScorpionSaver
24-12-2013 14:01:03 Removed ScorpionSaver Services
25-12-2013 12:59:36 Windows Defender Checkpoint
25-12-2013 13:04:39 Removed ScorpionSaver Services
25-12-2013 22:23:16 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {12EE9007-A2B9-419F-A017-F31F4811AFF1} - System32\Tasks\{6A2D1831-6F68-4DFC-9D42-FDF732B9DBC1} => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe [2013-02-14] (EA Digital Illusions CE AB)
Task: {21F9A3D7-796D-4EE4-91E6-B37F57C3B964} - System32\Tasks\{CE2A6C29-4C2D-4F61-B3B3-706E6B85EBF1} => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe [2013-02-14] (EA Digital Illusions CE AB)
Task: {6D73D80E-8B4B-41F2-B143-5EA37E85B074} - System32\Tasks\{50AD2F92-7B85-400A-A3F3-C9680FBE1509} => C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe [2013-02-14] (EA Digital Illusions CE AB)
Task: {8B1F3781-2CE1-4B93-ABCD-838D87E0522C} - \Escolade No Task File
Task: {8F13C1FD-8C65-45EB-B47A-8E02A8F34988} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {A64550EF-DFAC-4C41-BAAD-B74D7E0B5A12} - \RunAsStdUser Task No Task File
Task: {A908CA2B-ABB4-4FB6-BCC4-367E920F6EE0} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe <==== ATTENTION
Task: {AC0D48BE-5AB5-4AC8-836C-130238ACC0C0} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {AD8E8EA9-3B54-4F22-A057-97D840402EDB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {B3890446-4F31-4C8D-856B-90EAFE688FD6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16] (Google Inc.)
Task: {BDE688AE-30E1-40B0-8694-C6AB848F5CAA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D2C3A679-473C-4C09-A813-504071093503} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe
Task: {DF9D9EFB-741F-4ADC-B900-B9D79A4EE7B8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-16] (Google Inc.)
Task: {F5342CAC-EDF6-41AE-9725-E6CF988CB3BE} - \Funmoods No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-12-03 17:15 - 2013-01-18 10:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 18:51 - 2013-09-13 18:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-12 16:10 - 2013-11-06 16:48 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-12-19 17:32 - 2013-12-11 14:40 - 01135016 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-12-19 17:32 - 2013-11-06 16:48 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-12-19 17:32 - 2013-06-14 18:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-12-19 17:32 - 2013-06-14 18:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-12-19 17:32 - 2013-06-14 18:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-09-14 00:51 - 2013-09-14 00:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 00:50 - 2013-09-14 00:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2009-02-26 12:46 - 2009-02-26 12:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 10:46 - 2011-06-22 10:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2012-12-18 14:08 - 2012-12-18 14:08 - 14588632 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\NPSWF32.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2013 07:35:50 PM) (Source: Application Hang) (User: )
Description: The program iTunes.exe version 11.1.3.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1d14

Start Time: 01cf035f45c6ed78

Termination Time: 25

Application Path: C:\Program Files (x86)\iTunes\iTunes.exe

Report Id:

Error: (12/27/2013 05:04:05 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428, time stamp: 0x525b664c
Faulting module name: nvwgf2um.dll, version: 9.18.13.1106, time stamp: 0x50f9458d
Exception code: 0xc0000005
Fault offset: 0x001a2519
Faulting process id: 0x23c4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (12/25/2013 05:16:11 PM) (Source: Windows Search Service) (User: )
Description: The index cannot be initialized.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/25/2013 05:16:11 PM) (Source: Windows Search Service) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/25/2013 05:16:11 PM) (Source: Windows Search Service) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/25/2013 05:16:11 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 Element not found.  (HRESULT : 0x80070490) (0x80070490)

Error: (12/25/2013 05:16:08 PM) (Source: Windows Search Service) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/25/2013 05:16:08 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
 The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (12/25/2013 05:16:08 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (12/25/2013 05:16:08 PM) (Source: Windows Search Service) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.

Details:
 The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)

System errors:
=============
Error: (12/26/2013 10:20:18 PM) (Source: DCOM) (User: User-PC)
Description: application-specificLocalActivation{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}User-PCUserS-1-5-21-1525555391-1446012260-2589697447-1000LocalHost (Using LRPC)

Error: (12/26/2013 10:20:18 PM) (Source: DCOM) (User: User-PC)
Description: application-specificLocalActivation{145B4335-FE2A-4927-A040-7C35AD3180EF}{145B4335-FE2A-4927-A040-7C35AD3180EF}User-PCUserS-1-5-21-1525555391-1446012260-2589697447-1000LocalHost (Using LRPC)

Error: (12/26/2013 09:10:16 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (12/26/2013 09:10:16 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (12/26/2013 09:07:35 PM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (12/26/2013 07:48:51 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (12/26/2013 07:48:51 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (12/26/2013 07:46:51 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
lsnfd

Error: (12/26/2013 07:46:05 AM) (Source: Microsoft-Windows-Kernel-Processor-Power) (User: NT AUTHORITY)
Description: Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware.

Error: (12/26/2013 07:40:36 AM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2012-12-31 15:25:11.874
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\CTAUD2K.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:25:11.812
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\CTAUD2K.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:23:22.272
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\CTAUD2K.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:23:22.232
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\CTAUD2K.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:22:45.387
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPSY.DLL because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:22:45.351
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPSY.DLL because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:22:44.737
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPIO.DLL because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:22:44.701
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPIO.DLL because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:22:43.496
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPFX.DLL because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-12-31 15:22:43.459
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\{EF7AEA4C-EC87-45fd-A909-47D0136316DE}##CTEDSPFX.DLL because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 4095.35 MB
Available physical RAM: 1858.17 MB
Total Pagefile: 8188.88 MB
Available Pagefile: 5585.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:233.66 GB) (Free:110.1 GB) NTFS
Drive d: (FAST_AND_FURIOUS_TOKYO_DRIFT    ) (CDROM) (Total:7.62 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 234 GB) (Disk ID: 8E7E8E7E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=234 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[kevinf80]

Thanks for logs, ok we continue:

 

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Post the produced logs, let me know if any remaining issues or concerns...

 

Kevin

 

fixlist.txt

[Billiam]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2013 01
Ran by User at 2013-12-28 18:18:33 Run:1
Running from C:\Users\User\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\Run: [browserSafeguard] - "C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe"
C:\Program Files (x86)\Browsersafeguard
ProxyServer: http=127.0.0.1:49179;https=127.0.0.1:49179
Task: {A908CA2B-ABB4-4FB6-BCC4-367E920F6EE0} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe <==== ATTENTION
Task: {F5342CAC-EDF6-41AE-9725-E6CF988CB3BE} - \Funmoods No Task File
End

 

*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\BrowserSafeguard => Value deleted successfully.
"C:\Program Files (x86)\Browsersafeguard" => File/Directory not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A908CA2B-ABB4-4FB6-BCC4-367E920F6EE0} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A908CA2B-ABB4-4FB6-BCC4-367E920F6EE0} => Key deleted successfully.
C:\Windows\System32\Tasks\BrowserSafeguard Update Task => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserSafeguard Update Task => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F5342CAC-EDF6-41AE-9725-E6CF988CB3BE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F5342CAC-EDF6-41AE-9725-E6CF988CB3BE} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Funmoods => Key deleted successfully.

==== End of Fixlog ====

[kevinf80]

Do you have logs from Malwarebytes and Security checks?

[Billiam]

 Results of screen317's Security Check version 0.99.77 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
AVG AntiVirus Free Edition 2014  
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300 
 Java 7 Update 25 
 Java version out of Date!
 Adobe Reader XI 
 Mozilla Firefox (26.0)
 Google Chrome 30.0.1599.101 
 Google Chrome 31.0.1650.57 
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbamgui.exe 
 AVG avgwdsvc.exe
 Malwarebytes' Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 

[Billiam]

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.12.28.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
User :: USER-PC [administrator]

Protection: Enabled

12/28/2013 6:21:07 PM
mbam-log-2013-12-28 (18-21-07).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 383997
Time elapsed: 47 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 9
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Amazon Browser Bar\search_protect.exe.vir (PUP.Optional.Searchprotect) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir (PUP.Optional.Conduit) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptimizerPro.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProGuard.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProReminder.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSchedule.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProSmartScan.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProStart.exe.vir (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.
C:\AdwCleaner\Quarantine\C\Windows\System32\AdpeakProxy64.dll.vir (PUP.Optional.Adpeak) -> Quarantined and deleted successfully.

(end)
 

[kevinf80]

Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.

Please follow these steps to remove older version of Java components and upgrade the application.

 

Upgrading Java:

 

Go to http://java.com/en/ and click on "Do I have Java"

It will check your current version and then offer to update to the latest version

Watch for and make sure you untick the box next to whatever free program they prompt you to install during the installation, unless you want it.

 

***Note: Check in Programs and Features (or Add/Remove Programs if you are an XP user) to make certain there are no old versions of Java still installed, if so - remove them.

 

Next,

 

We still need to run an online AV scan to ensure there are no remnants of any infection left on your system that we may have missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 

• Turn off the real time scanner of any existing antivirus program while performing the online scan
  
• click on the Run ESET Online Scanner button
  
• Tick the box next to YES, I accept the Terms of Use.
  Click Start
  
• When asked, allow the add/on to be installed
  Click Start
  
• Make sure that the option Remove found threats is unticked
  
• Click on Advanced Settings, ensure the options
  
• Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  Click Scan
  
• wait for the virus definitions to be downloaded
  
• Wait for the scan to finish
  

 

When the scan is complete

 

• If no threats were found
  
• put a checkmark in "Uninstall application on close"
  
• close program
  
• report to me that nothing was found
  

 

If threats were found

 

• click on "list of threats found"
  
• click on "export to text file" and save it as ESET SCAN and save to the desktop
  
• Click on back
  
• put a checkmark in "Uninstall application on close"
  
• click on finish
  

 

close program

 

copy and paste the report in next reply

 

Also let me know if there are any remaining issues or concerns...

 

Kevin

[Billiam]

Okay, I have updated Java and removed the older version...

 

I am currently running the online scan. Which I had trouble "Running", when clicking "run" it would not do anything.. so I clicked save and ran it from there, not sure if that will give us the result but it is running now and it has found some threats.. Log to follow..

[Billiam]

here is the log...

 

 

C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher32.exe.vir a variant of Win32/AdWare.Adpeak.B application
C:\AdwCleaner\Quarantine\C\Program Files\Level Quality Watcher\v1.01\levelqualitywatcher64.exe.vir a variant of Win64/Adware.Adpeak.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FLV_Runner\FLV_RunnerToolbarHelper.exe.vir Win32/Toolbar.Conduit.Q application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FLV_Runner\ldrtbFLV_.dll.vir a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FLV_Runner\prxtbFLV_.dll.vir Win32/Toolbar.Conduit.O application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FLV_Runner\tbFLV_.dll.vir a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Games_Bar_A\ldrtbGame.dll.vir a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Games_Bar_A\tbGame.dll.vir a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\optimizer pro\OptProLauncher.exe.vir a variant of Win32/AdWare.SpeedingUpMyPC.D application
C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.dll.vir Win32/Bundled.Toolbar.Ask.B application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\Local\Conduit\CT3201318\FLV_RunnerAutoUpdateHelper.exe.vir Win32/Toolbar.Conduit.Q application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\LocalLow\FLV_Runner\ldrtbFLV_.dll.vir a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\LocalLow\FLV_Runner\tbFLV_.dll.vir a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\LocalLow\FLV_Runner\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\LocalLow\Games_Bar_A\ldrtbGame.dll.vir a variant of Win32/Toolbar.Conduit.P application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\LocalLow\Games_Bar_A\tbGame.dll.vir a variant of Win32/Toolbar.Conduit.B application
C:\AdwCleaner\Quarantine\C\Users\User\AppData\LocalLow\Games_Bar_A\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.8\bin\PriceGongIE.dll.vir a variant of Win32/PriceGong.A application
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Default\aadadagbgfdigdgbdhgcgedfgbdagfdd\background.js Win32/TrojanDownloader.Tracur.V trojan
C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Default\aadadagbgfdigdgbdhgcgedfgbdagfdd\ContentScript.js Win32/TrojanDownloader.Tracur.AD trojan
C:\Users\User\Desktop\PDFCreator-1_7_1_setup.exe Win32/OpenCandy application
C:\Users\User\Downloads\cpu-z_1.62-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Windows\System32\Adobe\Shockwave 11\gt.exe Win32/Bundled.Toolbar.Google.D application
C:\Windows\SysWOW64\Adobe\Shockwave 11\gt.exe Win32/Bundled.Toolbar.Google.D application
 

[kevinf80]

Thanks for the log, we continue...

 

Download OTM from either of the following links and save to your Desktop: (If your security alerts to OTM, either accept the alert or turn off security to allow OTM to run)

http://oldtimer.geekstogo.com/OTM.exe.
http://www.itxassociates.com/OT-Tools/OTM.com
http://www.itxassociates.com/OT-Tools/OTM.exe  

Double click OTM.exe to start the tool. Vista or Windows 7 users accepy UAC alert. Be aware all processes will be stopped during run, also Desktop will disappear, this will be put back on completion.... If your security alerts to OTM either, accept the alert or turn off security until OTM completes...

• Copy the text from the code box belowbelow to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy). Ensure to start with and include the colon before Files :Files
  
  

  :FilesC:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Default\aadadagbgfdigdgbdhgcgedfgbdagfdd\background.jsC:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Default\aadadagbgfdigdgbdhgcgedfgbdagfdd\ContentScript.jsC:\Users\User\Desktop\PDFCreator-1_7_1_setup.exeC:\Users\User\Downloads\cpu-z_1.62-setup-en.exe:Commands[EmptyTemp]

• Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window (under the yellow bar) and choose Paste.
• Click the red button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTM
  

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

If the machine reboots, the Results log can be found here:

c:\_OTMoveIt\MovedFiles\mmddyyyy_hhmmss.log

Where mmddyyyy_hhmmss is the date of the tool run.
 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

Let me see those logs, also give update on any remaining issues or concerns...

 

Kevin

[Billiam]

:Files C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Default\aadadagbgfdigdgbdhgcgedfgbdagfdd\background.js C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Default\aadadagbgfdigdgbdhgcgedfgbdagfdd\ContentScript.js C:\Users\User\Desktop\PDFCreator-1_7_1_setup.exe C:\Users\User\Downloads\cpu-z_1.62-setup-en.exe :Commands [EmptyTemp