Audio ads and music playing from Host process for windows services

whatzitooya123 · January 3, 2014

This is rather agitating. My pc last night during a skype call shut down for no reason and booted back up shortly afterwords. Everything seemed fine then I start hearing an ad out of nowhere. Help would be greatly appreciated.

MrCharlie · January 3, 2014

Welcome to the forum, please start HERE

Post back the 2 logs here.....DDS.txt and Attach.txt (DDS won't run on W8)

(please don't put logs in code or quotes and use the default font)

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.

<====><====><====><====><====><====><====><====>

Next................

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

(If I don't respond within 24 hours, please send me a PM)

whatzitooya123 · January 3, 2014

Here are the logs for DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.17267 BrowserJavaVersion: 10.45.2
Run by Travis at 15:10:44 on 2014-01-03
Microsoft Windows 7 Home Premium   6.1.7600.0.932.81.1033.18.8119.4654 [GMT -6:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\Travis\AppData\Local\Akamai\netsession_win.exe
C:\Users\Travis\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe
C:\Users\Travis\AppData\Roaming\Verizon\UA_ar\UA.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Travis\Desktop\mbar\mbar.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\mswinext.exe
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uProxyOverride = <local>
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
uURLSearchHooks: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
uURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
uURLSearchHooks: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
uURLSearchHooks: Somoto V.1 Toolbar: {e306aaa2-3b4f-4802-9faf-0c10ab78b589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
mURLSearchHooks: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
mURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
mURLSearchHooks: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
mURLSearchHooks: Somoto V.1 Toolbar: {e306aaa2-3b4f-4802-9faf-0c10ab78b589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Coupon Companion: {11111111-1111-1111-1111-110011441193} - C:\Program Files (x86)\Coupon Companion\Coupon Companion.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {8232785C-5C98-4A6E-B7B4-911FFBED7582} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Travis\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: Somoto V.1 Toolbar: {e306aaa2-3b4f-4802-9faf-0c10ab78b589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
BHO: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
BHO: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
TB: midicairus Toolbar: {EFB1E45A-148D-40F9-A3F0-09D5577F9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: IMVU Inc Toolbar: {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
TB: MixiDJ V37 Toolbar: {EEF3855C-FC2D-41E6-8D91-D368F51B3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: Somoto V.1 Toolbar: {E306AAA2-3B4F-4802-9FAF-0C10AB78B589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
TB: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
TB: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
TB: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: Somoto V.1 Toolbar: {e306aaa2-3b4f-4802-9faf-0c10ab78b589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
TB: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Travis\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\Travis\AppData\Local\Akamai\netsession_win.exe"
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [updReg] C:\Windows\UpdReg.EXE
mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
dRunOnce: [spUninstallDeleteDir] rmdir /s /q "C:\Windows\System32\config\systemprofile\AppData\Roaming\SearchProtect"
StartupFolder: C:\Users\Travis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERA~1.LNK - C:\Users\Travis\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
StartupFolder: C:\Users\Travis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK -
StartupFolder: C:\Users\Travis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERIZO~1.LNK -
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

TCP: NameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{5807D682-7202-45E1-9997-A71D4BFB0E64} : DHCPNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\2h32hi3a.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll
FF - plugin: C:\Program Files (x86)\FilmFanaticEI\Installr\2.bin\NPpaEISb.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-28a069d7dccb4f92\NPRobloxProxy.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
FF - plugin: C:\ProgramData\id Software\QuakeLive\npquakezero.dll
FF - plugin: C:\Users\Travis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-11-10 55856]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-3 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2011-3-10 181760]
R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2011-3-10 55296]
R2 DAZContentManagementService;DAZ Content Management Service;C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [2012-3-11 22528]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 FastFreeConverterUpdt;FastFreeConverterUpdt;C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe [2013-7-29 193024]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-2-18 9216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-6 418376]
R2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-1-3 3921880]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-1-3 171416]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-11-10 689472]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2011-3-10 291352]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-8 1771544]
R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-7-1 185856]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-11-10 56344]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-11-10 271872]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-11-10 321064]
R3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-1-3 89304]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-3-13 25928]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-1-3 117464]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-6 39200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-6 701512]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-1-3 1042272]
S2 SessionLauncher;SessionLauncher; [x]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 BRDriver64;BRDriver64;C:\ProgramData\BitRaider\BRDriver64.sys [2013-9-6 75048]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2013-7-30 484592]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-6-4 103448]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-11-10 158976]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-6-4 203672]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-15 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2013-8-19 14544]
S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-10 13336]
S4 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-6 15125280]
.
=============== Created Last 30 ================
.
2014-01-03 20:09:12   117464   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-01-03 17:39:14   21040   ----a-w-   C:\Windows\System32\sdnclean64.exe
2014-01-03 17:39:10   --------   d-----w-   C:\ProgramData\Spybot - Search & Destroy
2014-01-03 17:39:03   --------   d-----w-   C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-03 07:59:20   --------   d-----w-   C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-03 07:58:40   89304   ----a-w-   C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-03 06:58:32   --------   d-----w-   C:\TDSSKiller_Quarantine
2013-12-24 08:51:35   --------   d-----w-   C:\Users\Travis\AppData\Local\SearchProtect
2013-12-09 18:22:19   --------   d-----w-   C:\Users\Travis\AppData\Local\WarThunder
2013-12-09 18:22:19   --------   d-----w-   C:\ProgramData\WarThunder
.
==================== Find3M ====================
.
2013-12-11 01:15:41   71048   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 01:15:41   692616   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2013-11-11 02:06:54   46368   ----a-w-   C:\Windows\System32\drivers\avgtpx64.sys
2013-11-08 20:47:40   1064224   ----a-w-   C:\Windows\System32\nvspcap64.dll
2013-11-08 20:47:39   955168   ----a-w-   C:\Windows\SysWow64\nvspcap.dll
2013-11-06 03:55:48   150808   ----a-w-   C:\Windows\System32\drivers\avgdiska.sys
2013-11-05 03:52:42   240920   ----a-w-   C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-01 05:00:18   212280   ----a-w-   C:\Windows\System32\drivers\avgldx64.sys
2013-11-01 04:49:46   294712   ----a-w-   C:\Windows\System32\drivers\avgloga.sys
2013-10-25 06:54:05   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-25 04:25:58   194872   ----a-w-   C:\Windows\System32\drivers\avgidsha.sys
2013-10-23 09:02:36   589600   ----a-w-   C:\Windows\SysWow64\nvStreaming.exe
2013-10-23 08:20:08   6669600   ----a-w-   C:\Windows\System32\nvcpl.dll
2013-10-23 08:20:07   3489568   ----a-w-   C:\Windows\System32\nvsvc64.dll
2013-10-23 08:20:05   922912   ----a-w-   C:\Windows\System32\nvvsvc.exe
2013-10-23 08:20:05   63776   ----a-w-   C:\Windows\System32\nvshext.dll
2013-10-23 08:20:05   219424   ----a-w-   C:\Windows\System32\nvmctray.dll
.
============= FINISH: 15:13:20.96 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/13/2010 2:26:15 PM
System Uptime: 1/3/2014 2:40:45 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0G3HR7
Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 921 GiB total, 313.068 GiB free.
D: is CDROM (UDF)
F: is Removable
G: is Removable
H: is Removable
J: is Removable
K: is CDROM ()
N: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Microsoft WPD Enhanced Storage Password Driver
Device ID: ROOT\UNKNOWN\0000
Manufacturer: (Enhanced Storage Device)
Name: Microsoft WPD Enhanced Storage Password Driver
PNP Device ID: ROOT\UNKNOWN\0000
Service: WUDFRd
.
Class GUID:
Description:
Device ID: ACPI\PNP0C0F\1
Manufacturer:
Name:
PNP Device ID: ACPI\PNP0C0F\1
Service:
.
==== System Restore Points ===================
.
RP877: 1/3/2014 2:37:49 PM - Malwarebytes Anti-Rootkit Restore Point
.
==== Installed Programs ======================
.
Leawo PSP Video Converter version 3.1.0.0
1ClickDownloader
カスタム少女
64 Bit HP CIO Components Installer
7-Zip 9.20
7-Zip 9.21 (x64 edition)
aaa
AccessDiver v4.281
Ace of Spades
Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6
Age of Empires II: HD Edition
Age of Wonders: Shadow Magic
Akamai NetSession Interface
Amnesia - The Dark Descent
Amnesia: The Dark Descent
Angry Birds Space
AOE2ColorFix (remove only)
Apple Application Support
Apple Software Update
applicationupdater
AppsHat Mobile Apps
Artificial Girl 3
Ask Toolbar
Ask Toolbar Updater
Auslogics BoostSpeed
Auslogics Disk Defrag
AVG 2014
AVG Security Toolbar
Battlefront Extreme 2.2
Battlelog Web Plugins
Beat Hazard
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center
Bing Bar
Bing Bar Platform
BioShock 2
BioShock Infinite
BitRaider Web Client
blinkx beat
Blockscape Phase 1 (beta)
Breath of Death VII
Bundled software uninstaller
Cave Story Deluxe version 1.13
Cave Story+
CBR Reader
CCleaner
Chantelise
Chivalry: Medieval Warfare
Cisco Connect
Clownfish for Skype
Command & Conquer The First Decade
Command &&& Conquer Red Alert 2 - Yuri's Revenge - Launch Base
Command and Conquer: Red Alert 3
Company of Heroes
Company of Heroes (New Steam Version)
Company of Heroes 2
Compatibility Pack for the 2007 Office system
Cortex Command
Coupon Companion
Creation Kit
Creative WebCam Center
DAZ Content Management Service
DAZ Studio 4.5 (64bit)
Dead Rising 2
Dead Space? 3
DefaultTab
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Support Center
Descent and Descent 2
DirectXInstallService
DivX Setup
DOOM II: Hell on Earth
Doomsday Engine 1.9.0-beta6.9
Download Manager 2.3.10
Dr. Lunatic Supreme With Cheese v7.7
Dragon Age: Origins
Dragon Age: Origins - Ultimate Edition
DS4 Default Content
Dual-Core Optimizer
Duke Nukem - Manhattan Project
Duke Nukem 3D: Megaton Edition
Dungeons of Dredmor
Earth 2150 Trilogy
ESN Sonar
Fallout
Fallout 3 - The Garden of Eden Creation Kit
Fallout 3 - Unofficial Fallout 3 Patch
Fallout 3: Little Boy
Fallout Mod Manager 0.12.6
Fallout: New Vegas
Fast Free Converter
FilesFrog Update Checker
Filter Forge 3.013
Final DOOM
FINAL FANTASY VII
Firebird SQL Server - MAGIX Edition
Floris Mod Pack 2.54
FLV Player
Flyff version V18
Fort・Agent
Francesco's leveled creatures-items mod 4.5b
GameFly
gamelauncher-ps2-live
GameRanger
GameSpy Arcade
GameStop App
GeForce Experience NvStream Client Components
GetNZB version 0.617
GetSavin
GIMP 2.6.11
GOG.com Downloader version 3.6.0
GrabIt 1.7.2 Beta 6 (build 1008)
Half-Life 2 Awakening 1.1
Half-Life Source HD
Happy Cloud Client
Hero Editor V0.96
Hi-Rez Studios Authenticate and Update Service
Hitman 2: Silent Assassin
Hitman: Absolution
Hitman: Blood Money
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hyrule Total War 3 Part 1
Hyrule Total War 3 Part 2
Hyrule Total War 3 Part 3
Hyrule Total War 3 Patch
ILLUSION Sexyフラッシュ
IMVU Inc Toolbar
Inspiration Pad Pro 2.01a
Intel AppUp(SM) center
Intel® Control Center
Intel® Rapid Storage Technology
Japanese Language Support
Java 7 Update 17 (64-bit)
Java 7 Update 45
Java Auto Updater
Java 6 Update 20 (64-bit)
Junk Mail filter update
K-Lite Codec Pack 9.9.5 (Basic)
Katawa Shoujo
League of Legends
Lightning Warrior Raidy
Logitech Gaming Software 5.10
MAGIX Screenshare
MAGIX Speed burnR (MSI)
Malwarebytes Anti-Malware version 1.75.0.1300
Mark of the Ninja
Master Levels for DOOM II
Max Uninstaller version 2.0
McAfee Security Scan Plus
Media Player Classic - Home Cinema v1.5.2.3456
MediaFireDownloader
Medieval II Total War
Medieval II Total War Kingdoms
Medieval II: Total War
Medieval II: Total War Kingdoms
Metro 2033
Metro: Last Light
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft IntelliPoint 8.2
Microsoft Office 2010
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft Visual C++ Run Time Lib Setup
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
midicairus Toolbar
MixiDJ V37 Toolbar
MKV Player 2.0.1
Mount & Blade: Warband
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
Mumble 1.2.3
Nexus Mod Manager
NifSkope (remove only)
NSIS Hisoutensoku English
NVIDIA 3D Vision Controller Driver 331.65
NVIDIA 3D Vision Driver 331.65
NVIDIA Control Panel 331.65
NVIDIA GeForce Experience 1.7.1
NVIDIA Graphics Driver 331.65
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Photoshop Plug-ins 64 bit
NVIDIA PhysX
NVIDIA ShadowPlay 9.3.21
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 9.3.21
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.9
Oblivion - Horse Armor Pack
Oblivion - Mehrunes Razor
Oblivion - Orrery
Oblivion - Spell Tomes
Oblivion - The Fighter's Stronghold
Oblivion - Thieves Den
Oblivion - TweakOblivion 5.10 (Build:370)
Oblivion - Vile Lair
Oblivion - Wizard's Tower
Oblivion mod manager 1.1.12
OpenAL
OpenRA
Opera 12.14
Origin
Painkiller Overdose
Paint.NET v3.5.10
Pando Media Booster
PDF Settings CS5
Penny Arcade's On the Rain-Slick Precipice of Darkness 3
Pepakura Viewer 3
PHANTASY STAR ONLINE 2
PhotoScape
Populous
Portforward Static IP Address 1.0.45
PS_AIO_05_C4600_Software_Min
PSP Action Replay
PunkBuster Services
Python 2.5 comtypes-0.6.2
Python 2.5 PIL-1.1.6
Python 2.5 psyco-1.6
Python 2.5 pywin32-216
Python 2.5.2
Python 2.6 comtypes-0.6.2
Python 2.6 psyco-1.6
Python 2.6 pywin32-214
Quake
Quake II
Quake II: Ground Zero
Quake II: The Reckoning
Quake Live Mozilla Plugin
Quake Mission Pack 1: Scourge of Armagon
QuickTime
RAR Password Cracker 4.12
RAR Password Recovery v1.1 RC17 (remove only)
Razer Game Booster
REACTOR
Realtek High Definition Audio Driver
Recettear: An Item Shop's Tale
Republic at War 1.1.5
Revo Uninstaller 1.94
Rise of Nations
Rise of the Triad
ROBLOX Player
RollerCoaster Tycoon 2 Triple Thrill Pack
Ruby 1.9.1-p378
s3pe - Sims3 Package Editor
SAMSUNG USB Driver for Mobile Phones
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SHIELD Streaming
Sid Meier's Civilization V
Sins of a Solar Empire: Rebellion
Skullgirls
Skulltag
Skype Click to Call
Skype? 6.11
Skyrim NPC Editor
Smite Closed Beta
Somoto V.1 Toolbar
Spybot - Search & Destroy
Star Wars - Battlefront II
Star Wars Jedi Knight Jedi Academy
Star Wars The Old Republic
Star Wars: Empire at War Gold
Star Wars: The Old Republic
Star Wars: Knights of the Old Republic
Starbound
Steam
Stronghold 2
Stronghold 3
Stronghold 3 Gold
Stronghold Crusader + Extreme
Stronghold Crusader Extreme HD
Stronghold HD
Stronghold Legends
SUABnR
swMSM
System Requirements Lab CYRI
Terraria
The Ballads of Reemus - When the Bed Bites
The Elder Scrolls V: Skyrim
The Sims? 3
The Sims? 3 Ambitions
The Sims? 3 Fast Lane Stuff
The Sims? 3 Generations
The Sims? 3 High-End Loft Stuff
The Sims? 3 Katy Perry's Sweet Treats
The Sims? 3 Late Night
The Sims? 3 Master Suite Stuff
The Sims? 3 Outdoor Living Stuff
The Sims? 3 Pets
The Sims? 3 Showtime
The Sims? 3 Town Life Stuff
The Sims? 3 World Adventures
The Ultimate DOOM
They Bleed Pixels
Third Age - Total War 3.0 (Part 1of2)
Third Age - Total War 3.0 (Part 2of2)
THX TruStudio PC
Toolbox
Toy Commander
Trine 2
Tyranid Mod 0.5b2 for Soulstorm
UA Grand Release
UA Map Pack
Ubisoft Game Launcher
Unity Web Player
Unofficial Oblivion Patch v3.2.0
Unofficial Official Mods Patch v15
Unofficial Shivering Isles Patch v1.4.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
uTorrentControl2 Toolbar
V4.2 Creature Morphs
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client for Windows x64
Verizon Wireless Software Upgrade Assistant - Samsung(ar)
Verizon Wireless Software Utility Application for Android - Samsung
Victoria 4.2 Base
Victoria 4.2 Morphs++
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.0
War Thunder
Warcraft II BNE
Warhammer 40,000: Dawn of War - Game of the Year Edition
Warhammer 40,000: Dawn of War ? Dark Crusade
Warhammer 40,000: Dawn of War ? Soulstorm
Warhammer 40,000: Dawn of War ? Winter Assault
WarhammerR 40,000?: Dawn of WarR II ? Retribution?
Web Assistant 2.0.0.439
Win7codecs
WinDjView 2.0.2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Mobile Device Center
WinHTTrack Website Copier 3.44-1
WinPcap 4.1.1
WinRAR 4.00 beta 1 (64-bit)
World of Warcraft
Wrye Bash
wxPython 2.8.11.0 (ansi) for Python 2.5
wxPython 2.8.11.0 (ansi) for Python 2.6
Xiph.Org Open Codecs 0.85.17777
XML Notepad 2007
XviD4PSP 5.0
Yahoo! Software Update
Yahoo! Toolbar
Yontoo Layers Client 1.10.01
YourFileDownloader
Zandronum
へんしん!!! パンツになってクンクンペロペロ
.
==== Event Viewer Messages From Past Week ========
.
1/3/2014 2:43:47 PM, Error: Microsoft-Windows-EnhancedStorage-EhStorCertDrv [80] - Password device is not compatible with Windows.
1/3/2014 2:43:13 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
1/3/2014 2:43:13 PM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The WMI request could not be completed and should be retried.
1/3/2014 2:43:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
1/3/2014 2:43:09 PM, Error: Service Control Manager [7001] - The Spybot-S&D 2 Updating Service service depends on the Secondary Logon service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/3/2014 2:43:09 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/3/2014 2:43:09 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the path specified.
1/3/2014 2:19:41 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Power service, but this action failed with the following error: A system shutdown has already been scheduled.
1/3/2014 2:19:41 AM, Error: Service Control Manager [7031] - The Power service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/3/2014 2:05:29 AM, Error: Service Control Manager [7022] - The vToolbarUpdater17.2.0 service hung on starting.
1/3/2014 12:49:44 AM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
1/3/2014 12:03:24 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Skype Updater service to connect.
1/3/2014 1:56:00 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
1/3/2014 1:50:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (BWDATOOLSET) service to connect.
1/3/2014 1:50:11 PM, Error: Service Control Manager [7000] - The SQL Server (BWDATOOLSET) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/3/2014 1:45:00 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: A system shutdown has already been scheduled.
1/3/2014 1:44:54 PM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/3/2014 1:44:54 PM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/2/2014 11:50:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service RapiMgr with arguments "" in order to run the server: {ED081F25-6A77-4C89-B689-C6E15C582EC1}
1/2/2014 11:49:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Mobile-based device connectivity service to connect.
1/2/2014 11:49:47 PM, Error: Service Control Manager [7000] - The Windows Mobile-based device connectivity service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

whatzitooya123 · January 3, 2014

and heres the roguekiller log

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Travis [Admin rights]
Mode : Scan -- Date : 01/03/2014 15:27:42
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 1 ¤¤¤
[Travis][sUSP UNIC] Verizon Wireless Software Utility Application for Android ??� Samsung.lnk : C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android ??� Samsung.lnk [-] -> FOUND

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
::1 localhost127.0.0.1 host42.hrwebservices.net
127.0.0.1 rdr2ps3.ms4.gamespy.com
127.0.0.1 match.gta4ps3.gamespy.com
127.0.0.1 *.ms4.gamespy.com
127.0.0.1 207.38.11.34
[...]

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) ST31000528AS +++++
--- User ---
[MBR] c284ceb3624c98a641f883b667fc2d9f
[bSP] bd88243ba1753a8780c06e4eb19307c6 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 11142 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22900736 | Size: 942686 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_01032014_152742.txt >>

MrCharlie · January 3, 2014

Did you read this: ???????

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.
2. If you have illegal/cracked software, cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.

Now look at your logs: (you have a host file that is used to by-pass Adobe activation aka: Piracy and the Adobe products installed)

Host file:

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
::1 localhost127.0.0.1 host42.hrwebservices.net
127.0.0.1 rdr2ps3.ms4.gamespy.com
127.0.0.1 match.gta4ps3.gamespy.com
127.0.0.1 *.ms4.gamespy.com
127.0.0.1 207.38.11.34
[...]

Adobe products:

Adobe AIR
Adobe Community Help
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Photoshop CS5.1
Adobe Reader XI (11.0.03)
Adobe Shockwave Player 11.6

MrC

whatzitooya123 · January 3, 2014

Ok I think I removed them Sorry im really stressed out right now. I hope I can still recieve help This is the only computer I have .

whatzitooya123 · January 3, 2014

Should I post the RK log again? Once again my appologies Ive been meaning to get this computer cleaned up for awhile

MrCharlie · January 3, 2014

Uninstall all those Adobe products.

Then....

Download and Run Fixit on this page:

http://support.microsoft.com/kb/972034

Re-scan with DDS and RogueKiller...post the 3 logs.

MrC

whatzitooya123 · January 4, 2014

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 8.0.7600.17267 BrowserJavaVersion: 10.45.2
Run by Travis at 18:03:08 on 2014-01-03
Microsoft Windows 7 Home Premium   6.1.7600.0.932.81.1033.18.8119.5433 [GMT -6:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinService.exe
C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe
C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe
C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\loggingserver.exe
C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Auslogics\Auslogics BoostSpeed\BoostSpeed.exe
C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
C:\Windows\System32\vds.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Users\Travis\AppData\Local\Akamai\netsession_win.exe
C:\Users\Travis\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\AVG Secure Search\vprot.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\Travis\Desktop\RogueKillerX64.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
C:\Windows\system32\wuauclt.exe
C:\Users\Travis\AppData\Local\Temp\nsm2472.tmp\PEV.DAT
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.

uProxyOverride = <local>
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
uURLSearchHooks: YTNavAssistPlugin Class: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
uURLSearchHooks: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
uURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
uURLSearchHooks: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
uURLSearchHooks: Somoto V.1 Toolbar: {e306aaa2-3b4f-4802-9faf-0c10ab78b589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
mURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
mURLSearchHooks: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
mURLSearchHooks: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
mURLSearchHooks: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
mURLSearchHooks: Somoto V.1 Toolbar: {e306aaa2-3b4f-4802-9faf-0c10ab78b589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
mWinlogon: Userinit = userinit.exe,
BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
BHO: Coupon Companion: {11111111-1111-1111-1111-110011441193} - C:\Program Files (x86)\Coupon Companion\Coupon Companion.dll
BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll
BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: {8232785C-5C98-4A6E-B7B4-911FFBED7582} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned>
BHO: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Travis\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
BHO: Somoto V.1 Toolbar: {e306aaa2-3b4f-4802-9faf-0c10ab78b589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
BHO: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
BHO: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
TB: midicairus Toolbar: {EFB1E45A-148D-40F9-A3F0-09D5577F9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: IMVU Inc Toolbar: {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
TB: MixiDJ V37 Toolbar: {EEF3855C-FC2D-41E6-8D91-D368F51B3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: Somoto V.1 Toolbar: {E306AAA2-3B4F-4802-9FAF-0C10AB78B589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files (x86)\Windows Live\Toolbar\wltcore.dll
TB: @C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - C:\Program Files (x86)\uTorrentControl2\prxtbuTo0.dll
TB: midicairus Toolbar: {efb1e45a-148d-40f9-a3f0-09d5577f9970} - C:\Program Files (x86)\midicairus\prxtbmid0.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Yahoo! Toolbar: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll
TB: IMVU Inc Toolbar: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files (x86)\IMVU_Inc\prxtbIMV0.dll
TB: MixiDJ V37 Toolbar: {eef3855c-fc2d-41e6-8d91-d368f51b3055} - C:\Program Files (x86)\MixiDJ_V37\prxtbMixi.dll
TB: Somoto V.1 Toolbar: {e306aaa2-3b4f-4802-9faf-0c10ab78b589} - C:\Program Files (x86)\Somoto_V.1\prxtbSomo.dll
TB: Related Searches: {96A25A24-2E87-4374-8A50-CC6F943FCE4D} - C:\Users\Travis\AppData\Roaming\DefaultTab\DefaultTab\Apps\RelatedLinksBHO.dll
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\Travis\AppData\Local\Akamai\netsession_win.exe"
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [shwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" /r
mRun: [updReg] C:\Windows\UpdReg.EXE
mRun: [intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [instaLAN] "C:\Program Files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" startup
mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRunOnce: [Launcher] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe
dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
dRunOnce: [spUninstallDeleteDir] rmdir /s /q "C:\Windows\System32\config\systemprofile\AppData\Roaming\SearchProtect"
StartupFolder: C:\Users\Travis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERA~1.LNK - C:\Users\Travis\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
StartupFolder: C:\Users\Travis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMEST~1.LNK -
StartupFolder: C:\Users\Travis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\VERIZO~1.LNK -
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - C:\Program Files (x86)\WinHTTrack\WinHTTrackIEBar.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com

TCP: NameServer = 24.159.64.23 24.217.201.67 24.177.176.38
TCP: Interfaces\{5807D682-7202-45E1-9997-A71D4BFB0E64} : DHCPNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: Web Assistant: {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension64.dll
x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RunDLLEntry_THXCfg] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\THXCfg64.dll,RunDLLEntry THXCfg64
x64-Run: [RunDLLEntry_EptMon] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\EptMon64.dll,RunDLLEntry EptMon64
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [intelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-Run: [shadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll

x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\2h32hi3a.default\
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Download Manager\npfpdlm.dll
FF - plugin: C:\Program Files (x86)\FilmFanaticEI\Installr\2.bin\NPpaEISb.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\MSN Toolbar\Platform\5.0.1423.0\npwinext.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Roblox\Versions\version-28a069d7dccb4f92\NPRobloxProxy.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMSS.dll
FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
FF - plugin: C:\ProgramData\id Software\QuakeLive\npquakezero.dll
FF - plugin: C:\Users\Travis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2013-10-24 194872]
R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2013-10-31 294712]
R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2013-10-1 123704]
R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2013-9-10 31544]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-11-10 55856]
R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2013-11-5 150808]
R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2013-11-4 240920]
R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2013-10-31 212280]
R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2013-8-1 251192]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-10-3 46368]
R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2013-11-11 3478544]
R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2013-9-24 348008]
R2 Belkin Local Backup Service;Belkin Local Backup Service;C:\Program Files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [2011-3-10 181760]
R2 Belkin Network USB Helper;Belkin Network USB Helper;C:\Program Files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [2011-3-10 55296]
R2 DAZContentManagementService;DAZ Content Management Service;C:\Program Files\DAZ 3D\Content Management Service\ContentManagementServer.exe [2012-3-11 22528]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-8-27 1253376]
R2 FastFreeConverterUpdt;FastFreeConverterUpdt;C:\Program Files (x86)\Fast Free Converter\FastFreeConverterUpdt.exe [2013-7-29 193024]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-2-18 9216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-10-6 418376]
R2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [2010-12-10 29293408]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-1-3 3921880]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-1-3 171416]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-11-10 689472]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-6-19 3048136]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-10-23 414496]
R2 sxuptp;SXUPTP Driver;C:\Windows\System32\drivers\sxuptp.sys [2011-3-10 291352]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-8 1771544]
R2 Web Assistant Updater;Web Assistant Updater;C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [2012-7-1 185856]
R3 HECIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-11-10 56344]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-11-10 271872]
R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-11-10 321064]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-3-13 25928]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2013-11-6 39200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-10-6 701512]
S2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-1-3 1042272]
S2 SessionLauncher;SessionLauncher; [x]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 BRDriver64;BRDriver64;C:\ProgramData\BitRaider\BRDriver64.sys [2013-9-6 75048]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\BitRaider\BRSptSvc.exe [2013-7-30 484592]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-6-4 103448]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-8-7 3276800]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-11-10 158976]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\drivers\mbamchameleon.sys [2014-1-3 89304]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-9-6 288776]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;C:\Program Files\Dell Support Center\pcdsrvc_x64.pkms [2010-7-30 25072]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-6-4 203672]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-15 1255736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [2013-8-19 14544]
S4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-11-10 13336]
S4 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-11-6 15125280]
.
=============== Created Last 30 ================
.
2014-01-03 21:26:59   72832   ----a-w-   C:\Windows\System32\drivers\ohci1394.sys.bak
2014-01-03 21:04:53   --------   d-----w-   C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-03 20:09:12   117464   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-01-03 17:39:14   21040   ----a-w-   C:\Windows\System32\sdnclean64.exe
2014-01-03 17:39:10   --------   d-----w-   C:\ProgramData\Spybot - Search & Destroy
2014-01-03 17:39:03   --------   d-----w-   C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-03 07:59:20   --------   d-----w-   C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-01-03 07:58:40   89304   ----a-w-   C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-03 06:58:32   --------   d-----w-   C:\TDSSKiller_Quarantine
2013-12-24 08:51:35   --------   d-----w-   C:\Users\Travis\AppData\Local\SearchProtect
2013-12-09 18:22:19   --------   d-----w-   C:\Users\Travis\AppData\Local\WarThunder
2013-12-09 18:22:19   --------   d-----w-   C:\ProgramData\WarThunder
.
==================== Find3M ====================
.
2013-11-11 02:06:54   46368   ----a-w-   C:\Windows\System32\drivers\avgtpx64.sys
2013-11-08 20:47:40   1064224   ----a-w-   C:\Windows\System32\nvspcap64.dll
2013-11-08 20:47:39   955168   ----a-w-   C:\Windows\SysWow64\nvspcap.dll
2013-11-06 03:55:48   150808   ----a-w-   C:\Windows\System32\drivers\avgdiska.sys
2013-11-05 03:52:42   240920   ----a-w-   C:\Windows\System32\drivers\avgidsdrivera.sys
2013-11-01 05:00:18   212280   ----a-w-   C:\Windows\System32\drivers\avgldx64.sys
2013-11-01 04:49:46   294712   ----a-w-   C:\Windows\System32\drivers\avgloga.sys
2013-10-25 06:54:05   96168   ----a-w-   C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-25 04:25:58   194872   ----a-w-   C:\Windows\System32\drivers\avgidsha.sys
2013-10-23 09:02:36   589600   ----a-w-   C:\Windows\SysWow64\nvStreaming.exe
2013-10-23 08:20:08   6669600   ----a-w-   C:\Windows\System32\nvcpl.dll
2013-10-23 08:20:07   3489568   ----a-w-   C:\Windows\System32\nvsvc64.dll
2013-10-23 08:20:05   922912   ----a-w-   C:\Windows\System32\nvvsvc.exe
2013-10-23 08:20:05   63776   ----a-w-   C:\Windows\System32\nvshext.dll
2013-10-23 08:20:05   219424   ----a-w-   C:\Windows\System32\nvmctray.dll
.
============= FINISH: 18:05:29.97 ===============
Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 11/13/2010 2:26:15 PM
System Uptime: 1/3/2014 5:53:19 PM (1 hours ago)
.
Motherboard: Dell Inc. | | 0G3HR7
Processor: Intel® Core i5 CPU 650 @ 3.20GHz | CPU 1 | 3201/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 921 GiB total, 314.258 GiB free.
D: is CDROM (UDF)
F: is Removable
G: is Removable
H: is Removable
J: is Removable
K: is CDROM ()
N: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Description: Microsoft WPD Enhanced Storage Password Driver
Device ID: ROOT\UNKNOWN\0000
Manufacturer: (Enhanced Storage Device)
Name: Microsoft WPD Enhanced Storage Password Driver
PNP Device ID: ROOT\UNKNOWN\0000
Service: WUDFRd
.
==== System Restore Points ===================
.
RP877: 1/3/2014 2:37:49 PM - Malwarebytes Anti-Rootkit Restore Point
RP878: 1/3/2014 4:23:51 PM - Removed Adobe Community Help
RP879: 1/3/2014 4:24:56 PM - Removed Adobe Download Assistant
RP880: 1/3/2014 4:39:09 PM - Removed Adobe Reader XI (11.0.03).
RP881: 1/3/2014 5:50:20 PM - Installed Microsoft Fix it 50267
.
==== Installed Programs ======================
.
Leawo PSP Video Converter version 3.1.0.0
1ClickDownloader
カスタム少女
64 Bit HP CIO Components Installer
7-Zip 9.20
7-Zip 9.21 (x64 edition)
aaa
AccessDiver v4.281
Ace of Spades
Age of Empires II: HD Edition
Age of Wonders: Shadow Magic
Akamai NetSession Interface
Amnesia: The Dark Descent
Angry Birds Space
AOE2ColorFix (remove only)
Apple Application Support
Apple Software Update
applicationupdater
AppsHat Mobile Apps
Artificial Girl 3
Ask Toolbar
Ask Toolbar Updater
Auslogics BoostSpeed
Auslogics Disk Defrag
AVG 2014
AVG Security Toolbar
Battlefront Extreme 2.2
Battlelog Web Plugins
Beat Hazard
Belkin Setup and Router Monitor
Belkin USB Print and Storage Center
Bing Bar
Bing Bar Platform
BioShock 2
BioShock Infinite
BitRaider Web Client
blinkx beat
Blockscape Phase 1 (beta)
Breath of Death VII
Bundled software uninstaller
Cave Story Deluxe version 1.13
Cave Story+
CBR Reader
CCleaner
Chantelise
Chivalry: Medieval Warfare
Cisco Connect
Clownfish for Skype
Command & Conquer The First Decade
Command &&& Conquer Red Alert 2 - Yuri's Revenge - Launch Base
Command and Conquer: Red Alert 3
Company of Heroes
Company of Heroes (New Steam Version)
Company of Heroes 2
Compatibility Pack for the 2007 Office system
Cortex Command
Coupon Companion
Creation Kit
Creative WebCam Center
DAZ Content Management Service
DAZ Studio 4.5 (64bit)
Dead Rising 2
Dead Space? 3
DefaultTab
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell DataSafe Online
Dell Dock
Dell Edoc Viewer
Dell Support Center
Descent and Descent 2
DirectXInstallService
DivX Setup
DOOM II: Hell on Earth
Doomsday Engine 1.9.0-beta6.9
Download Manager 2.3.10
Dr. Lunatic Supreme With Cheese v7.7
Dragon Age: Origins
Dragon Age: Origins - Ultimate Edition
DS4 Default Content
Dual-Core Optimizer
Duke Nukem - Manhattan Project
Duke Nukem 3D: Megaton Edition
Dungeons of Dredmor
Earth 2150 Trilogy
ESN Sonar
Fallout
Fallout 3 - The Garden of Eden Creation Kit
Fallout 3 - Unofficial Fallout 3 Patch
Fallout 3: Little Boy
Fallout Mod Manager 0.12.6
Fallout: New Vegas
Fast Free Converter
FilesFrog Update Checker
Filter Forge 3.013
Final DOOM
FINAL FANTASY VII
Firebird SQL Server - MAGIX Edition
Floris Mod Pack 2.54
FLV Player
Flyff version V18
Fort・Agent
Francesco's leveled creatures-items mod 4.5b
GameFly
gamelauncher-ps2-live
GameRanger
GameSpy Arcade
GameStop App
GeForce Experience NvStream Client Components
GetNZB version 0.617
GetSavin
GIMP 2.6.11
GOG.com Downloader version 3.6.0
GrabIt 1.7.2 Beta 6 (build 1008)
Half-Life 2 Awakening 1.1
Half-Life Source HD
Happy Cloud Client
Hero Editor V0.96
Hi-Rez Studios Authenticate and Update Service
Hitman 2: Silent Assassin
Hitman: Absolution
Hitman: Blood Money
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hyrule Total War 3 Part 1
Hyrule Total War 3 Part 2
Hyrule Total War 3 Part 3
Hyrule Total War 3 Patch
ILLUSION Sexyフラッシュ
IMVU Inc Toolbar
Inspiration Pad Pro 2.01a
Intel AppUp(SM) center
Intel® Control Center
Intel® Rapid Storage Technology
Japanese Language Support
Java 7 Update 17 (64-bit)
Java 7 Update 45
Java Auto Updater
Java 6 Update 20 (64-bit)
Junk Mail filter update
K-Lite Codec Pack 9.9.5 (Basic)
Katawa Shoujo
League of Legends
Lightning Warrior Raidy
Logitech Gaming Software 5.10
MAGIX Screenshare
MAGIX Speed burnR (MSI)
Malwarebytes Anti-Malware version 1.75.0.1300
Mark of the Ninja
Master Levels for DOOM II
Max Uninstaller version 2.0
McAfee Security Scan Plus
Media Player Classic - Home Cinema v1.5.2.3456
MediaFireDownloader
Medieval II Total War
Medieval II Total War Kingdoms
Medieval II: Total War
Medieval II: Total War Kingdoms
Metro 2033
Metro: Last Light
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Choice Guard
Microsoft Default Manager
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft IntelliPoint 8.2
Microsoft Office 2010
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server 2005 Express Edition (BWDATOOLSET)
Microsoft SQL Server 2005 Tools Express Edition
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Sync Framework Runtime Native v1.0 (x86)
Microsoft Sync Framework Services Native v1.0 (x86)
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft Visual C++ Run Time Lib Setup
Microsoft WSE 3.0 Runtime
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Microsoft_VC90_MFCLOC_x86
Microsoft_VC90_MFCLOC_x86_x64
midicairus Toolbar
MixiDJ V37 Toolbar
MKV Player 2.0.1
Mount & Blade: Warband
Mozilla Firefox 26.0 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Multimedia Card Reader
Mumble 1.2.3
Nexus Mod Manager
NifSkope (remove only)
NSIS Hisoutensoku English
NVIDIA 3D Vision Controller Driver 331.65
NVIDIA 3D Vision Driver 331.65
NVIDIA Control Panel 331.65
NVIDIA GeForce Experience 1.7.1
NVIDIA Graphics Driver 331.65
NVIDIA HD Audio Driver 1.3.26.4
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Photoshop Plug-ins 64 bit
NVIDIA PhysX
NVIDIA ShadowPlay 9.3.21
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 9.3.21
NVIDIA Update Components
NVIDIA Virtual Audio 1.2.9
Oblivion - Horse Armor Pack
Oblivion - Mehrunes Razor
Oblivion - Orrery
Oblivion - Spell Tomes
Oblivion - The Fighter's Stronghold
Oblivion - Thieves Den
Oblivion - TweakOblivion 5.10 (Build:370)
Oblivion - Vile Lair
Oblivion - Wizard's Tower
Oblivion mod manager 1.1.12
OpenAL
OpenRA
Opera 12.14
Origin
Painkiller Overdose
Paint.NET v3.5.10
Pando Media Booster
Penny Arcade's On the Rain-Slick Precipice of Darkness 3
Pepakura Viewer 3
PHANTASY STAR ONLINE 2
PhotoScape
Populous
Portforward Static IP Address 1.0.45
PS_AIO_05_C4600_Software_Min
PSP Action Replay
PunkBuster Services
Python 2.5 comtypes-0.6.2
Python 2.5 PIL-1.1.6
Python 2.5 psyco-1.6
Python 2.5 pywin32-216
Python 2.5.2
Python 2.6 comtypes-0.6.2
Python 2.6 psyco-1.6
Python 2.6 pywin32-214
Quake
Quake II
Quake II: Ground Zero
Quake II: The Reckoning
Quake Live Mozilla Plugin
Quake Mission Pack 1: Scourge of Armagon
QuickTime
RAR Password Cracker 4.12
RAR Password Recovery v1.1 RC17 (remove only)
Razer Game Booster
REACTOR
Realtek High Definition Audio Driver
Recettear: An Item Shop's Tale
Republic at War 1.1.5
Revo Uninstaller 1.94
Rise of Nations
Rise of the Triad
ROBLOX Player
RollerCoaster Tycoon 2 Triple Thrill Pack
Ruby 1.9.1-p378
s3pe - Sims3 Package Editor
SAMSUNG USB Driver for Mobile Phones
Scan
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
SHIELD Streaming
Sid Meier's Civilization V
Sins of a Solar Empire: Rebellion
Skullgirls
Skulltag
Skype Click to Call
Skype? 6.11
Skyrim NPC Editor
Smite Closed Beta
Somoto V.1 Toolbar
Spybot - Search & Destroy
Star Wars - Battlefront II
Star Wars Jedi Knight Jedi Academy
Star Wars The Old Republic
Star Wars: Empire at War Gold
Star Wars: The Old Republic
Star Wars: Knights of the Old Republic
Starbound
Steam
Stronghold 2
Stronghold 3
Stronghold 3 Gold
Stronghold Crusader + Extreme
Stronghold Crusader Extreme HD
Stronghold HD
Stronghold Legends
SUABnR
swMSM
System Requirements Lab CYRI
Terraria
The Ballads of Reemus - When the Bed Bites
The Elder Scrolls V: Skyrim
The Sims? 3
The Sims? 3 Ambitions
The Sims? 3 Fast Lane Stuff
The Sims? 3 Generations
The Sims? 3 High-End Loft Stuff
The Sims? 3 Katy Perry's Sweet Treats
The Sims? 3 Late Night
The Sims? 3 Master Suite Stuff
The Sims? 3 Outdoor Living Stuff
The Sims? 3 Pets
The Sims? 3 Showtime
The Sims? 3 Town Life Stuff
The Sims? 3 World Adventures
The Ultimate DOOM
They Bleed Pixels
Third Age - Total War 3.0 (Part 1of2)
Third Age - Total War 3.0 (Part 2of2)
THX TruStudio PC
Toolbox
Toy Commander
Trine 2
Tyranid Mod 0.5b2 for Soulstorm
UA Grand Release
UA Map Pack
Ubisoft Game Launcher
Unity Web Player
Unofficial Oblivion Patch v3.2.0
Unofficial Official Mods Patch v15
Unofficial Shivering Isles Patch v1.4.0
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
uTorrentControl2 Toolbar
V4.2 Creature Morphs
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client for Windows x64
Verizon Wireless Software Upgrade Assistant - Samsung(ar)
Verizon Wireless Software Utility Application for Android - Samsung
Victoria 4.2 Base
Victoria 4.2 Morphs++
Visual Studio 2008 x64 Redistributables
Visual Studio 2010 x64 Redistributables
Visual Studio 2012 x64 Redistributables
Visual Studio 2012 x86 Redistributables
VLC media player 2.1.0
War Thunder
Warcraft II BNE
Warhammer 40,000: Dawn of War - Game of the Year Edition
Warhammer 40,000: Dawn of War ? Dark Crusade
Warhammer 40,000: Dawn of War ? Soulstorm
Warhammer 40,000: Dawn of War ? Winter Assault
WarhammerR 40,000?: Dawn of WarR II ? Retribution?
Web Assistant 2.0.0.439
Win7codecs
WinDjView 2.0.2
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sync
Windows Live Toolbar
Windows Live Upload Tool
Windows Live Writer
Windows Mobile Device Center
WinHTTrack Website Copier 3.44-1
WinPcap 4.1.1
WinRAR 4.00 beta 1 (64-bit)
World of Warcraft
Wrye Bash
wxPython 2.8.11.0 (ansi) for Python 2.5
wxPython 2.8.11.0 (ansi) for Python 2.6
Xiph.Org Open Codecs 0.85.17777
XML Notepad 2007
XviD4PSP 5.0
Yahoo! Software Update
Yahoo! Toolbar
Yontoo Layers Client 1.10.01
YourFileDownloader
Zandronum
へんしん!!! パンツになってクンクンペロペロ
.
==== Event Viewer Messages From Past Week ========
.
1/3/2014 5:56:58 PM, Error: VDS Basic Provider [1] - Unexpected failure. Error code: 490@01010004
1/3/2014 5:56:33 PM, Error: Microsoft-Windows-EnhancedStorage-EhStorCertDrv [80] - Password device is not compatible with Windows.
1/3/2014 5:56:23 PM, Error: Service Control Manager [7023] - The Power service terminated with the following error: The WMI request could not be completed and should be retried.
1/3/2014 5:56:16 PM, Error: Service Control Manager [7001] - The Spybot-S&D 2 Updating Service service depends on the Secondary Logon service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
1/3/2014 5:56:16 PM, Error: Service Control Manager [7000] - The SessionLauncher service failed to start due to the following error: The system cannot find the path specified.
1/3/2014 5:04:54 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the DCOM Server Process Launcher service, but this action failed with the following error: A system shutdown has already been scheduled.
1/3/2014 5:04:54 PM, Error: Service Control Manager [7031] - The Plug and Play service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/3/2014 5:04:54 PM, Error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/3/2014 4:19:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
1/3/2014 4:19:03 PM, Error: Service Control Manager [7000] - The Spybot-S&D 2 Scanner Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/3/2014 4:10:22 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Plug and Play service, but this action failed with the following error: A system shutdown has already been scheduled.
1/3/2014 3:39:03 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Software Protection service to connect.
1/3/2014 3:39:03 PM, Error: Service Control Manager [7000] - The Software Protection service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/3/2014 2:19:41 AM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Reboot the machine) after the unexpected termination of the Power service, but this action failed with the following error: A system shutdown has already been scheduled.
1/3/2014 2:19:41 AM, Error: Service Control Manager [7031] - The Power service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine.
1/3/2014 2:05:29 AM, Error: Service Control Manager [7022] - The vToolbarUpdater17.2.0 service hung on starting.
1/3/2014 12:49:44 AM, Error: Service Control Manager [7034] - The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).
1/3/2014 12:03:24 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Skype Updater service to connect.
1/3/2014 1:56:00 PM, Error: Service Control Manager [7022] - The Windows Update service hung on starting.
1/3/2014 1:50:11 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (BWDATOOLSET) service to connect.
1/3/2014 1:50:11 PM, Error: Service Control Manager [7000] - The SQL Server (BWDATOOLSET) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
1/2/2014 11:50:24 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service RapiMgr with arguments "" in order to run the server: {ED081F25-6A77-4C89-B689-C6E15C582EC1}
1/2/2014 11:49:47 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Mobile-based device connectivity service to connect.
1/2/2014 11:49:47 PM, Error: Service Control Manager [7000] - The Windows Mobile-based device connectivity service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================

RK

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : Travis [Admin rights]
Mode : Scan -- Date : 01/03/2014 18:09:44
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 8 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 1 ¤¤¤
[Travis][sUSP UNIC] Verizon Wireless Software Utility Application for Android ?? Samsung.lnk : C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android ?? Samsung.lnk [-] -> FOUND

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) ST31000528AS +++++
--- User ---
[MBR] c284ceb3624c98a641f883b667fc2d9f
[bSP] bd88243ba1753a8780c06e4eb19307c6 : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 81920 | Size: 11142 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 22900736 | Size: 942686 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_01032014_180944.txt >>

whatzitooya123 · January 4, 2014

On a side note it appears to be gone after uninstalling all the adobe stuff. I would still like to proceed just to be sure though. Assuming everything is now in order

MrCharlie · January 4, 2014

Please uninstall these from your add/remove programs if possible:
Fast Free Converter
MixiDJ V37 Toolbar
Coupon Companion
Web Assistant 2.0.0.439
DefaultTab

Then..........

Lets clean out any adware/spyware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

Make sure you click on download buttons that look similar to this, not "sponsored ad links":

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
When it's done you'll see: Pending: Please uncheck elements you don't want removed.
Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
Look over the log especially under Files/Folders for any program you want to save.
If there's a program you may want to save, just uncheck it from AdwCleaner.
If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
If you're ready to clean it all up.....click the Clean button.
After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.
Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
To restore an item that has been deleted:
Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

Then..................

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a FULL Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

whatzitooya123 · January 4, 2014

# AdwCleaner v3.016 - Report created 03/01/2014 at 19:04:39
# Updated 23/12/2013 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Travis - MOMISBOSS-PC
# Running from : C:\Users\Travis\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
[x] Not Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\SoftSafe
Folder Deleted : C:\ProgramData\SpeedyPC Software
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownloadnSave
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DownTango
Folder Deleted : C:\Program Files (x86)\1ClickDownload
Folder Deleted : C:\Program Files (x86)\Ask.com
[x] Not Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\FilesFrog Update Checker
Folder Deleted : C:\Program Files (x86)\FilmFanaticEI
Folder Deleted : C:\Program Files (x86)\Minibar
Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Program Files (x86)\Playbryte
Folder Deleted : C:\Program Files (x86)\Red Sky
Folder Deleted : C:\Program Files (x86)\RegClean Pro
Folder Deleted : C:\Program Files (x86)\Searchprotect
Folder Deleted : C:\Program Files (x86)\somoto_v.1
Folder Deleted : C:\Program Files (x86)\Yontoo Layers Client
Folder Deleted : C:\Program Files (x86)\yourfiledownloader
Folder Deleted : C:\Program Files (x86)\IMVU_Inc
Folder Deleted : C:\Program Files (x86)\midicairus
Folder Deleted : C:\Program Files (x86)\uTorrentControl2
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\FilmFanatic
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\midicairus
Folder Deleted : C:\Users\mom is boss\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\mom is boss\AppData\Roaming\cacaoweb
Folder Deleted : C:\Users\Travis\AppData\Local\apn
Folder Deleted : C:\Users\Travis\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Travis\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Travis\AppData\Local\Conduit
Folder Deleted : C:\Users\Travis\AppData\Local\ConduitEngine
Folder Deleted : C:\Users\Travis\AppData\Local\DownTango
Folder Deleted : C:\Users\Travis\AppData\Local\getsavin
Folder Deleted : C:\Users\Travis\AppData\Local\Minibar
Folder Deleted : C:\Users\Travis\AppData\Local\PackageAware
Folder Deleted : C:\Users\Travis\AppData\Local\Searchprotect
Folder Deleted : C:\Users\Travis\AppData\Local\visi_coupon
Folder Deleted : C:\Users\Travis\AppData\Local\webplayer
Folder Deleted : C:\Users\Travis\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Travis\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\Travis\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Travis\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\Travis\AppData\LocalLow\FilmFanatic
Folder Deleted : C:\Users\Travis\AppData\LocalLow\FilmFanaticEI
Folder Deleted : C:\Users\Travis\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Travis\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Travis\AppData\LocalLow\Minibar
Folder Deleted : C:\Users\Travis\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Travis\AppData\LocalLow\Playbryte
Folder Deleted : C:\Users\Travis\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Travis\AppData\LocalLow\somoto_v.1
Folder Deleted : C:\Users\Travis\AppData\LocalLow\IMVU_Inc
Folder Deleted : C:\Users\Travis\AppData\LocalLow\midicairus
Folder Deleted : C:\Users\Travis\AppData\LocalLow\uTorrentControl2
Folder Deleted : C:\Users\Travis\AppData\Roaming\cacaoweb
Folder Deleted : C:\Users\Travis\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Travis\AppData\Roaming\Searchprotect
Folder Deleted : C:\Users\Travis\AppData\Roaming\SendSpace
Folder Deleted : C:\Users\Travis\AppData\Roaming\SpeedyPC Software
Folder Deleted : C:\Users\Travis\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Travis\AppData\Roaming\yourfiledownloader
Folder Deleted : C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker
Folder Deleted : C:\Users\UpdatusUser\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\UpdatusUser.momisboss-PC\AppData\LocalLow\Fast Free Converter
Folder Deleted : C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\jkaz4oth.default\Extensions\toolbar@ask.com
File Deleted : C:\END
File Deleted : C:\Users\mom is boss\Desktop\cacaoweb.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player\Uninstall.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile
Key Deleted : HKLM\SOFTWARE\Classes\1ClicktorrentFile1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho
Key Deleted : HKLM\SOFTWARE\Classes\bhoclass.bho.bhoclass.bho.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\oneclick
Key Deleted : HKLM\SOFTWARE\Classes\oneclickmg
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askchecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFileUpdater_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2612669
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3184201
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3282812
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3298573
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_accessdiver_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_accessdiver_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_blackwidow_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_blackwidow_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_mkv-player_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_mkv-player_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_xvid4psp_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_xvid4psp_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B673DD09-E496-4A82-8144-D16AD900B303}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{687578B9-7132-4A7A-80E4-30EE31099E03}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{90B49673-5506-483E-B92B-CA0265BD9CA8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EFB1E45A-148D-40F9-A3F0-09D5577F9970}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A19F5EBF-E163-4D4F-B7BD-33149BF756CC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{156F4006-0999-4E54-9ED3-B7B064D3DD0A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B673DD09-E496-4A82-8144-D16AD900B303}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D4AAF2A6-F6D1-49A5-BA1A-B20735DF1955}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C990ECA-72D6-4E65-A35B-A08C1DF79E6E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65B7774B-D0F5-4406-8570-6D02630F7071}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A6A9D19-A1A4-4F21-ABCA-199603018D09}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D0DEDD1C-1451-4FD2-BDA5-CC2DA3B56E89}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9D0AB6E2-71A1-4D54-A662-FCEFA75ADDB6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3ACE53FC-AF3D-47FA-999E-0B7C9B4E838F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86EA2EC7-CA97-4415-ADF1-2D057FBC8B69}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{718E9093-4547-413D-8612-5AB018D8CA20}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1600DCEB-CB77-4A92-9D95-B7B8D27F1A72}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{23088CF8-EAF8-4BB3-A251-9BA61557AC75}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{91607FA7-3C2F-4F90-93E3-D5337A6B0AC2}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4FC7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{23088CF8-EAF8-4BB3-A251-9BA61557AC75}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{687578B9-7132-4A7A-80E4-30EE31099E03}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{EFB1E45A-148D-40F9-A3F0-09D5577F9970}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{E306AAA2-3B4F-4802-9FAF-0C10AB78B589}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1BE14FE1-3175-4324-A77B-33FE5CB7A6ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\cacaoweb
Key Deleted : HKCU\Software\CompeteInc
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\dt soft\daemon tools toolbar
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Somoto
Key Deleted : HKCU\Software\SpeedyPC Software
Key Deleted : HKCU\Software\StartSearch
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKCU\Software\AppDataLow\Software\CompeteInc
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\IMVU_Inc
Key Deleted : HKCU\Software\AppDataLow\Software\midicairus
Key Deleted : HKCU\Software\AppDataLow\Software\Somoto_V.1
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl2
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\CompeteInc
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\Minibar
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Playbryte
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\SpeedyPC Software
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Web Assistant
Key Deleted : HKLM\Software\WinWSD ToolBar
Key Deleted : HKLM\Software\YourFileDownloader
Key Deleted : HKLM\Software\IMVU_Inc
Key Deleted : HKLM\Software\midicairus
Key Deleted : HKLM\Software\Somoto_V.1
Key Deleted : HKLM\Software\uTorrentControl2
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FLV Player
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\YourFileDownloader
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMVU_Inc Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\midicairus Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Somoto_V.1 Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl2 Toolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.17267

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [start Page Restore]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\mom is boss\AppData\Roaming\Mozilla\Firefox\Profiles\vhaj39m5.default\prefs.js ]

[ File : C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\2h32hi3a.default\prefs.js ]

[ File : C:\Users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\jkaz4oth.default\prefs.js ]

*************************

AdwCleaner[R0].txt - [37498 octets] - [03/01/2014 18:59:48]
AdwCleaner[s0].txt - [35230 octets] - [03/01/2014 19:04:39]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [35291 octets] ##########

MrCharlie · January 4, 2014

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Please make sure you click download buttons that look similar to this, not "sponsored ad links":

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

whatzitooya123 · January 4, 2014

Running mbam now. It does indeed appear to be gone though. No longer seeing Host process for windows services in sound mixer. Thank you for your help.

whatzitooya123 · January 4, 2014

Also I will get back to you after the combofix has been done

whatzitooya123 · January 4, 2014

ComboFix 14-01-04.03 - Travis 4/2014 Sat   0:22.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.932.81.1033.18.8119.5235 [GMT -6:00]
Running from: c:\users\Travis\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Spybot - Search and Destroy *Disabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files (x86)\Blinkx
c:\program files (x86)\Blinkx\blinkx.ico
c:\program files (x86)\Blinkx\blinkxss.exe
c:\program files (x86)\Blinkx\blinkxstop.exe
c:\program files (x86)\Blinkx\lang.dll
c:\program files (x86)\Blinkx\templates\beat.ico
c:\program files (x86)\Blinkx\templates\index.html
c:\program files (x86)\Blinkx\templates\noflash.html
c:\program files (x86)\Blinkx\templates\offline.html
c:\program files (x86)\Blinkx\templates\offline.swf
c:\program files (x86)\Blinkx\templates\uninstall.exe
c:\program files (x86)\RegGenie
c:\program files (x86)\RegGenie\RegGenie.ini
c:\users\Travis\3dg
c:\users\Travis\AppData\Local\assembly\tmp
c:\users\Travis\AppData\Roaming\Love
c:\users\Travis\AppData\Roaming\Love\mari0\options.txt
c:\users\Travis\th135.exe
c:\windows\SysWow64\Cache
c:\windows\SysWow64\Cache\109fd8c9015657b0.fb
c:\windows\SysWow64\Cache\24a6d33fccf224e6.fb
c:\windows\SysWow64\Cache\26c079f4de979f01.fb
c:\windows\SysWow64\Cache\26c630d098e22dd5.fb
c:\windows\SysWow64\Cache\272512937d9e61a4.fb
c:\windows\SysWow64\Cache\287204568329e189.fb
c:\windows\SysWow64\Cache\28bc8f716fd76a47.fb
c:\windows\SysWow64\Cache\2c53092c95605355.fb
c:\windows\SysWow64\Cache\31a0997e9a5b5eb3.fb
c:\windows\SysWow64\Cache\32c84fe32bb74d60.fb
c:\windows\SysWow64\Cache\32d031c48e6c99d4.fb
c:\windows\SysWow64\Cache\3917078cb68ec657.fb
c:\windows\SysWow64\Cache\403dd5fad4d1c6e7.fb
c:\windows\SysWow64\Cache\475893696365adae.fb
c:\windows\SysWow64\Cache\590ba23ce359fd0c.fb
c:\windows\SysWow64\Cache\59b4c33daf79faaf.fb
c:\windows\SysWow64\Cache\5d88b93c7f1b11f2.fb
c:\windows\SysWow64\Cache\610289e025a3ee9a.fb
c:\windows\SysWow64\Cache\651c5d3cdbfb8bd1.fb
c:\windows\SysWow64\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\SysWow64\Cache\6d03dad1035885d3.fb
c:\windows\SysWow64\Cache\82a30f80f32270cc.fb
c:\windows\SysWow64\Cache\95f567698be8a182.fb
c:\windows\SysWow64\Cache\a013229326e490b8.fb
c:\windows\SysWow64\Cache\a8556537add6dfc5.fb
c:\windows\SysWow64\Cache\ad10a52aff5e038d.fb
c:\windows\SysWow64\Cache\bf08250799c219d3.fb
c:\windows\SysWow64\Cache\c1fa887b03019701.fb
c:\windows\SysWow64\Cache\c4d28dca2e7648be.fb
c:\windows\SysWow64\Cache\d201ef9910cd39de.fb
c:\windows\SysWow64\Cache\d2e94710a5708128.fb
c:\windows\SysWow64\Cache\d79b9dfe81484ec4.fb
c:\windows\SysWow64\Cache\e6959126c737a7f8.fb
c:\windows\SysWow64\Cache\f0d4937a85fb9058.fb
c:\windows\SysWow64\Cache\f30d51bbf30069ea.fb
c:\windows\SysWow64\Cache\f998975c9cc711ee.fb
c:\windows\SysWow64\Cache\fb3b22470d29333c.fb
.
.
(((((((((((((((((((((((((   Files Created from 2013-12-04 to 2014-01-04 )))))))))))))))))))))))))))))))
.
.
2014-01-04 00:58 . 2014-01-04 01:05   --------   d-----w-   C:\AdwCleaner
2014-01-04 00:20 . 2014-01-04 00:23   71048   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-04 00:20 . 2014-01-04 00:23   692616   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-03 21:26 . 2014-01-04 00:09   72832   ----a-w-   c:\windows\system32\drivers\ohci1394.sys.bak
2014-01-03 21:04 . 2014-01-03 21:04   --------   d-----w-   c:\program files (x86)\Mozilla Maintenance Service
2014-01-03 17:39 . 2013-09-20 16:49   21040   ----a-w-   c:\windows\system32\sdnclean64.exe
2014-01-03 17:39 . 2014-01-03 17:46   --------   d-----w-   c:\programdata\Spybot - Search & Destroy
2014-01-03 17:39 . 2014-01-03 17:40   --------   d-----w-   c:\program files (x86)\Spybot - Search & Destroy 2
2014-01-03 07:59 . 2014-01-03 21:23   --------   d-----w-   c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-03 07:58 . 2014-01-03 17:07   89304   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-01-03 06:58 . 2014-01-03 16:48   --------   d-----w-   C:\TDSSKiller_Quarantine
2013-12-09 18:22 . 2013-12-10 19:39   --------   d-----w-   c:\programdata\WarThunder
2013-12-09 18:22 . 2013-12-09 18:22   --------   d-----w-   c:\users\Travis\AppData\Local\WarThunder
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-11 02:06 . 2012-10-03 18:56   46368   ----a-w-   c:\windows\system32\drivers\avgtpx64.sys
2013-11-08 20:47 . 2013-11-06 22:15   1064224   ----a-w-   c:\windows\system32\nvspcap64.dll
2013-11-08 20:47 . 2013-11-06 22:15   955168   ----a-w-   c:\windows\SysWow64\nvspcap.dll
2013-11-06 03:55 . 2013-11-06 03:55   150808   ----a-w-   c:\windows\system32\drivers\avgdiska.sys
2013-11-05 03:52 . 2013-11-05 03:52   240920   ----a-w-   c:\windows\system32\drivers\avgidsdrivera.sys
2013-11-01 05:00 . 2013-11-01 05:00   212280   ----a-w-   c:\windows\system32\drivers\avgldx64.sys
2013-11-01 04:49 . 2013-11-01 04:49   294712   ----a-w-   c:\windows\system32\drivers\avgloga.sys
2013-10-25 06:54 . 2013-10-25 06:54   96168   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-25 04:25 . 2013-10-25 04:25   194872   ----a-w-   c:\windows\system32\drivers\avgidsha.sys
2013-10-23 10:30 . 2013-11-06 22:11   1884448   ----a-w-   c:\windows\system32\nvdispco6433165.dll
2013-10-23 10:30 . 2013-11-06 22:11   1511712   ----a-w-   c:\windows\system32\nvdispgenco6433165.dll
2013-10-23 10:30 . 2013-11-06 22:11   9524088   ----a-w-   c:\windows\SysWow64\nvcuda.dll
2013-10-23 10:30 . 2013-11-06 22:11   9480328   ----a-w-   c:\windows\SysWow64\nvopencl.dll
2013-10-23 10:30 . 2013-11-06 22:11   696096   ----a-w-   c:\windows\system32\NvFBC64.dll
2013-10-23 10:30 . 2013-11-06 22:11   655136   ----a-w-   c:\windows\system32\NvIFR64.dll
2013-10-23 10:30 . 2013-11-06 22:11   599840   ----a-w-   c:\windows\SysWow64\NvFBC.dll
2013-10-23 10:30 . 2013-11-06 22:11   560416   ----a-w-   c:\windows\SysWow64\NvIFR.dll
2013-10-23 10:30 . 2013-11-06 22:11   3131680   ----a-w-   c:\windows\system32\nvcuvid.dll
2013-10-23 10:30 . 2013-11-06 22:11   3124512   ----a-w-   c:\windows\system32\nvcuvenc.dll
2013-10-23 10:30 . 2013-11-06 22:11   30344480   ----a-w-   c:\windows\system32\nvoglv64.dll
2013-10-23 10:30 . 2013-11-06 22:11   2946848   ----a-w-   c:\windows\SysWow64\nvcuvid.dll
2013-10-23 10:30 . 2013-11-06 22:11   2747168   ----a-w-   c:\windows\SysWow64\nvcuvenc.dll
2013-10-23 10:30 . 2013-11-06 22:11   25257248   ----a-w-   c:\windows\system32\nvcompiler.dll
2013-10-23 10:30 . 2013-11-06 22:11   22933792   ----a-w-   c:\windows\SysWow64\nvoglv32.dll
2013-10-23 10:30 . 2013-11-06 22:11   18199872   ----a-w-   c:\windows\system32\nvd3dumx.dll
2013-10-23 10:30 . 2013-11-06 22:11   17560352   ----a-w-   c:\windows\SysWow64\nvcompiler.dll
2013-10-23 10:30 . 2013-11-06 22:11   12572960   ----a-w-   c:\windows\system32\drivers\nvlddmkm.sys
2013-10-23 10:30 . 2013-11-06 22:11   11426568   ----a-w-   c:\windows\system32\nvcuda.dll
2013-10-23 10:30 . 2013-11-06 22:11   11374520   ----a-w-   c:\windows\system32\nvopencl.dll
2013-10-23 10:30 . 2011-12-23 18:41   15855568   ----a-w-   c:\windows\SysWow64\nvwgf2um.dll
2013-10-23 10:30 . 2010-11-10 18:53   18286416   ----a-w-   c:\windows\system32\nvwgf2umx.dll
2013-10-23 10:30 . 2010-11-10 18:53   15212336   ----a-w-   c:\windows\SysWow64\nvd3dum.dll
2013-10-23 10:30 . 2010-11-10 18:53   3067560   ----a-w-   c:\windows\system32\nvapi64.dll
2013-10-23 10:30 . 2010-11-10 18:53   2695200   ----a-w-   c:\windows\SysWow64\nvapi.dll
2013-10-23 09:02 . 2013-10-23 09:02   589600   ----a-w-   c:\windows\SysWow64\nvStreaming.exe
2013-10-23 08:20 . 2011-12-23 18:42   6669600   ----a-w-   c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2011-12-23 18:42   3489568   ----a-w-   c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2011-12-23 18:42   922912   ----a-w-   c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2011-12-23 18:42   63776   ----a-w-   c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2011-12-23 18:42   219424   ----a-w-   c:\windows\system32\nvmctray.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-20 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[7] 2009-07-14 . 7266972E86890E2B30C0C322E906B027 . 509440 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7600.16385_none_c5bfcda3579104e3\rpcss.dll
[-] 2009-07-14 . 8FA55595A8836694E813843735E37A5D . 509952 . . [6.1.7600.16385] .. c:\windows\system32\rpcss.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll" [2013-04-01 1500440]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-12-11 1823656]
"Akamai NetSession Interface"="c:\users\Travis\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2009-07-17 237568]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" [2011-02-11 1308]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
"SDTray"="c:\program files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [2013-07-25 5624784]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-12 163040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallDeleteDir"="rmdir" [X]
.
c:\users\mom is boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
c:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-12-15 1324384]
.
c:\users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GameRanger.lnk - c:\users\Travis\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart [2013-6-19 1824928]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [x]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [x]
R2 SessionLauncher;SessionLauncher; [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\SEGA\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys;c:\program files (x86)\SEGA\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 sj;sj;c:\aeriagames\EdenEternal\sjcs64.sys;c:\aeriagames\EdenEternal\sjcs64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va003;X6va003;c:\users\Travis\AppData\Local\Temp\00392D3.tmp;c:\users\Travis\AppData\Local\Temp\00392D3.tmp [x]
R4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [x]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [x]
S2 DAZContentManagementService;DAZ Content Management Service;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe ;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);c:\program files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe;c:\program files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-04 00:23]
.
2011-08-16 c:\windows\Tasks\ParetoLogic Registration.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2011-08-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-08-05 23:47]
.
2011-08-17 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-08-05 23:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-07 8158240]
"RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-08 1064224]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
FF - ProfilePath - c:\users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\2h32hi3a.default\
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{8232785C-5C98-4A6E-B7B4-911FFBED7582} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
c:\users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\GameStop Now.lnk - (no file)
Notify-SDWinLogon - SDWinLogon.dll
Toolbar-Locked - (no file)
AddRemove-GetSavin - c:\users\Travis\AppData\Local\getsavin\uninst.exe
AddRemove-blinkx beat - c:\program files (x86)\Blinkx\templates\uninstall.exe
AddRemove-comtypes-py2.6 - c:\python26\Removecomtypes.exe
AddRemove-psyco-py2.6 - c:\python26\Removepsyco.exe
AddRemove-pywin32-py2.6 - c:\python26\Removepywin32.exe
AddRemove-Third Age - Total War 3.0 (Part 1of2) - c:\program files (x86)\SEGA\Medieval II Total War\Uninstal.exe
AddRemove-Third Age - Total War 3.0 (Part 2of2) - c:\program files (x86)\SEGA\Medieval II Total War\Uninstal.exe
AddRemove-{11233A17-BFFC-434A-8FC8-2E93369AF008}_is1 - c:\ruby191\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Travis\AppData\Local\Temp\00392D3.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\KISS\000・・003*D*]
"InstallPath"="c:\\KISS\\CustomMaid3D"
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2866E6E9-E538-4CCA-24F4-E8ADBC21FFDC}*]
"iachfliiaaccegggoo"=hex:6a,61,68,6d,69,69,64,63,6a,6c,6d,67,69,66,6e,69,61,6d,
   62,68,00,01
"hamjlphkioinfiik"=hex:6a,61,68,6d,69,69,64,63,6a,6c,6d,67,69,66,6e,69,61,6d,
   62,68,00,fe
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2EA59845-CA17-23B0-9C44-FABF7B5D7DB9}*]
"iagidefolcckddmgej"=hex:6a,61,63,64,70,61,6e,62,6d,63,6a,67,65,63,61,6b,6c,69,
   62,6b,00,01
"hamijfdkphianpkk"=hex:6a,61,63,64,70,61,6e,62,6d,63,6a,67,65,63,61,6b,6c,69,
   62,6b,00,fe
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{37C04182-77AC-72CC-18A9-1A76EC11D2F6}*]
"iakkkeihcdjhgddifa"=hex:6a,61,67,70,67,6c,65,66,66,63,6a,61,65,61,70,66,66,6c,
   6e,6e,00,01
"haammjpdiepmmcah"=hex:6a,61,67,70,67,6c,65,66,66,63,6a,61,65,61,70,66,66,6c,
   6e,6e,00,fe
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6FF5A9FD-ABBC-7DE5-9FDD-0A71F344E06B}*]
"iagecefhklnafogmfo"=hex:6a,61,6e,66,63,66,64,6b,6c,63,6c,6e,64,70,70,68,6e,61,
   6d,6d,00,01
"haafeeoiiaahpaec"=hex:6a,61,6e,66,63,66,64,6b,6c,63,6c,6e,64,70,70,68,6e,61,
   6d,6d,00,01
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86E422D9-568A-0339-A845-1FC6D98B10DB}*]
"hagoihocnebinfol"=hex:6a,61,70,62,6d,69,6f,6d,64,67,68,6c,70,62,69,69,65,6f,
   6a,65,00,01
"iamnobdbobljhglbbh"=hex:69,61,6f,61,63,6a,66,68,68,61,6d,6b,69,61,6b,6e,6f,70,
   00,00
"hahggajlegkiagkb"=hex:70,62,68,62,6e,6d,61,64,65,69,6b,65,6b,69,6d,61,6a,67,
   6b,6e,66,69,6d,61,68,6b,6b,63,6a,6b,63,6d,6a,66,61,62,70,6f,61,6a,6c,63,70,\
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A221D5A5-81D1-3EAC-4B46-DAAAC8BAD6D6}*]
"iafckdkgakalciimed"=hex:6a,61,62,70,65,62,6f,6b,6f,6f,61,62,64,70,6f,70,6f,69,
   65,6c,00,01
"hapamjnkifgiaddd"=hex:6a,61,62,70,65,62,6f,6b,6f,6f,61,62,64,70,6f,70,6f,69,
   65,6c,00,fe
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BF00B639-DD59-9AF0-E15C-5AA4F0EBE69A}*]
"iancllbicbmlfbeego"=hex:6a,61,6a,6e,6f,66,64,66,70,67,6c,6e,64,64,6e,66,6b,64,
   62,6c,00,01
"haddfidjaiakkdjj"=hex:6a,61,6a,6e,6f,66,64,66,70,67,6c,6e,64,64,6e,66,6b,64,
   62,6c,00,01
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"?慴"=hex:bd,28,3a,2c,cc,65,3c,59,b2,5e,be,46,a6,4e,4a,d8,6c,71,9d,3d,b7,74,b2,
   dd,ea,52,c7,8f,f3,ed,de,a8,52,cd,83,90,89,91,d3,43,86,c0,5d,d3,fb,2e,50,ee,\
"?祥"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\SecuROM\License information*]
"datasecu"=hex:2d,7b,fd,da,5c,aa,56,8d,20,59,88,c2,18,45,f9,e2,4a,da,ae,ad,73,
   2b,9c,6c,9c,ab,28,29,d4,e0,49,40,fd,f6,a4,de,f0,a0,5b,25,2b,74,ed,cb,01,b9,\
"rkeysecu"=hex:e4,65,24,4f,04,f9,d3,46,59,90,89,f4,20,07,ff,3f
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{2866E6E9-E538-4CCA-24F4-E8ADBC21FFDC}\InProcServer32*]
"jaijbiedoihljdlbmemd"=hex:6a,61,68,6d,69,69,64,63,6a,6c,6d,67,69,66,6e,69,61,
   6d,62,68,00,49
"iaijdikmkklkbkemcn"=hex:6a,61,68,6d,69,69,64,63,6a,6c,6d,67,69,66,6e,69,61,6d,
   62,68,00,fe
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{2EA59845-CA17-23B0-9C44-FABF7B5D7DB9}\InProcServer32*]
"jaakeakcmigmbfapobff"=hex:6a,61,63,64,70,61,6e,62,6d,63,6a,67,65,63,61,6b,6c,
   69,62,6b,00,00
"iaakkaachnepmoceoa"=hex:6a,61,63,64,70,61,6e,62,6d,63,6a,67,65,63,61,6b,6c,69,
   62,6b,00,fe
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{37C04182-77AC-72CC-18A9-1A76EC11D2F6}\InProcServer32*]
"jaemhfallbkejimnjikc"=hex:6a,61,67,70,67,6c,65,66,66,63,6a,61,65,61,70,66,66,
   6c,6e,6e,00,00
"iaemnfgkcogbdolkbi"=hex:6a,61,67,70,67,6c,65,66,66,63,6a,61,65,61,70,66,66,6c,
   6e,6e,00,fe
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{6FF5A9FD-ABBC-7DE5-9FDD-0A71F344E06B}\InProcServer32*]
"jamedecfegjflkfmnpcc"=hex:6a,61,6e,66,63,66,64,6b,6c,63,6c,6e,64,70,70,68,6e,
   61,6d,6d,00,00
"iamejjileeikmmmled"=hex:6a,61,6e,66,63,66,64,6b,6c,63,6c,6e,64,70,70,68,6e,61,
   6d,6d,00,01
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{86E422D9-568A-0339-A845-1FC6D98B10DB}\InProcServer32*]
"jacponbngkhbhpmaihlf"=hex:69,61,6f,61,63,6a,66,68,68,61,6d,6b,69,61,6b,6e,6f,
   70,00,01
"iacpichknijbkjeade"=hex:6a,61,70,62,6d,69,6f,6d,64,67,68,6c,70,62,69,69,65,6f,
   6a,65,00,01
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A221D5A5-81D1-3EAC-4B46-DAAAC8BAD6D6}\InProcServer32*]
"jadcfmdjhminnnldjkce"=hex:6a,61,62,70,65,62,6f,6b,6f,6f,61,62,64,70,6f,70,6f,
   69,65,6c,00,49
"iadchmjpihaajcedbe"=hex:6a,61,62,70,65,62,6f,6b,6f,6f,61,62,64,70,6f,70,6f,69,
   65,6c,00,fe
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{BF00B639-DD59-9AF0-E15C-5AA4F0EBE69A}\InProcServer32*]
"jahcklhglekgofgdaafi"=hex:6a,61,6a,6e,6f,66,64,66,70,67,6c,6e,64,64,6e,66,6b,
   64,62,6c,00,00
"iahceljgaingckhoni"=hex:6a,61,6a,6e,6f,66,64,66,70,67,6c,6e,64,64,6e,66,6b,64,
   62,6c,00,01
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-04 00:39:38
ComboFix-quarantined-files.txt 2014-01-04 06:39
.
Pre-Run: 334,848,823,296 bytes free
Post-Run: 334,882,004,992 bytes free
.
- - End Of File - - 70ABA55D2CEFE3700C0C5450EB860507

whatzitooya123 · January 4, 2014

The the ads and music are gone but now im getting an occasional Dcom server process launcher service terminated unexpectedly or plug and play service terminated unexpectedly.

MrCharlie · January 4, 2014

Using ComboFix......

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt, place it next to ComboFix.exe

Refering to the picture above, drag CFScript into ComboFix.exe

CAUTION: Do not mouse-click ComboFix while it is running. It may cause it to stall.

After reboot, (in case it asks to reboot)......

Please provide the contents of the ComboFix log (C:\ComboFix.txt) in your next reply.

MrC

whatzitooya123 · January 4, 2014

ComboFix 14-01-04.03 - Travis 4/2014 Sat 14:21:00.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.932.81.1033.18.8119.5448 [GMT -6:00]
Running from: c:\users\Travis\Desktop\ComboFix.exe
Command switches used :: c:\users\Travis\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
--------------- FCopy ---------------
.
c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll --> c:\windows\system32\rpcss.dll
.
(((((((((((((((((((((((((   Files Created from 2013-12-04 to 2014-01-04 )))))))))))))))))))))))))))))))
.
.
2014-01-04 20:45 . 2014-01-04 20:45   --------   d-----w-   c:\windows\system32\config\systemprofile\AppData\Local\temp
2014-01-04 20:45 . 2014-01-04 20:45   --------   d-----w-   c:\users\UpdatusUser\AppData\Local\temp
2014-01-04 20:45 . 2014-01-04 20:45   --------   d-----w-   c:\users\UpdatusUser.momisboss-PC\AppData\Local\temp
2014-01-04 20:45 . 2014-01-04 20:45   --------   d-----w-   c:\users\mom is boss\AppData\Local\temp
2014-01-04 20:45 . 2014-01-04 20:45   --------   d-----w-   c:\users\hedev\AppData\Local\temp
2014-01-04 20:45 . 2014-01-04 20:45   --------   d-----w-   c:\users\Default\AppData\Local\temp
2014-01-04 20:42 . 2014-01-04 20:42   --------   d-----w-   c:\windows\system32\SPReview
2014-01-04 20:33 . 2014-01-04 20:42   --------   d-----w-   c:\windows\system32\MRT
2014-01-04 00:58 . 2014-01-04 01:05   --------   d-----w-   C:\AdwCleaner
2014-01-04 00:20 . 2014-01-04 00:23   71048   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-01-04 00:20 . 2014-01-04 00:23   692616   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2014-01-03 21:26 . 2014-01-04 00:09   72832   ----a-w-   c:\windows\system32\drivers\ohci1394.sys.bak
2014-01-03 21:04 . 2014-01-03 21:04   --------   d-----w-   c:\program files (x86)\Mozilla Maintenance Service
2014-01-03 17:39 . 2014-01-04 08:35   --------   d-----w-   c:\programdata\Spybot - Search & Destroy
2014-01-03 17:39 . 2014-01-04 08:58   --------   d-----w-   c:\program files (x86)\Spybot - Search & Destroy 2
2014-01-03 07:59 . 2014-01-03 21:23   --------   d-----w-   c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-01-03 07:58 . 2014-01-03 17:07   89304   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-01-03 06:58 . 2014-01-03 16:48   --------   d-----w-   C:\TDSSKiller_Quarantine
2013-12-09 18:22 . 2013-12-10 19:39   --------   d-----w-   c:\programdata\WarThunder
2013-12-09 18:22 . 2013-12-09 18:22   --------   d-----w-   c:\users\Travis\AppData\Local\WarThunder
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-01 20:42 . 2010-12-02 16:13   90708896   ----a-w-   c:\windows\system32\MRT.exe
2013-11-11 02:06 . 2012-10-03 18:56   46368   ----a-w-   c:\windows\system32\drivers\avgtpx64.sys
2013-11-08 20:47 . 2013-11-06 22:15   1064224   ----a-w-   c:\windows\system32\nvspcap64.dll
2013-11-08 20:47 . 2013-11-06 22:15   955168   ----a-w-   c:\windows\SysWow64\nvspcap.dll
2013-11-06 03:55 . 2013-11-06 03:55   150808   ----a-w-   c:\windows\system32\drivers\avgdiska.sys
2013-11-05 03:52 . 2013-11-05 03:52   240920   ----a-w-   c:\windows\system32\drivers\avgidsdrivera.sys
2013-11-01 05:00 . 2013-11-01 05:00   212280   ----a-w-   c:\windows\system32\drivers\avgldx64.sys
2013-11-01 04:49 . 2013-11-01 04:49   294712   ----a-w-   c:\windows\system32\drivers\avgloga.sys
2013-10-25 06:54 . 2013-10-25 06:54   96168   ----a-w-   c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-10-25 04:25 . 2013-10-25 04:25   194872   ----a-w-   c:\windows\system32\drivers\avgidsha.sys
2013-10-23 10:30 . 2013-11-06 22:11   1884448   ----a-w-   c:\windows\system32\nvdispco6433165.dll
2013-10-23 10:30 . 2013-11-06 22:11   1511712   ----a-w-   c:\windows\system32\nvdispgenco6433165.dll
2013-10-23 10:30 . 2013-11-06 22:11   9524088   ----a-w-   c:\windows\SysWow64\nvcuda.dll
2013-10-23 10:30 . 2013-11-06 22:11   9480328   ----a-w-   c:\windows\SysWow64\nvopencl.dll
2013-10-23 10:30 . 2013-11-06 22:11   696096   ----a-w-   c:\windows\system32\NvFBC64.dll
2013-10-23 10:30 . 2013-11-06 22:11   655136   ----a-w-   c:\windows\system32\NvIFR64.dll
2013-10-23 10:30 . 2013-11-06 22:11   599840   ----a-w-   c:\windows\SysWow64\NvFBC.dll
2013-10-23 10:30 . 2013-11-06 22:11   560416   ----a-w-   c:\windows\SysWow64\NvIFR.dll
2013-10-23 10:30 . 2013-11-06 22:11   3131680   ----a-w-   c:\windows\system32\nvcuvid.dll
2013-10-23 10:30 . 2013-11-06 22:11   3124512   ----a-w-   c:\windows\system32\nvcuvenc.dll
2013-10-23 10:30 . 2013-11-06 22:11   30344480   ----a-w-   c:\windows\system32\nvoglv64.dll
2013-10-23 10:30 . 2013-11-06 22:11   2946848   ----a-w-   c:\windows\SysWow64\nvcuvid.dll
2013-10-23 10:30 . 2013-11-06 22:11   2747168   ----a-w-   c:\windows\SysWow64\nvcuvenc.dll
2013-10-23 10:30 . 2013-11-06 22:11   25257248   ----a-w-   c:\windows\system32\nvcompiler.dll
2013-10-23 10:30 . 2013-11-06 22:11   22933792   ----a-w-   c:\windows\SysWow64\nvoglv32.dll
2013-10-23 10:30 . 2013-11-06 22:11   18199872   ----a-w-   c:\windows\system32\nvd3dumx.dll
2013-10-23 10:30 . 2013-11-06 22:11   17560352   ----a-w-   c:\windows\SysWow64\nvcompiler.dll
2013-10-23 10:30 . 2013-11-06 22:11   12572960   ----a-w-   c:\windows\system32\drivers\nvlddmkm.sys
2013-10-23 10:30 . 2013-11-06 22:11   11426568   ----a-w-   c:\windows\system32\nvcuda.dll
2013-10-23 10:30 . 2013-11-06 22:11   11374520   ----a-w-   c:\windows\system32\nvopencl.dll
2013-10-23 10:30 . 2011-12-23 18:41   15855568   ----a-w-   c:\windows\SysWow64\nvwgf2um.dll
2013-10-23 10:30 . 2010-11-10 18:53   18286416   ----a-w-   c:\windows\system32\nvwgf2umx.dll
2013-10-23 10:30 . 2010-11-10 18:53   15212336   ----a-w-   c:\windows\SysWow64\nvd3dum.dll
2013-10-23 10:30 . 2010-11-10 18:53   3067560   ----a-w-   c:\windows\system32\nvapi64.dll
2013-10-23 10:30 . 2010-11-10 18:53   2695200   ----a-w-   c:\windows\SysWow64\nvapi.dll
2013-10-23 09:02 . 2013-10-23 09:02   589600   ----a-w-   c:\windows\SysWow64\nvStreaming.exe
2013-10-23 08:20 . 2011-12-23 18:42   6669600   ----a-w-   c:\windows\system32\nvcpl.dll
2013-10-23 08:20 . 2011-12-23 18:42   3489568   ----a-w-   c:\windows\system32\nvsvc64.dll
2013-10-23 08:20 . 2011-12-23 18:42   922912   ----a-w-   c:\windows\system32\nvvsvc.exe
2013-10-23 08:20 . 2011-12-23 18:42   63776   ----a-w-   c:\windows\system32\nvshext.dll
2013-10-23 08:20 . 2011-12-23 18:42   219424   ----a-w-   c:\windows\system32\nvmctray.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll" [2013-04-01 1500440]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2013-12-11 1823656]
"Akamai NetSession Interface"="c:\users\Travis\AppData\Local\Akamai\netsession_win.exe" [2013-06-05 4489472]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ShwiconXP9106"="c:\program files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe" [2009-07-17 237568]
"THX Audio Control Panel"="c:\program files (x86)\Creative\THX TruStudio PC\THXAudioCP\THXAudio.exe" [2009-12-01 963584]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"Intel AppUp(SM) center"="c:\program files (x86)\Intel\IntelAppStore\bin\serviceManager.lnk" [2011-02-11 1308]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-11-11 288088]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2013-11-08 4956176]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"InstaLAN"="c:\program files (x86)\Belkin\Router Setup and Monitor\BelkinRouterMonitor.exe" [2010-07-28 1485208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\Scheduler\Launcher.exe" [2010-08-12 163040]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallDeleteDir"="rmdir" [X]
.
c:\users\mom is boss\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-12-15 1324384]
.
c:\users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-12-15 1324384]
.
c:\users\Travis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GameRanger.lnk - c:\users\Travis\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe /autostart [2013-6-19 1824928]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-12-15 1324384]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute   REG_MULTI_SZ     autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SessionLauncher;SessionLauncher; [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dump_wmimmc;dump_wmimmc;c:\program files (x86)\SEGA\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys;c:\program files (x86)\SEGA\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys;c:\windows\SYSNATIVE\DRIVERS\Impcd.sys [x]
R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0;PCDSRVC{1E208CE0-FB7451FF-06020101}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms;c:\program files\dell support center\pcdsrvc_x64.pkms [x]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
R3 sj;sj;c:\aeriagames\EdenEternal\sjcs64.sys;c:\aeriagames\EdenEternal\sjcs64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R3 X6va003;X6va003;c:\users\Travis\AppData\Local\Temp\00392D3.tmp;c:\users\Travis\AppData\Local\Temp\00392D3.tmp [x]
R4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 Belkin Local Backup Service;Belkin Local Backup Service;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\BkBackupScheduler.exe [x]
S2 Belkin Network USB Helper;Belkin Network USB Helper;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe;c:\program files\Belkin\Belkin USB Print and Storage Center\Bkapcs.exe [x]
S2 DAZContentManagementService;DAZ Content Management Service;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe ;c:\program files\DAZ 3D\Content Management Service\ContentManagementServer.exe [x]
S2 DockLoginService;Dock Login Service;c:\program files\Dell\DellDock\DockLogin.exe;c:\program files\Dell\DellDock\DockLogin.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);c:\program files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 SftService;SoftThinks Agent Service;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE;c:\program files (x86)\Dell DataSafe Local Backup\sftservice.EXE [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 sxuptp;SXUPTP Driver;c:\windows\system32\DRIVERS\sxuptp.sys;c:\windows\SYSNATIVE\DRIVERS\sxuptp.sys [x]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys;c:\windows\SYSNATIVE\DRIVERS\k57nd60a.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-04 00:23]
.
2011-08-16 c:\windows\Tasks\ParetoLogic Registration.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2011-08-02 c:\windows\Tasks\PCDoctorBackgroundMonitorTask.job
- c:\program files\Dell Support Center\uaclauncher.exe [2010-08-05 23:47]
.
2011-08-17 c:\windows\Tasks\SystemToolsDailyTest.job
- c:\program files\Dell Support Center\pcdrcui.exe [2010-08-05 23:47]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-07 8158240]
"RunDLLEntry_THXCfg"="c:\windows\system32\THXCfg64.dll" [2009-10-15 17920]
"RunDLLEntry_EptMon"="c:\windows\system32\EptMon64.dll" [2009-10-15 21504]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-11-08 1064224]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm

uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MIF5BA~1\OFFICE11\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949}
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 24.159.64.23 24.217.201.67 24.177.176.38
FF - ProfilePath - c:\users\Travis\AppData\Roaming\Mozilla\Firefox\Profiles\2h32hi3a.default\
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{8232785C-5C98-4A6E-B7B4-911FFBED7582} - (no file)
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
AddRemove-GetSavin - c:\users\Travis\AppData\Local\getsavin\uninst.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020101}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va003]
"ImagePath"="\??\c:\users\Travis\AppData\Local\Temp\00392D3.tmp"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\KISS\000・・003*D*]
"InstallPath"="c:\\KISS\\CustomMaid3D"
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2866E6E9-E538-4CCA-24F4-E8ADBC21FFDC}*]
"iachfliiaaccegggoo"=hex:6a,61,68,6d,69,69,64,63,6a,6c,6d,67,69,66,6e,69,61,6d,
   62,68,00,01
"hamjlphkioinfiik"=hex:6a,61,68,6d,69,69,64,63,6a,6c,6d,67,69,66,6e,69,61,6d,
   62,68,00,fe
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{2EA59845-CA17-23B0-9C44-FABF7B5D7DB9}*]
"iagidefolcckddmgej"=hex:6a,61,63,64,70,61,6e,62,6d,63,6a,67,65,63,61,6b,6c,69,
   62,6b,00,01
"hamijfdkphianpkk"=hex:6a,61,63,64,70,61,6e,62,6d,63,6a,67,65,63,61,6b,6c,69,
   62,6b,00,fe
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{37C04182-77AC-72CC-18A9-1A76EC11D2F6}*]
"iakkkeihcdjhgddifa"=hex:6a,61,67,70,67,6c,65,66,66,63,6a,61,65,61,70,66,66,6c,
   6e,6e,00,01
"haammjpdiepmmcah"=hex:6a,61,67,70,67,6c,65,66,66,63,6a,61,65,61,70,66,66,6c,
   6e,6e,00,fe
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{6FF5A9FD-ABBC-7DE5-9FDD-0A71F344E06B}*]
"iagecefhklnafogmfo"=hex:6a,61,6e,66,63,66,64,6b,6c,63,6c,6e,64,70,70,68,6e,61,
   6d,6d,00,01
"haafeeoiiaahpaec"=hex:6a,61,6e,66,63,66,64,6b,6c,63,6c,6e,64,70,70,68,6e,61,
   6d,6d,00,01
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{86E422D9-568A-0339-A845-1FC6D98B10DB}*]
"hagoihocnebinfol"=hex:6a,61,70,62,6d,69,6f,6d,64,67,68,6c,70,62,69,69,65,6f,
   6a,65,00,01
"iamnobdbobljhglbbh"=hex:69,61,6f,61,63,6a,66,68,68,61,6d,6b,69,61,6b,6e,6f,70,
   00,00
"hahggajlegkiagkb"=hex:70,62,68,62,6e,6d,61,64,65,69,6b,65,6b,69,6d,61,6a,67,
   6b,6e,66,69,6d,61,68,6b,6b,63,6a,6b,63,6d,6a,66,61,62,70,6f,61,6a,6c,63,70,\
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{A221D5A5-81D1-3EAC-4B46-DAAAC8BAD6D6}*]
"iafckdkgakalciimed"=hex:6a,61,62,70,65,62,6f,6b,6f,6f,61,62,64,70,6f,70,6f,69,
   65,6c,00,01
"hapamjnkifgiaddd"=hex:6a,61,62,70,65,62,6f,6b,6f,6f,61,62,64,70,6f,70,6f,69,
   65,6c,00,fe
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{BF00B639-DD59-9AF0-E15C-5AA4F0EBE69A}*]
"iancllbicbmlfbeego"=hex:6a,61,6a,6e,6f,66,64,66,70,67,6c,6e,64,64,6e,66,6b,64,
   62,6c,00,01
"haddfidjaiakkdjj"=hex:6a,61,6a,6e,6f,66,64,66,70,67,6c,6e,64,64,6e,66,6b,64,
   62,6c,00,01
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"?慴"=hex:bd,28,3a,2c,cc,65,3c,59,b2,5e,be,46,a6,4e,4a,d8,6c,71,9d,3d,b7,74,b2,
   dd,ea,52,c7,8f,f3,ed,de,a8,52,cd,83,90,89,91,d3,43,86,c0,5d,d3,fb,2e,50,ee,\
"?祥"=hex:69,6f,5c,46,6a,89,f9,ee,2d,48,e0,10,87,42,1e,12
.
[HKEY_USERS\S-1-5-21-1737241711-4109531914-1981917735-1001\Software\SecuROM\License information*]
"datasecu"=hex:2d,7b,fd,da,5c,aa,56,8d,20,59,88,c2,18,45,f9,e2,4a,da,ae,ad,73,
   2b,9c,6c,9c,ab,28,29,d4,e0,49,40,fd,f6,a4,de,f0,a0,5b,25,2b,74,ed,cb,01,b9,\
"rkeysecu"=hex:e4,65,24,4f,04,f9,d3,46,59,90,89,f4,20,07,ff,3f
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{2866E6E9-E538-4CCA-24F4-E8ADBC21FFDC}\InProcServer32*]
"jaijbiedoihljdlbmemd"=hex:6a,61,68,6d,69,69,64,63,6a,6c,6d,67,69,66,6e,69,61,
   6d,62,68,00,49
"iaijdikmkklkbkemcn"=hex:6a,61,68,6d,69,69,64,63,6a,6c,6d,67,69,66,6e,69,61,6d,
   62,68,00,fe
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{2EA59845-CA17-23B0-9C44-FABF7B5D7DB9}\InProcServer32*]
"jaakeakcmigmbfapobff"=hex:6a,61,63,64,70,61,6e,62,6d,63,6a,67,65,63,61,6b,6c,
   69,62,6b,00,00
"iaakkaachnepmoceoa"=hex:6a,61,63,64,70,61,6e,62,6d,63,6a,67,65,63,61,6b,6c,69,
   62,6b,00,fe
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{37C04182-77AC-72CC-18A9-1A76EC11D2F6}\InProcServer32*]
"jaemhfallbkejimnjikc"=hex:6a,61,67,70,67,6c,65,66,66,63,6a,61,65,61,70,66,66,
   6c,6e,6e,00,00
"iaemnfgkcogbdolkbi"=hex:6a,61,67,70,67,6c,65,66,66,63,6a,61,65,61,70,66,66,6c,
   6e,6e,00,fe
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{6FF5A9FD-ABBC-7DE5-9FDD-0A71F344E06B}\InProcServer32*]
"jamedecfegjflkfmnpcc"=hex:6a,61,6e,66,63,66,64,6b,6c,63,6c,6e,64,70,70,68,6e,
   61,6d,6d,00,00
"iamejjileeikmmmled"=hex:6a,61,6e,66,63,66,64,6b,6c,63,6c,6e,64,70,70,68,6e,61,
   6d,6d,00,01
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{86E422D9-568A-0339-A845-1FC6D98B10DB}\InProcServer32*]
"jacponbngkhbhpmaihlf"=hex:69,61,6f,61,63,6a,66,68,68,61,6d,6b,69,61,6b,6e,6f,
   70,00,01
"iacpichknijbkjeade"=hex:6a,61,70,62,6d,69,6f,6d,64,67,68,6c,70,62,69,69,65,6f,
   6a,65,00,01
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A221D5A5-81D1-3EAC-4B46-DAAAC8BAD6D6}\InProcServer32*]
"jadcfmdjhminnnldjkce"=hex:6a,61,62,70,65,62,6f,6b,6f,6f,61,62,64,70,6f,70,6f,
   69,65,6c,00,49
"iadchmjpihaajcedbe"=hex:6a,61,62,70,65,62,6f,6b,6f,6f,61,62,64,70,6f,70,6f,69,
   65,6c,00,fe
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{BF00B639-DD59-9AF0-E15C-5AA4F0EBE69A}\InProcServer32*]
"jahcklhglekgofgdaafi"=hex:6a,61,6a,6e,6f,66,64,66,70,67,6c,6e,64,64,6e,66,6b,
   64,62,6c,00,00
"iahceljgaingckhoni"=hex:6a,61,6a,6e,6f,66,64,66,70,67,6c,6e,64,64,6e,66,6b,64,
   62,6c,00,01
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-01-04 14:52:44
ComboFix-quarantined-files.txt 2014-01-04 20:52
ComboFix2.txt 2014-01-04 06:39
.
Pre-Run: 339,291,447,296 bytes free
Post-Run: 338,395,021,312 bytes free
.
- - End Of File - - BDD44CA6A34419F0FE3B43BFEF3CE24F

MrCharlie · January 4, 2014

How is it now?? MrC

whatzitooya123 · January 4, 2014

well i had to shutdown -a before the plug and play shut my pc down before combofix could finish so i had to restart anyway not sure if that particualr issue is fixed yet.

MrCharlie · January 4, 2014

I'm not sure what you mean by that....MrC

whatzitooya123 · January 4, 2014

The the ads and music are gone but now im getting an occasional Dcom server process launcher service terminated unexpectedly or plug and play service terminated unexpectedly.

This.

MrCharlie · January 4, 2014

The last ComboFix run should have fixed that.

Please run another scan with ComboFix and post the new log.

MrC

whatzitooya123 · January 4, 2014

Will do regular scan or with the file?

Audio ads and music playing from Host process for windows services

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information