Jump to content

Help with Malware


Recommended Posts

I've been getting random popups for a while now. Here's the txt files:

 

DSS.txt

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Willy at 13:48:58 on 2014-01-06
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3990.1567 [GMT -8:00]
.
AV: Norton Internet Security *Disabled/Outdated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Norton Internet Security *Disabled/Outdated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\system32\WLANExt.exe
C:\windows\system32\atieclxx.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\windows\System32\spoolsv.exe
C:\windows\system32\taskhost.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\windows\system32\taskeng.exe
C:\windows\SysWOW64\Rundll32.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\Samsung\Easy Support Center\SamoyedAgent.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\svchost.exe -k bthsvcs
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Samsung\Kies\Kies.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe
C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
C:\windows\system32\igfxext.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\iTunes\iTunesHelper.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Willy\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Yahoo Messenger.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\windows\system32\hkcmd.exe
C:\windows\system32\igfxpers.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\windows\system32\sppsvc.exe
C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\servicing\TrustedInstaller.exe
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\windows\splwow64.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>;*.local
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [Akamai NetSession Interface] "C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe"
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [GoogleChromeAutoLaunch_8DA596FF221A729A001D3B810DEE4BC8] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "D:\iTunes\iTunesHelper.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
dRunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect"
StartupFolder: C:\Users\Willy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Willy\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Willy\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\YAHOOM~1.LNK - C:\Program Files (x86)\Yahoo Messenger.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\WDDMST~1.LNK - C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 137.82.1.2 142.103.1.42
TCP: Interfaces\{3FBE32D7-401A-48D1-B26C-DA9131690090} : DHCPNameServer = 137.82.1.2 142.103.1.42
TCP: Interfaces\{3FBE32D7-401A-48D1-B26C-DA9131690090}\0527F667964656E63656022416970275946494 : DHCPNameServer = 192.168.0.254
TCP: Interfaces\{3FBE32D7-401A-48D1-B26C-DA9131690090}\572636375636572756 : DHCPNameServer = 137.82.1.2 142.103.1.42
TCP: Interfaces\{7266E235-2A0B-4650-A2D8-E03C1B1BE011} : DHCPNameServer = 137.82.1.2 142.103.1.42
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: sUerf iandd. kEep: {7C021C07-7CB2-4194-1568-66178E51E2A4} - C:\Program Files (x86)\sUerf iandd. kEep\2zE23p_Y.x64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\windows\System32\drivers\amdkmpfd.sys [2012-3-19 32896]
R0 aswRvrt;avast! Revert;C:\windows\System32\drivers\aswRvrt.sys [2013-10-6 65776]
R0 aswVmm;avast! VM Monitor;C:\windows\System32\drivers\aswVmm.sys [2013-10-6 205320]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\windows\System32\drivers\iusb3hcs.sys [2012-2-27 16152]
R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-10-6 1032416]
R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-10-6 409832]
R1 SABI;SAMSUNG Kernel Driver For Windows 7;C:\windows\System32\drivers\SABI.sys [2012-6-5 13824]
R2 AMD External Events Utility;AMD External Events Utility;C:\windows\System32\atiesrxx.exe [2012-4-17 235520]
R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-10-6 38984]
R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-10-6 84328]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-3-9 107648]
R2 Autodesk Content Service;Autodesk Content Service;C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2012-1-30 19232]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-12-13 50344]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2013-12-5 113424]
R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2013-12-5 385808]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-6-5 13592]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-3-6 629984]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-6-5 127320]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-6-5 164184]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-8-6 418376]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-8-6 701512]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe [2013-8-3 138272]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-5-31 2804568]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [2012-6-5 31624]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-6-5 362840]
R2 WDDMService;WDDMService;C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-3-8 288768]
R2 WDFME;WD File Management Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-3-8 1066896]
R2 WDSC;WD File Management Shadow Engine;C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-3-8 491920]
R2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [2012-3-9 163456]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\windows\System32\drivers\btath_flt.sys [2012-3-9 36480]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [2013-9-23 1525848]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\windows\System32\drivers\btath_a2dp.sys [2012-3-9 340096]
R3 btath_avdt;Atheros Bluetooth AVDT Service;C:\windows\System32\drivers\btath_avdt.sys [2012-3-9 111232]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\windows\System32\drivers\btath_bus.sys [2012-3-9 30848]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\windows\System32\drivers\btath_hcrp.sys [2012-3-9 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\windows\System32\drivers\btath_lwflt.sys [2012-3-9 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\windows\System32\drivers\btath_rcp.sys [2012-3-9 281472]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\drivers\NISx64\1309010.00E\ccsetx64.sys [2013-8-3 167072]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\windows\System32\drivers\clwvd.sys [2012-2-16 31216]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-8-28 140376]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20131004.001\IDSviA64.sys [2013-10-4 520280]
R3 IntcDAud;Intel® Display Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-12-5 331264]
R3 intelkmd;intelkmd;C:\windows\System32\drivers\igdpmd64.sys [2012-3-26 14748416]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\windows\System32\drivers\iusb3hub.sys [2012-2-27 356120]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\windows\System32\drivers\iusb3xhc.sys [2012-2-27 788760]
R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2013-8-6 25928]
R3 RTL8167;Realtek 8167 NT Driver;C:\windows\System32\drivers\Rt64win7.sys [2012-6-5 685160]
R3 SymDS;Symantec Data Store;C:\windows\System32\drivers\NISx64\1309010.00E\symds64.sys [2013-8-3 451192]
R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\drivers\NISx64\1309010.00E\symefa64.sys [2013-8-3 1129120]
R3 SymIRON;Symantec Iron Driver;C:\windows\System32\drivers\NISx64\1309010.00E\ironx64.sys [2013-8-3 190072]
R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\drivers\NISx64\1309010.00E\symnets.sys [2013-8-3 405624]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2013-12-5 402192]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\windows\System32\drivers\ssudbus.sys [2013-10-28 107288]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2013-8-6 1432400]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2013-12-12 111616]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUVStor.sys [2012-6-5 314472]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\windows\System32\drivers\ssadbus.sys [2013-8-2 169288]
S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\windows\System32\drivers\ssadmdfl.sys [2013-8-2 21320]
S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\windows\System32\drivers\ssadmdm.sys [2013-8-2 188232]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\windows\System32\drivers\ssudmdm.sys [2013-10-28 204568]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2012-12-12 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2013-8-3 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .scr: AutoCADScriptFile=C:\windows\System32\notepad.exe "%1"
.
=============== Created Last 30 ================
.
2014-01-05 23:38:01 -------- d-----w- C:\Users\Willy\AppData\Local\CyberLink
2013-12-27 07:36:22 -------- d-----w- C:\Program Files (x86)\Microsoft XNA
2013-12-26 06:57:04 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2013-12-25 05:30:59 -------- d-----w- C:\windows\SysWow64\SearchProtect
2013-12-25 05:30:54 -------- d-----w- C:\Users\Willy\AppData\Local\SearchProtect
2013-12-25 05:30:11 -------- d-----w- C:\Program Files (x86)\uTorrentControl_v6
2013-12-19 01:09:12 -------- d-----w- C:\Program Files (x86)\BlueStacks
2013-12-19 01:08:23 -------- d-----w- C:\ProgramData\BlueStacksSetup
2013-12-19 01:08:16 -------- d-----w- C:\ProgramData\BlueStacks
2013-12-17 07:13:17 -------- d-----w- C:\Program Files (x86)\MyFree Codec
2013-12-14 22:46:31 -------- d-----w- C:\Users\Willy\AppData\Roaming\AVAST Software
2013-12-14 06:06:33 -------- d-----w- C:\ProgramData\Conduit
2013-12-14 06:05:48 -------- d-----w- C:\Users\Willy\AppData\Local\NativeMessaging
2013-12-14 06:05:45 -------- d-----w- C:\Users\Willy\AppData\Local\Conduit
2013-12-14 06:05:42 -------- d-----w- C:\Users\Willy\AppData\Local\CRE
2013-12-14 06:05:41 -------- d-----w- C:\Program Files (x86)\Conduit
2013-12-12 19:33:56 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe
2013-12-12 19:33:56 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe
2013-12-12 19:33:55 12625920 ----a-w- C:\windows\System32\wmploc.DLL
2013-12-12 19:33:55 12625408 ----a-w- C:\windows\SysWow64\wmploc.DLL
2013-12-12 19:32:02 2724864 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-12-12 19:32:02 2724864 ----a-w- C:\windows\System32\mshtml.tlb
2013-12-12 19:32:01 353280 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
2013-12-12 19:32:01 293072 ----a-w- C:\Program Files\Internet Explorer\sqmapi.dll
2013-12-12 19:32:01 235216 ----a-w- C:\Program Files (x86)\Internet Explorer\sqmapi.dll
2013-12-12 19:32:00 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2013-12-12 19:32:00 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll
2013-12-12 19:32:00 270848 ----a-w- C:\Program Files (x86)\Internet Explorer\ieproxy.dll
2013-12-12 19:32:00 251392 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
2013-12-11 20:13:19 335360 ----a-w- C:\windows\System32\msieftp.dll
2013-12-11 20:13:19 301568 ----a-w- C:\windows\SysWow64\msieftp.dll
2013-12-11 20:13:18 3155968 ----a-w- C:\windows\System32\win32k.sys
2013-12-11 20:13:16 417792 ----a-w- C:\windows\SysWow64\WMPhoto.dll
2013-12-11 20:13:15 465920 ----a-w- C:\windows\System32\WMPhoto.dll
2013-12-11 20:13:13 81408 ----a-w- C:\windows\System32\imagehlp.dll
2013-12-11 20:13:13 159232 ----a-w- C:\windows\SysWow64\imagehlp.dll
2013-12-11 20:13:06 2048 ----a-w- C:\windows\SysWow64\tzres.dll
2013-12-11 20:13:06 2048 ----a-w- C:\windows\System32\tzres.dll
2013-12-11 20:12:59 230400 ----a-w- C:\windows\System32\drivers\portcls.sys
2013-12-11 20:12:59 116736 ----a-w- C:\windows\System32\drivers\drmk.sys
2013-12-11 20:12:58 202752 ----a-w- C:\windows\System32\scrrun.dll
2013-12-11 20:12:58 156160 ----a-w- C:\windows\System32\cscript.exe
2013-12-11 20:12:58 150016 ----a-w- C:\windows\System32\wshom.ocx
2013-12-11 20:12:58 121856 ----a-w- C:\windows\SysWow64\wshom.ocx
2013-12-11 20:12:57 168960 ----a-w- C:\windows\System32\wscript.exe
2013-12-11 20:12:57 163840 ----a-w- C:\windows\SysWow64\scrrun.dll
2013-12-11 20:12:57 141824 ----a-w- C:\windows\SysWow64\wscript.exe
2013-12-11 20:12:57 126976 ----a-w- C:\windows\SysWow64\cscript.exe
.
==================== Find3M  ====================
.
2013-12-14 06:53:01 84328 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2013-12-14 06:53:01 65776 ----a-w- C:\windows\System32\drivers\aswRvrt.sys
2013-12-14 06:53:01 205320 ----a-w- C:\windows\System32\drivers\aswVmm.sys
2013-12-14 06:53:01 1032416 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2013-12-14 06:53:00 92544 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2013-12-14 06:52:59 43152 ----a-w- C:\windows\avastSS.scr
2013-12-11 10:38:36 692616 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 10:38:35 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-11-26 09:48:07 66048 ----a-w- C:\windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\windows\System32\ieetwproxystub.dll
2013-11-26 09:18:39 139264 ----a-w- C:\windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\windows\SysWow64\wininet.dll
2013-11-09 20:29:14 336 ----a-w- C:\windows\SysWow64\dpcqrxe.dll
2013-11-09 20:29:14 100 ----a-w- C:\windows\SysWow64\prsgrc.dll
2013-11-09 20:06:17 1024 ----a-w- C:\windows\SysWow64\vukeuhm.dll
2013-11-09 20:06:13 72 ----a-w- C:\windows\SysWow64\ssprs.dll
2013-11-09 20:06:13 1024 ----a-w- C:\windows\SysWow64\grcauth2.dll
2013-11-09 20:06:13 1024 ----a-w- C:\windows\SysWow64\grcauth1.dll
2013-11-09 20:06:13 1024 ----a-w- C:\windows\SysWow64\clauth2.dll
2013-11-09 20:06:13 1024 ----a-w- C:\windows\SysWow64\clauth1.dll
2013-10-28 09:12:12 204568 ----a-w- C:\windows\System32\drivers\ssudmdm.sys
2013-10-28 09:12:10 107288 ----a-w- C:\windows\System32\drivers\ssudbus.sys
2013-10-12 02:30:42 830464 ----a-w- C:\windows\System32\nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:\windows\System32\IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:\windows\System32\FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:\windows\SysWow64\nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:\windows\SysWow64\FWPUCLNT.DLL
2013-01-09 11:25:05 424299 ----a-w- C:\Program Files (x86)\Yahoo Messenger.exe
.
============= FINISH: 13:50:21.06 ===============
 
 
Attach.txt
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium 
Boot Device: \Device\HarddiskVolume1
Install Date: 8/2/2013 2:40:42 AM
System Uptime: 1/6/2014 1:40:17 PM (0 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. |  | NP350V4C-E01HK
Processor: Intel® Core i5-3210M CPU @ 2.50GHz | SOCKET 0 | 1175/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 100 GiB total, 28.631 GiB free.
D: is FIXED (NTFS) - 807 GiB total, 698.607 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP81: 12/26/2013 11:35:33 PM - Installed Microsoft XNA Framework Redistributable 4.0
RP82: 1/1/2014 5:19:26 PM - Removed Ragnarok Online
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.05)
Agatha Christie - Death on the Nile
Akamai NetSession Interface
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArchiCAD 16 USA
Atheros Bluetooth Suite (64)
Atheros Client Installation Program
AutoCAD Civil 3D 2013
AutoCAD Civil 3D 2013 - English
AutoCAD Civil 3D 2013 Language Pack - English
Autodesk Content Service
Autodesk Content Service Language Pack
Autodesk Download Manager
Autodesk Material Library 2013
Autodesk Material Library Base Resolution Image Library 2013
Autodesk Sync
avast! Free Antivirus
Bejeweled 2 Deluxe
BlueStacks App Player
BlueStacks Notification Center
Bonjour
Borderlands 2
Build-a-lot
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
Catalyst Control Center Profiles Mobile
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Chuzzle Deluxe
Compatibility Pack for the 2007 Office system
CyberLink Media Suite
CyberLink Media+ Player10
CyberLink MediaShow
CyberLink Power2Go
CyberLink PowerDirector
CyberLink YouCam
D3DX10
Diner Dash 2 Restaurant Rescue
Dropbox
E-POP
Easy File Share
Easy Migration
Easy Settings
Easy Software Manager
Easy Support Center
ERUNT 1.1j
ESET Online Scanner v3
Farm Frenzy
FARO LS 1.1.406.58
foobar2000 v1.2.9
Freemake Video Converter version 4.0.3
Google Chrome
Google Earth
Google Update Helper
Insaniquarium Deluxe
Intel® Control Center
Intel® Display Audio Driver
Intel® Manageability Engine Firmware Recovery Agent
Intel® Management Engine Components
Intel® Rapid Storage Technology
Intel® USB 3.0 eXtensible Host Controller Driver
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 25
Java 7 Update 45
Java Auto Updater
John Deere Drive Green
Junk Mail filter update
Left 4 Dead 2
LINE
Malwarebytes Anti-Malware version 1.75.0.1300
Mass Effect™ 3
Mesh Runtime
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 2010
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP2 ENU
Microsoft SQL Server Compact 3.5 SP2 x64 ENU
Microsoft Visual Basic PowerPacks 10.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft XNA Framework Redistributable 4.0
MSVCRT
MSVCRT_amd64
Multimedia POP
MyFreeCodec
Norton Internet Security
Norton Online Backup
NVIDIA PhysX
Origin
Peggle
Penguins!
Plants vs. Zombies
Polar Golfer
PX Profile Update
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
RISA-2D Educational
Samsung Kies
Samsung Recovery Solution 5
Samsung Story Album Viewer
SAMSUNG USB Driver for Mobile Phones
SAP2000 15
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition 
SimCity™
SketchUp 2013
Skype Click to Call
Skype™ 6.11
Software Launcher
Steam
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Terraria
TweetDeck
Unity Web Player
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
User Guide
VLC media player 2.1.1
WD SmartWare
WildTangent Games
WildTangent ORB Game Console
Windows Driver Package - Broadcom (BCM43XX) Net  (07/01/2011 5.100.82.95)
Windows Live ???
Windows Live ????
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 5.00 beta 7 (64-bit)
Zuma Deluxe
.
==== Event Viewer Messages From Past Week ========
.
1/6/2014 12:23:49 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the WD File Management Shadow Engine service to connect.
1/6/2014 12:23:49 PM, Error: Service Control Manager [7000]  - The WD File Management Shadow Engine service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/6/2014 12:22:19 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the BlueStacks Log Rotator Service service to connect.
1/6/2014 12:22:19 PM, Error: Service Control Manager [7000]  - The BlueStacks Log Rotator Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/6/2014 12:21:41 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Autodesk Content Service service to connect.
1/6/2014 12:21:41 PM, Error: Service Control Manager [7000]  - The Autodesk Content Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/6/2014 11:00:24 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Apple Mobile Device service to connect.
1/6/2014 11:00:24 AM, Error: Service Control Manager [7000]  - The Apple Mobile Device service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/6/2014 1:43:07 PM, Error: Service Control Manager [7023]  - The BlueStacks Android Service service terminated with the following error:  An exception occurred in the service when handling the control request.
1/5/2014 3:33:01 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the WD File Management Engine service to connect.
1/5/2014 3:33:01 PM, Error: Service Control Manager [7000]  - The WD File Management Engine service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

  • 2 weeks later...

Hello NoWayIn! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Step 1

I notice that you are using more than one antivirus program.

  • avast! Free Antivirus
  • Norton Internet Security
  • This is very dangerous, as multiple Antivirus programs can interfere with one another and actually allow more viruses to get through. It is important that only one antivirus program is running realtime protection. Please uninstall one of them and reboot your system.

    Step 2

    Download OTL to your Desktop

    • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
    • Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
      • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
      • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.
Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

OTL.txt

 

OTL logfile created on: 1/26/2014 11:41:33 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Willy\Desktop\malwarestuff
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.90 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 48.44% Memory free
7.79 Gb Paging File | 4.99 Gb Available in Paging File | 64.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99.90 Gb Total Space | 29.32 Gb Free Space | 29.34% Space Free | Partition Type: NTFS
Drive D: | 806.51 Gb Total Space | 700.26 Gb Free Space | 86.83% Space Free | Partition Type: NTFS
 
Computer Name: WILLY-PC | User Name: Willy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/01/25 00:07:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Willy\Desktop\malwarestuff\OTL.exe
PRC - [2014/01/13 07:48:55 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/13 07:48:55 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/11 02:29:23 | 000,866,584 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/01/02 16:46:10 | 030,714,328 | ---- | M] (Dropbox, Inc.) -- C:\Users\Willy\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2013/12/20 22:04:26 | 001,423,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2013/12/20 22:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/11 01:52:06 | 000,311,152 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PRC - [2013/12/11 01:52:04 | 001,564,528 | ---- | M] (Samsung) -- C:\Program Files (x86)\Samsung\Kies\Kies.exe
PRC - [2013/12/08 15:20:19 | 000,223,112 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
PRC - [2013/12/05 13:36:46 | 000,811,792 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2013/06/04 09:01:52 | 004,489,472 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe
PRC - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2013/04/04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2013/01/31 22:50:22 | 001,641,368 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
PRC - [2013/01/09 03:25:05 | 000,424,299 | ---- | M] () -- C:\Program Files (x86)\Yahoo Messenger.exe
PRC - [2012/06/15 18:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccsvchst.exe
PRC - [2012/04/18 02:50:02 | 000,362,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/04/18 02:49:58 | 000,276,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/04/18 02:49:38 | 000,127,320 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
PRC - [2012/04/18 02:49:14 | 000,164,184 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/04/16 15:15:46 | 001,113,992 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
PRC - [2012/04/12 02:16:18 | 002,796,112 | ---- | M] (Samsung Electronics CO., LTD.) -- C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
PRC - [2012/03/26 22:10:32 | 002,277,768 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
PRC - [2012/03/26 03:25:04 | 000,648,512 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
PRC - [2012/03/09 00:33:54 | 000,163,456 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2012/02/27 03:01:58 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
PRC - [2012/02/16 05:08:06 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012/02/12 22:02:24 | 000,031,624 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe
PRC - [2012/01/30 23:00:00 | 000,784,264 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
PRC - [2012/01/30 22:56:48 | 001,640,328 | ---- | M] (Samsung Electronics) -- C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
PRC - [2012/01/27 21:38:52 | 004,466,256 | ---- | M] (SEC) -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
PRC - [2011/11/29 03:04:56 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/11/29 03:04:54 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2011/03/08 19:41:08 | 001,066,896 | ---- | M] () -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe
PRC - [2010/09/19 19:24:42 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
PRC - [2009/11/01 21:21:26 | 000,103,720 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/01/11 02:29:21 | 000,399,640 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppgooglenaclpluginchrome.dll
MOD - [2014/01/11 02:29:19 | 013,615,896 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
MOD - [2014/01/11 02:29:17 | 004,055,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
MOD - [2014/01/11 02:28:15 | 000,715,544 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
MOD - [2014/01/11 02:28:14 | 000,100,120 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
MOD - [2014/01/11 02:28:11 | 001,634,584 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
MOD - [2014/01/02 16:45:04 | 003,558,400 | ---- | M] () -- C:\Users\Willy\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013/12/18 17:10:43 | 001,357,824 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\d633e37c729c49af66b6e1443e4e8ec0\HD-Agent.ni.exe
MOD - [2013/12/18 17:10:28 | 000,155,136 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\JSON\245880b6686de6f8a8f2e7ebed5cd5f3\JSON.ni.dll
MOD - [2013/12/13 22:52:59 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/10/18 15:55:02 | 025,100,288 | ---- | M] () -- C:\Users\Willy\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/10/10 19:02:34 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\46863d4abf7db3e009962abc8710c945\System.Runtime.Remoting.ni.dll
MOD - [2013/10/10 10:08:37 | 012,436,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2013/10/10 10:08:01 | 003,348,480 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll
MOD - [2013/10/10 10:07:54 | 000,978,432 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2013/10/10 09:09:07 | 018,003,456 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll
MOD - [2013/10/10 09:08:18 | 011,451,904 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll
MOD - [2013/10/10 09:07:38 | 007,070,720 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll
MOD - [2013/10/10 09:07:32 | 003,858,944 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll
MOD - [2013/10/10 09:07:12 | 001,014,272 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll
MOD - [2013/09/12 11:52:38 | 011,914,752 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2013/09/12 11:52:16 | 000,771,584 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2013/08/17 03:57:29 | 000,221,696 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll
MOD - [2013/08/17 03:56:07 | 001,801,728 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll
MOD - [2013/08/17 03:50:55 | 000,487,424 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d4493b0e5a5c6faf89cfeaa5f2a21034\IAStorUtil.ni.dll
MOD - [2013/08/17 03:30:34 | 001,593,344 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/17 03:30:03 | 005,464,064 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/17 03:29:54 | 007,989,760 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/08/15 09:07:35 | 005,628,928 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll
MOD - [2013/08/15 09:07:23 | 009,099,776 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll
MOD - [2013/08/03 04:02:07 | 000,014,336 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6e3778958a8bfd03bf0f2f60c4e25623\IAStorCommon.ni.dll
MOD - [2013/08/03 03:35:26 | 011,499,520 | ---- | M] () -- C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/08/02 10:13:31 | 014,416,896 | ---- | M] () -- C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll
MOD - [2013/04/21 05:44:32 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2013/04/21 05:44:04 | 001,242,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/01/09 03:25:05 | 000,424,299 | ---- | M] () -- C:\Program Files (x86)\Yahoo Messenger.exe
MOD - [2012/09/23 04:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2012/03/26 03:26:14 | 000,500,032 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
MOD - [2012/03/26 03:13:16 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll
MOD - [2012/03/26 03:12:16 | 000,484,864 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll
MOD - [2012/03/26 03:08:38 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll
MOD - [2011/09/08 02:40:10 | 001,645,056 | ---- | M] () -- C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
MOD - [2011/08/16 23:48:24 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll
MOD - [2011/08/16 23:48:22 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll
MOD - [2011/08/16 23:41:36 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll
MOD - [2011/08/15 03:15:44 | 000,382,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll
MOD - [2011/08/15 03:12:04 | 002,603,520 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll
MOD - [2011/08/15 03:12:04 | 001,006,592 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll
MOD - [2011/08/15 02:23:00 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll
MOD - [2011/02/16 08:03:20 | 000,203,776 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll
MOD - [2009/11/01 21:23:36 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
MOD - [2009/11/01 21:20:10 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2006/08/11 19:48:40 | 000,049,152 | ---- | M] () -- C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/01/13 07:48:55 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2013/11/26 01:18:09 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/08/06 04:26:47 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/04/17 14:58:54 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/03/06 09:00:46 | 000,629,984 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2011/03/08 19:10:40 | 000,288,768 | ---- | M] (WDC) [Auto | Running] -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe -- (WDDMService)
SRV:64bit: - [2010/09/22 01:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2014/01/07 13:00:22 | 000,569,768 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/12/20 22:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/11 02:38:36 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/12/05 13:35:50 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2013/12/05 13:35:16 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013/10/09 10:58:16 | 003,275,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/09/05 09:34:30 | 000,171,680 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/06/15 18:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe -- (NIS)
SRV - [2012/04/18 02:50:02 | 000,362,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/04/18 02:49:58 | 000,276,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/04/18 02:49:38 | 000,127,320 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/04/18 02:49:14 | 000,164,184 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/03/26 03:32:22 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/03/09 00:33:54 | 000,163,456 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (ZAtheros Bt&Wlan Coex Agent)
SRV - [2012/03/09 00:11:54 | 000,107,648 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/02/12 22:02:24 | 000,031,624 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe -- (SamsungDeviceConfigurationWinService)
SRV - [2012/01/30 18:46:56 | 000,019,232 | ---- | M] (Autodesk, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2011/11/29 03:04:56 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/03/08 19:41:10 | 000,491,920 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe -- (WDSC)
SRV - [2011/03/08 19:41:08 | 001,066,896 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe -- (WDFME)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/01/13 07:49:58 | 000,079,672 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/01/13 07:48:59 | 001,034,464 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2014/01/13 07:48:59 | 000,422,216 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2014/01/13 07:48:59 | 000,207,904 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/01/13 07:48:59 | 000,078,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2013/12/13 22:53:01 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2013/12/13 22:53:00 | 000,092,544 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2013/10/28 01:12:12 | 000,204,568 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2013/10/28 01:12:10 | 000,107,288 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2013/06/20 16:07:34 | 000,188,232 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)
DRV:64bit: - [2013/06/20 16:07:34 | 000,169,288 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)
DRV:64bit: - [2013/06/20 16:07:34 | 000,021,320 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV:64bit: - [2013/04/04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012/12/12 21:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/20 21:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/05 18:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2012/07/05 18:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2012/06/06 20:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012/06/05 21:00:44 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012/05/21 17:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symefa64.sys -- (SymEFA)
DRV:64bit: - [2012/04/18 02:49:24 | 000,060,184 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/04/17 18:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symnets.sys -- (SymNetS)
DRV:64bit: - [2012/04/17 17:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012/04/17 15:18:34 | 010,857,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/17 13:57:26 | 000,328,704 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/04/08 08:18:54 | 000,429,328 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012/03/26 03:09:54 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012/03/26 03:09:54 | 014,748,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/03/19 13:15:54 | 000,032,896 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2012/03/19 01:43:42 | 000,314,472 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
DRV:64bit: - [2012/03/09 04:41:16 | 000,685,160 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2012/03/09 00:22:18 | 000,281,472 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2012/03/09 00:22:00 | 000,068,736 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2012/03/09 00:21:24 | 000,168,064 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2012/03/09 00:21:06 | 000,036,480 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2012/03/09 00:20:48 | 000,030,848 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2012/03/09 00:20:30 | 000,111,232 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2012/03/09 00:20:12 | 000,340,096 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 03:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 03:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 03:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2012/02/16 05:08:26 | 000,031,216 | ---- | M] (CyberLink Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\clwvd.sys -- (clwvd)
DRV:64bit: - [2011/12/05 12:23:08 | 000,331,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/11/29 02:40:32 | 000,568,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/09/21 21:39:44 | 000,013,824 | ---- | M] (SAMSUNG ELECTRONICS) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SABI.sys -- (SABI)
DRV:64bit: - [2011/08/15 14:51:40 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1309010.00E\symds64.sys -- (SymDS)
DRV:64bit: - [2011/07/05 03:55:30 | 004,745,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2011/03/10 22:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/10 22:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/11/20 19:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 19:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 00:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2013/12/05 13:35:40 | 000,113,424 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2013/09/23 20:37:14 | 001,525,848 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20130924.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/08/28 18:59:18 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20131005.007\ex64.sys -- (NAVEX15)
DRV - [2013/08/28 18:59:18 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/08/28 18:59:18 | 000,140,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/08/28 18:59:18 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20131005.007\eng64.sys -- (NAVENG)
DRV - [2013/08/13 17:30:18 | 000,520,280 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20131004.001\IDSviA64.sys -- (IDSVia64)
DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/?serie=30
IE - HKLM\..\SearchScopes,DefaultScope = {A4BB0820-7323-4923-A175-51DE68638688}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\..\SearchScopes,DefaultScope = {A4BB0820-7323-4923-A175-51DE68638688}
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.globasearch.com/?serie=30&b=3&q={searchTerms}
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\..\SearchScopes\{A4BB0820-7323-4923-A175-51DE68638688}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN39854164181109430&UM=2
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Willy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ [2013/08/02 01:43:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ [2014/01/26 22:43:14 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013/08/02 06:37:23 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java Platform SE 7 U45 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Willy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Google Docs = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Missing e = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
CHR - Extension: Turn Off the Lights = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.5_0\
CHR - Extension: YouTube = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Google Search = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Line messenger = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngafncjggabnheiinpoocchdpfignoj\0.0.0.3_0\
CHR - Extension: Gmail Offline = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: Window Expander For YouTube = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpaakpeehepibjpdmoocdaonognfiog\2.3_0\
CHR - Extension: avast! Online Security = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Website Blocker (Beta) = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.5_0\
CHR - Extension: JavaScript Popup Blocker = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol\1.2.6_0\
CHR - Extension: Crimson Red Theme = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfgbckkcgepopaojnhcnkcdiafkcdjo\1_0\
CHR - Extension: YouTube Video Deck = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj\0.9.6.3_0\
CHR - Extension: Rdio Mini Player = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nepblamgofpnmpkpmldlghcabonhdepn\0.2.0_0\
CHR - Extension: TransitDB = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpolhbffjljhoeklikgkbkjpkbjkapp\0.0.6_0\
CHR - Extension: Google Wallet = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Currently = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhmphdkpgbibohbnpbfiefkgieacjmh\2.7.0_0\
CHR - Extension: Rdio = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchjhmiapbbphflbgejhigbmfmmgbngn\1.2_0\
CHR - Extension: Gmail = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/10/05 16:19:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (sUerf iandd. kEep) - {7C021C07-7CB2-4194-1568-66178E51E2A4} - C:\Program Files (x86)\sUerf iandd. kEep\2zE23p_Y.x64.dll ()
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe (Samsung)
O4 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000..\Run: [Akamai NetSession Interface] C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000..\Run: [backgroundContainer] C:\Users\Willy\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)
O4 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\.DEFAULT..\RunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect" File not found
O4 - HKU\S-1-5-18..\RunOnce: [spUninstallDeleteDir] rmdir /s /q "\SearchProtect" File not found
O4 - Startup: C:\Users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Willy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo Messenger!.lnk = C:\Program Files (x86)\Yahoo Messenger.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  = 
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 137.82.1.2 142.103.1.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FBE32D7-401A-48D1-B26C-DA9131690090}: DhcpNameServer = 137.82.1.2 142.103.1.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7266E235-2A0B-4650-A2D8-E03C1B1BE011}: DhcpNameServer = 137.82.1.2 142.103.1.42
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/06 03:59:31 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/01/26 22:39:32 | 000,000,000 | R--D | C] -- C:\Users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/01/15 19:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/13 07:49:44 | 000,079,672 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014/01/11 20:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
[2014/01/05 15:38:03 | 000,000,000 | ---D | C] -- C:\Users\Willy\Documents\Youcam
[2014/01/05 15:38:01 | 000,000,000 | ---D | C] -- C:\Users\Willy\AppData\Roaming\CyberLink
[2014/01/05 15:38:01 | 000,000,000 | ---D | C] -- C:\Users\Willy\AppData\Local\CyberLink
 
========== Files - Modified Within 30 Days ==========
 
[2014/01/26 23:38:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/01/26 23:26:52 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/26 22:48:51 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/26 22:48:51 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/26 22:38:53 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/26 22:38:12 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/01/26 22:36:44 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/01/26 22:36:13 | 4183,461,888 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/26 13:40:45 | 000,778,834 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/01/26 13:40:45 | 000,660,318 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/01/26 13:40:45 | 000,121,214 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/01/20 01:51:06 | 000,000,010 | ---- | M] () -- C:\Users\Willy\Documents\.Rhistory
[2014/01/15 17:00:53 | 000,001,011 | ---- | M] () -- C:\Users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/15 17:00:27 | 000,000,979 | ---- | M] () -- C:\Users\Willy\Desktop\Dropbox.lnk
[2014/01/15 16:08:09 | 000,498,400 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/01/14 22:29:25 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/01/13 07:49:59 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/13 07:49:58 | 000,079,672 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014/01/13 07:48:59 | 001,034,464 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2014/01/13 07:48:59 | 000,422,216 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2014/01/13 07:48:59 | 000,334,136 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014/01/13 07:48:59 | 000,207,904 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014/01/13 07:48:59 | 000,078,648 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014/01/13 07:48:58 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2014/01/12 12:31:28 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/01/11 20:51:52 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\R i386 3.0.2.lnk
[2014/01/11 20:51:52 | 000,000,709 | ---- | M] () -- C:\Users\Public\Desktop\R x64 3.0.2.lnk
[2014/01/06 13:09:13 | 000,001,069 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 
========== Files Created - No Company Name ==========
 
[2014/01/20 01:51:06 | 000,000,010 | ---- | C] () -- C:\Users\Willy\Documents\.Rhistory
[2014/01/11 20:51:52 | 000,000,709 | ---- | C] () -- C:\Users\Public\Desktop\R x64 3.0.2.lnk
[2014/01/11 20:51:51 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\R i386 3.0.2.lnk
[2013/10/11 22:21:45 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/10/11 22:21:45 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/10/11 22:21:45 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/10/11 22:21:45 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/10/11 22:21:45 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\vukeuhm.dll
[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\grcauth2.dll
[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\grcauth1.dll
[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\clauth2.dll
[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\clauth1.dll
[2013/09/11 07:44:24 | 000,000,336 | ---- | C] () -- C:\windows\SysWow64\dpcqrxe.dll
[2013/09/11 07:44:24 | 000,000,100 | ---- | C] () -- C:\windows\SysWow64\prsgrc.dll
[2013/09/11 07:44:24 | 000,000,072 | ---- | C] () -- C:\windows\SysWow64\ssprs.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\xn3pjiy.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\wm9s68l.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\w8q08s1.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\w5aclk7.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\v1hlzuf.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\uzqdpji.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\q52v5xf.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\owvosyh.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\mpa9s71.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\lblmhb4.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\kwovleu.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\hd86x4m.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\fyqi5da.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\dp2d60q.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\c8qgqid.dll
[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\a7y5ais.dll
[2013/08/06 04:06:52 | 000,424,299 | ---- | C] () -- C:\Program Files (x86)\Yahoo Messenger.exe
[2013/08/02 07:53:17 | 000,773,050 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/06/14 03:56:26 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013/06/14 03:56:18 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013/06/14 03:56:18 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013/06/14 03:56:18 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013/06/14 03:56:18 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2012/06/05 21:30:14 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2012/06/05 21:01:18 | 000,003,586 | ---- | C] () -- C:\windows\HotFixList.ini
[2012/06/05 20:42:00 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/06/05 20:33:56 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2012/04/17 14:16:54 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/04/17 14:16:54 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/04/17 14:14:24 | 000,054,784 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
[2012/03/26 03:19:10 | 000,755,188 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin
[2012/03/26 03:19:08 | 000,561,508 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin
[2012/03/26 03:08:42 | 000,963,912 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012/03/26 03:08:42 | 000,261,208 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012/03/26 03:08:42 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012/03/26 03:03:46 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/03/26 01:53:42 | 013,024,768 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll
[2012/03/26 01:47:54 | 013,212,672 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/03/06 08:40:52 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
[2012/01/30 14:00:24 | 000,016,896 | ---- | C] () -- C:\windows\SysWow64\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/11/30 18:32:28 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\(C0-65-99-4F-51-8C)
[2013/11/20 22:54:22 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\.minecraft
[2013/08/06 07:09:58 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\Autodesk
[2013/12/14 14:46:31 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\AVAST Software
[2013/09/04 16:00:21 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\ChordChartWizard
[2014/01/26 22:41:01 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\Dropbox
[2014/01/18 07:01:36 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\foobar2000
[2013/08/02 07:24:09 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\Install.GS
[2013/08/12 21:49:38 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\Nico Mak Computing
[2013/08/04 21:11:14 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\Origin
[2013/08/02 04:36:50 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\Samsung
[2013/08/12 02:44:36 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\SketchUp
[2013/11/09 02:18:59 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\SystemRequirementsLab
[2013/11/13 03:20:19 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\Unity
[2014/01/06 13:07:53 | 000,000,000 | ---D | M] -- C:\Users\Willy\AppData\Roaming\uTorrent
 
========== Purity Check ==========
 
 
 
< End of report >
Link to post
Share on other sites

Extras.txt

 

OTL Extras logfile created on: 1/26/2014 11:41:33 PM - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Willy\Desktop\malwarestuff

64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

 

3.90 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 48.44% Memory free

7.79 Gb Paging File | 4.99 Gb Available in Paging File | 64.10% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 99.90 Gb Total Space | 29.32 Gb Free Space | 29.34% Space Free | Partition Type: NTFS

Drive D: | 806.51 Gb Total Space | 700.26 Gb Free Space | 86.83% Space Free | Partition Type: NTFS

 

Computer Name: WILLY-PC | User Name: Willy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 

========== Extra Registry (SafeList) ==========

 

 

========== File Associations ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

 

[HKEY_USERS\S-1-5-21-457241823-3690726184-1205769209-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

 

========== Shell Spawning ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

 

========== Security Center Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"FirewallDisableNotify" = 0

"AntiVirusDisableNotify" = 0

"UpdatesDisableNotify" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 

========== System Restore Settings ==========

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

"DisableSR" = 0

 

========== Firewall Settings ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 

========== Authorized Applications List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

"C:\Program Files (x86)\Luobo\\Luobo.exe" = C:\Program Files (x86)\Luobo\\Luobo.exe:*:Enabled:Luobo

"C:\Program Files (x86)\Luobo\\Luobo.exe" = C:\Program Files (x86)\Luobo\\Luobo.exe:*:Enabled:Luobo

 

 

========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{32E8376D-8D98-49E9-9948-01225E3FD52D}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service | 

"{340DF06F-7E10-447B-815C-96E7C109A031}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 

"{B0FE5F00-10BF-4266-9765-E7124CAF50AF}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 

"{B118298A-F689-4464-8439-681065B98AB0}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 

 

========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{062C1059-A1C4-4707-879C-636ED32AD00E}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 

"{09281C99-F133-4F09-9AE1-A97B8568E5CA}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 

"{0BC6A502-9D48-4708-BF8F-60623AF837EE}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{117197B6-2733-417F-932E-37B9E6058B30}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\terraria\terraria.exe | 

"{26E97446-1951-4FC8-B222-149A2B29BA2E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 

"{36700705-93D3-4AAF-8A36-EF2CAFEC3DAA}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\simcity\simcity\simcity.exe | 

"{4299BDC6-3092-4988-9288-6C0B3890FDA0}" = protocol=6 | dir=in | app=d:\steam\steam.exe | 

"{528CCCCA-85D5-423A-9941-0EC30DD52E68}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\terraria\terraria.exe | 

"{53DBC95C-8DC7-4A8D-89E7-0934F8EE281F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{55AEA53A-A4F2-48FB-9401-19E2606D235F}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe | 

"{5AC74DCC-D34C-475D-962F-7A0F0C722125}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe | 

"{5D9808A5-9C17-4AC8-89A0-EEE569FE2513}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 

"{616DE58B-5E7A-44B5-9E26-9D70E6ED3702}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\simcity\simcity\simcity.exe | 

"{6287D71B-113B-4A25-8BF2-E7DE82900D18}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{67002FD2-C154-4E9A-827B-DA94C009FE13}" = protocol=17 | dir=in | app=d:\steam\steam.exe | 

"{67C955C2-03E9-40A6-B754-6F84DDAEEBEC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 

"{760EA4BD-25EA-40B5-94BF-01536CDE4274}" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\simcity\simcity\simcity.exe | 

"{78FD00A5-240E-46CD-990D-D73F043A1724}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 

"{7913B1B4-63BF-4C1F-8E1F-A4DF36425A97}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 

"{7B7442CA-D841-4096-80FC-4270EC2142DB}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 

"{8D9FCEFA-8AB1-47A8-B6A2-93CE73BC98D7}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 

"{917701D6-A6CB-4DE6-B291-01A3359C39E2}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 

"{91ED2B59-5006-4C01-A32C-D1B1269E2596}" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\simcity\simcity\simcity.exe | 

"{959E0FC0-7581-4288-9EFE-9E2EC69653FA}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{A2CFD128-959A-4B9B-B2AB-E7363AF86814}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 

"{AFE1413F-7D88-4CA7-A92F-40F9BA3BCE8C}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 

"{B1C5254C-17EA-41CB-80AE-E83E706DAE59}" = dir=in | app=c:\program files (x86)\cyberlink\media+player10\media+player10.exe | 

"{B605EF1C-C6A2-4A43-A26B-C097369AA500}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 

"{C1351B58-4936-4BBB-875B-1A77581E1069}" = dir=in | app=d:\itunes\itunes.exe | 

"{C348DDF1-C9BC-4327-A7F4-CD4B87ECD40D}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{C52BC0A3-63F6-47FA-A665-DAFAB3C7AA0A}" = protocol=6 | dir=in | app=c:\users\willy\appdata\roaming\utorrent\utorrent.exe | 

"{CBE1E1DA-CF54-4D3D-B842-D9A45F0AEC86}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | 

"{D1D7A9AA-3A41-4C1B-954A-AB9EA9DF495B}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 

"{D2A8FE62-6F83-422B-B3E7-F82FCE521D65}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\borderlands2.exe | 

"{DCBEBD80-2591-4E4E-8EBE-A00A7DEB47BA}" = protocol=6 | dir=in | app=c:\users\willy\appdata\roaming\dropbox\bin\dropbox.exe | 

"{ED82058D-3AF7-4F69-8D2C-CC1CE064CE85}" = protocol=17 | dir=in | app=c:\users\willy\appdata\roaming\dropbox\bin\dropbox.exe | 

"{EEFDAF7D-0B57-4B08-8493-E64F2F2EEA7B}" = protocol=6 | dir=in | app=d:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 

"{F0741334-050D-4610-8D19-C6FADAC99331}" = protocol=17 | dir=in | app=d:\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 

"{F55D2045-EFBD-4835-A0A2-B9E592359F84}" = protocol=17 | dir=in | app=c:\users\willy\appdata\roaming\utorrent\utorrent.exe | 

"{F6F85D86-D7E7-4FDC-B4F2-A2F1CCF0066E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"TCP Query User{1A2760A7-8870-4400-9F3A-A61932785578}D:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=6 | dir=in | app=d:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe | 

"TCP Query User{50B346C4-220A-4BC6-AE59-B35DA6280823}C:\users\willy\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\willy\appdata\local\akamai\netsession_win.exe | 

"TCP Query User{7D481C2D-23C5-49BB-8674-FA1A38E313D0}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 

"TCP Query User{9E941985-4501-47EF-B499-1258977EA0BF}C:\users\willy\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\willy\appdata\local\akamai\netsession_win.exe | 

"TCP Query User{B0CC8438-AD1B-488B-91CD-F19D726CF13F}D:\line\line.exe" = protocol=6 | dir=in | app=d:\line\line.exe | 

"TCP Query User{CEEE8651-1B96-48E5-BED0-9F49E6801127}C:\users\willy\desktop\minetest-0.4.8\bin\minetest.exe" = protocol=6 | dir=in | app=c:\users\willy\desktop\minetest-0.4.8\bin\minetest.exe | 

"UDP Query User{04D30D89-9339-4EDB-9941-E8FDAC922C2D}D:\line\line.exe" = protocol=17 | dir=in | app=d:\line\line.exe | 

"UDP Query User{22096EF3-6FF2-473E-BEE6-2B84C6900DD6}D:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe" = protocol=17 | dir=in | app=d:\program files (x86)\origin games\mass effect 3\binaries\win32\masseffect3.exe | 

"UDP Query User{452BEB10-3BF8-41A7-AF06-BE0866E5D564}C:\users\willy\desktop\minetest-0.4.8\bin\minetest.exe" = protocol=17 | dir=in | app=c:\users\willy\desktop\minetest-0.4.8\bin\minetest.exe | 

"UDP Query User{4994A032-3FC0-4BD9-AF1B-CBAEC35AF904}C:\users\willy\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\willy\appdata\local\akamai\netsession_win.exe | 

"UDP Query User{6B22834E-5C95-419C-96B7-F2B349556E88}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 

"UDP Query User{6C841D9C-8F99-4311-9222-C2F3A7192C71}C:\users\willy\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\willy\appdata\local\akamai\netsession_win.exe | 

 

========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{07179D37-D5FE-4373-90D9-A25B992EFB3E}" = WD SmartWare

"{0738F5F1-8E70-49A6-8692-F5722E1E5A4D}" = Easy Support Center

"{171C7193-1BB5-4619-BF23-E962598CAB13}" = Intel® Trusted Connect Service Client

"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector

"{186CF1EE-3B47-A14F-897D-3BEBF7886BE0}" = AMD Accelerated Video Transcoding

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources

"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)

"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime

"{5783F2D7-B000-0409-0102-0060B0CE6BBA}" = AutoCAD Civil 3D 2013

"{5783F2D7-B000-0409-1102-0060B0CE6BBA}" = AutoCAD Civil 3D 2013 Language Pack - English

"{5783F2D7-B000-0409-2102-0060B0CE6BBA}" = AutoCAD Civil 3D 2013 - English

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{98AEACC7-A4C8-4FAC-6F2F-347B29042B43}" = ccc-utility64

"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}" = Microsoft SQL Server Compact 3.5 SP2 x64 ENU

"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F81156E9-1687-E56A-E3B4-3CF3D17520E2}" = AMD Catalyst Install Manager

"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources

"001FFF2FFF16FF00FF0301F01F02F000-R1" = ArchiCAD 16 USA

"3443F9C6B5308783EC7E9DA9E41166C135CCB9C9" = Windows Driver Package - Broadcom (BCM43XX) Net  (07/01/2011 5.100.82.95)

"AutoCAD Civil 3D 2013" = AutoCAD Civil 3D 2013

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"R for Windows 3.0.2_is1" = R for Windows 3.0.2

"SynTPDeinstKey" = Synaptics Pointing Device Driver

"WinRAR archiver" = WinRAR 5.00 beta 7 (64-bit)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common

"{016118F6-06F2-4DC4-86A3-E5AC3A4D43EE}" = SAP2000 15

"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013

"{12F81925-F3C1-40DB-91F7-777817974319}" = Easy File Share

"{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}" = Samsung Recovery Solution 5

"{17283B95-21A8-4996-97DA-547A48DB266F}" = Easy Settings

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1C7F451D-ABB1-2DB1-FA04-5AF2BBF762D7}" = CCC Help Czech

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver

"{254A4D3B-ECE2-C9C2-1CA0-CF6BDEFFE508}" = CCC Help Russian

"{26A24AE4-039D-4CA4-87B4-2F83217025FF}" = Java 7 Update 25

"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 51

"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program

"{288D7000-786B-11D6-9D00-00B0D0E6A72E}" = RISA-2D Educational

"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2AC4D9EB-C408-4AF3-8456-535ED72F9E28}" = Catalyst Control Center - Branding

"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0

"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh

"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger

"{2D9F8079-7D50-3EFD-B3BD-ED642E4EE756}" = Microsoft Visual Basic PowerPacks 10.0

"{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}" = Autodesk Download Manager

"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10

"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack

"{3A9FC03D-C685-4831-94CF-4EDFD3749497}" = Microsoft SQL Server Compact 3.5 SP2 ENU

"{3B74DAD7-3688-8B31-ADBA-CC9A3B159861}" = CCC Help Finnish

"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology

"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"{443C941A-F8D2-05D8-D0CF-68570C556763}" = CCC Help Dutch

"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4D0E608A-C7EA-BC29-496C-BCA24C04909A}" = CCC Help Polish

"{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}" = Google Earth

"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11

"{534A31BD-20F4-46b0-85CE-09778379663C}" = Mass Effect™ 3

"{53C63F43-B827-42D9-8886-4698D91EA33B}" = System Requirements Lab for Intel

"{55D4C8AF-5927-779B-2258-DB535A5303FA}" = Catalyst Control Center Localization All

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh

"{5962B54A-9818-0F81-8CA0-8BD61A805068}" = CCC Help Chinese Traditional

"{5B27A772-9076-D0DF-2119-7AE60B909186}" = CCC Help Korean

"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013

"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service

"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components

"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer

"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{72B622C9-AA10-47D7-A10C-377CF9BC8502}" = SketchUp 2013

"{748F6B49-6861-03C6-7A15-8CFB195EDDAA}" = CCC Help Greek

"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail

"{757C4173-6457-48F5-898E-CF6A8E62287F}" = BlueStacks Notification Center

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{75EEB978-3B56-637C-7A7C-56DD1C895473}" = CCC Help Italian

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库

"{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{86815589-4562-5149-1480-6D0CA2F80648}" = Catalyst Control Center

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00B2-0409-0000-0000000FF1CE}" = Microsoft Save as PDF or XPS Add-in for 2007 Microsoft Office programs

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010

"{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}" = FARO LS 1.1.406.58

"{9530AE42-DAE1-4619-9594-B23487285D17}" = NVIDIA PhysX

"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader

"{977D1B66-C919-ECA6-225F-E37CE98E370B}" = CCC Help Portuguese

"{99D0B5C9-AB0D-B8FC-A504-8442193A4789}" = Catalyst Control Center Profiles Mobile

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9B384BC1-1B13-0EB9-FA9C-396C97122FDE}" = CCC Help Swedish

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{ABC5B759-21FF-E3BD-60B9-0B092942CF6A}" = CCC Help Japanese

"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)

"{AD964CB4-97F3-548D-6AFF-F31C182D9DD9}" = CCC Help Spanish

"{AE90FC86-896F-2AB4-5B36-337E42232E9F}" = CCC Help English

"{B60F78C4-BB4F-5CC0-42AC-78F416AE76F2}" = CCC Help German

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B750B5C2-CC17-4967-905B-29F4EB986131}" = Software Launcher

"{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}" = User Guide

"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger

"{C4320294-D25F-61B5-BAE3-48C39DA0E5D0}" = CCC Help Norwegian

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"{CB427A08-FCF6-752A-B571-50162CDCC501}" = PX Profile Update

"{CE3007FF-3E77-4B5B-8F94-662C9582C8A5}" = Multimedia POP

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{CF5C04A8-39DA-9C9E-9D0E-9648526F3B05}" = CCC Help Turkish

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D1B53484-9A9C-A043-FD6D-52140AAD1D0B}" = CCC Help Chinese Standard

"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DE256D8B-D971-456D-BC02-CB64DA24F115}" = Easy Software Manager

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E0ECBEF1-86D5-12B2-4911-E7EBB42EFC6A}" = CCC Help French

"{E2031233-3B7C-4DFC-9319-197626C011C3}" = TweetDeck

"{E2D68307-45AE-F90F-3F6A-307729570924}" = CCC Help Hungarian

"{E42D1166-6E1F-45C8-EF8F-10688A78D3A8}" = CCC Help Thai

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer

"{EDE7A262-DB20-4432-A630-2ACEE186C416}" = Easy Migration

"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心

"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集

"{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}" = E-POP

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Display Audio Driver

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F4A1251A-0B57-905C-0AA1-2CE56838FCFA}" = Catalyst Control Center InstallProxy

"{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}" = SimCity™

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"{FFB36E9F-7EF7-EA33-1FD4-6D6F71F2A899}" = CCC Help Danish

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Autodesk Content Service" = Autodesk Content Service

"avast" = avast! Free Antivirus

"BlueStacks App Player" = BlueStacks App Player

"ENTERPRISE" = Microsoft Office Enterprise 2007

"ERUNT_is1" = ERUNT 1.1j

"ESET Online Scanner" = ESET Online Scanner v3

"foobar2000" = foobar2000 v1.2.9

"Freemake Video Converter_is1" = Freemake Video Converter version 4.0.3

"Google Chrome" = Google Chrome

"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam

"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite

"InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}" = CyberLink Media+ Player10

"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go

"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}" = CyberLink MediaShow

"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector

"LINE" = LINE

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"NIS" = Norton Internet Security

"Origin" = Origin

"Steam" = Steam

"Steam App 105600" = Terraria

"Steam App 49520" = Borderlands 2

"Steam App 550" = Left 4 Dead 2

"VLC media player" = VLC media player 2.1.1

"WinLiveSuite" = Windows Live 程式集

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

 

========== HKEY_USERS Uninstall List ==========

 

[HKEY_USERS\S-1-5-21-457241823-3690726184-1205769209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Akamai" = Akamai NetSession Interface

"Dropbox" = Dropbox

"MyFreeCodec" = MyFreeCodec

"UnityWebPlayer" = Unity Web Player

 

========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 11/5/2013 10:50:34 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 3089

 

Error - 11/5/2013 11:01:41 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 11/5/2013 11:01:41 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 670071

 

Error - 11/5/2013 11:01:41 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 670071

 

Error - 11/5/2013 11:01:42 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 11/5/2013 11:01:42 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 671101

 

Error - 11/5/2013 11:01:42 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 671101

 

Error - 11/5/2013 11:01:43 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: Continuously busy for more than a second

 

Error - 11/5/2013 11:01:43 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledEvent 672099

 

Error - 11/5/2013 11:01:43 PM | Computer Name = Willy-PC | Source = Bonjour Service | ID = 100

Description = Task Scheduling Error: m->NextScheduledSPRetry 672099

 

[ System Events ]

Error - 11/13/2013 6:04:35 PM | Computer Name = Willy-PC | Source = Service Control Manager | ID = 7000

Description = The WD File Management Shadow Engine service failed to start due to

 the following error:   %%1053

 

Error - 11/14/2013 9:11:03 AM | Computer Name = Willy-PC | Source = DCOM | ID = 10010

Description = 

 

Error - 11/14/2013 5:01:16 PM | Computer Name = Willy-PC | Source = DCOM | ID = 10010

Description = 

 

Error - 11/14/2013 5:43:09 PM | Computer Name = Willy-PC | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Autodesk

 Content Service service to connect.

 

Error - 11/14/2013 5:43:09 PM | Computer Name = Willy-PC | Source = Service Control Manager | ID = 7000

Description = The Autodesk Content Service service failed to start due to the following

 error:   %%1053

 

Error - 11/14/2013 5:44:08 PM | Computer Name = Willy-PC | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the WD

 File Management Shadow Engine service to connect.

 

Error - 11/14/2013 5:44:08 PM | Computer Name = Willy-PC | Source = Service Control Manager | ID = 7000

Description = The WD File Management Shadow Engine service failed to start due to

 the following error:   %%1053

 

Error - 11/14/2013 6:26:01 PM | Computer Name = Willy-PC | Source = DCOM | ID = 10010

Description = 

 

Error - 11/14/2013 9:41:21 PM | Computer Name = Willy-PC | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Autodesk

 Content Service service to connect.

 

Error - 11/14/2013 9:41:21 PM | Computer Name = Willy-PC | Source = Service Control Manager | ID = 7000

Description = The Autodesk Content Service service failed to start due to the following

 error:   %%1053

 

 

< End of report >
Link to post
Share on other sites

  • Staff

Hello NoWayIn

I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png text box.

    :OTLFF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not foundFF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not foundO3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.O4 - HKU\.DEFAULT..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" File not foundO4 - HKU\S-1-5-18..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" File not foundO18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value foundO18:64bit: - Protocol\Handler\livecall - No CLSID value foundO18:64bit: - Protocol\Handler\ms-help - No CLSID value foundO18:64bit: - Protocol\Handler\msnim - No CLSID value foundO18:64bit: - Protocol\Handler\skype4com - No CLSID value foundO18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: - Protocol\Handler\wlpg - No CLSID value foundO20:64bit: - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll) -  File not foundO21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.globasearch.com/?serie=30IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\..\SearchScopes\{A4BB0820-7323-4923-A175-51DE68638688}: "URL" = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN39854164181109430&UM=2O4 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000..\Run: [BackgroundContainer] C:\Users\Willy\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll (Conduit Ltd.)[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\vukeuhm.dll[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\grcauth2.dll[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\grcauth1.dll[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\clauth2.dll[2013/09/11 07:44:24 | 000,001,024 | ---- | C] () -- C:\windows\SysWow64\clauth1.dll[2013/09/11 07:44:24 | 000,000,336 | ---- | C] () -- C:\windows\SysWow64\dpcqrxe.dll[2013/09/11 07:44:24 | 000,000,100 | ---- | C] () -- C:\windows\SysWow64\prsgrc.dll[2013/09/11 07:44:24 | 000,000,072 | ---- | C] () -- C:\windows\SysWow64\ssprs.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\xn3pjiy.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\wm9s68l.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\w8q08s1.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\w5aclk7.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\v1hlzuf.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\uzqdpji.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\q52v5xf.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\owvosyh.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\mpa9s71.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\lblmhb4.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\kwovleu.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\hd86x4m.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\fyqi5da.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\dp2d60q.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\c8qgqid.dll[2013/09/11 07:44:24 | 000,000,016 | -H-- | C] () -- C:\windows\SysWow64\a7y5ais.dll:Filesipconfig /flushdns /c:Commands[PURITY][emptyjava][EMPTYFLASH][reboot]
  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.

Let me know How things are doing

Gringo

Link to post
Share on other sites

Still getting random popups in chrome.

 

OTL log:

 

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@adobe.com/FlashPlayer\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@microsoft.com/GENUINE\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@Apple.com/iTunes,version=\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\grooveLocalGWS\ deleted successfully.
File Protocol\Handler\grooveLocalGWS - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\livecall\ deleted successfully.
File Protocol\Handler\livecall - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\ms-help\ deleted successfully.
File Protocol\Handler\ms-help - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\msnim\ deleted successfully.
File Protocol\Handler\msnim - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\skype4com\ deleted successfully.
File Protocol\Handler\skype4com - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlmailhtml\ deleted successfully.
File Protocol\Handler\wlmailhtml - No CLSID value found not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\wlpg\ deleted successfully.
File Protocol\Handler\wlpg - No CLSID value found not found.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
Registry key HKEY_USERS\S-1-5-21-457241823-3690726184-1205769209-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A4BB0820-7323-4923-A175-51DE68638688}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4BB0820-7323-4923-A175-51DE68638688}\ not found.
Registry value HKEY_USERS\S-1-5-21-457241823-3690726184-1205769209-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BackgroundContainer deleted successfully.
C:\Users\Willy\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll moved successfully.
C:\Windows\SysWOW64\vukeuhm.dll moved successfully.
C:\Windows\SysWOW64\grcauth2.dll moved successfully.
C:\Windows\SysWOW64\grcauth1.dll moved successfully.
C:\Windows\SysWOW64\clauth2.dll moved successfully.
C:\Windows\SysWOW64\clauth1.dll moved successfully.
C:\Windows\SysWOW64\dpcqrxe.dll moved successfully.
C:\Windows\SysWOW64\prsgrc.dll moved successfully.
C:\Windows\SysWOW64\ssprs.dll moved successfully.
C:\Windows\SysWOW64\xn3pjiy.dll moved successfully.
C:\Windows\SysWOW64\wm9s68l.dll moved successfully.
C:\Windows\SysWOW64\w8q08s1.dll moved successfully.
C:\Windows\SysWOW64\w5aclk7.dll moved successfully.
C:\Windows\SysWOW64\v1hlzuf.dll moved successfully.
C:\Windows\SysWOW64\uzqdpji.dll moved successfully.
C:\Windows\SysWOW64\q52v5xf.dll moved successfully.
C:\Windows\SysWOW64\owvosyh.dll moved successfully.
C:\Windows\SysWOW64\mpa9s71.dll moved successfully.
C:\Windows\SysWOW64\lblmhb4.dll moved successfully.
C:\Windows\SysWOW64\kwovleu.dll moved successfully.
C:\Windows\SysWOW64\hd86x4m.dll moved successfully.
C:\Windows\SysWOW64\fyqi5da.dll moved successfully.
C:\Windows\SysWOW64\dp2d60q.dll moved successfully.
C:\Windows\SysWOW64\c8qgqid.dll moved successfully.
C:\Windows\SysWOW64\a7y5ais.dll moved successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Willy\Desktop\malwarestuff\cmd.bat deleted successfully.
C:\Users\Willy\Desktop\malwarestuff\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Willy
->Java cache emptied: 800914 bytes
 
Total Java Files Cleaned = 1.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Willy
->Flash cache emptied: 2037 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 01302014_001451
Link to post
Share on other sites

  • Staff

Hello NoWayIn

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[s1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo

Link to post
Share on other sites

AdwCleaner[s3].txt

 

# AdwCleaner v3.018 - Report created 01/02/2014 at 23:53:39
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Willy - WILLY-PC
# Running from : C:\Users\Willy\Desktop\malwarestuff\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\uTorrentControl_v6
Folder Deleted : C:\windows\SysWOW64\Searchprotect
Folder Deleted : C:\Users\Willy\AppData\Local\Conduit
Folder Deleted : C:\Users\Willy\AppData\Local\Searchprotect
Folder Deleted : C:\Users\Willy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Willy\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Willy\AppData\LocalLow\uTorrentControl_v6
File Deleted : C:\END
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3313131
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3135D083-344C-47DC-BA44-6553ABC7963A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1484BBCE-35EB-4BFA-BF97-8087B315692C}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v6
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\SearchProtect
Key Deleted : HKLM\Software\uTorrentControl_v6
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
 
-\\ Google Chrome v32.0.1700.102
 
[ File : C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1103 octets] - [27/09/2013 22:29:31]
AdwCleaner[R1].txt - [880 octets] - [30/09/2013 13:13:15]
AdwCleaner[R2].txt - [998 octets] - [30/09/2013 13:52:52]
AdwCleaner[R3].txt - [5273 octets] - [01/02/2014 23:40:47]
AdwCleaner[s0].txt - [1078 octets] - [27/09/2013 22:50:45]
AdwCleaner[s1].txt - [940 octets] - [30/09/2013 13:40:26]
AdwCleaner[s2].txt - [1058 octets] - [30/09/2013 14:08:24]
AdwCleaner[s3].txt - [4976 octets] - [01/02/2014 23:53:39]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s3].txt - [5036 octets] ##########
 
Link to post
Share on other sites

JRT.txt

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Home Premium x64
Ran by Willy on Sun 02/02/2014 at  0:04:10.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\Willy\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Willy\appdata\local\google\chrome\user data\default\local storage\http_app.mam.conduit.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Willy\appdata\local\google\chrome\user data\default\local storage\http_pricegong.conduitapps.com_0.localstorage"
Successfully deleted: [File] "C:\Users\Willy\appdata\local\google\chrome\user data\default\local storage\http_pricegong.conduitapps.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\Willy\appdata\local\google\chrome\user data\default\local storage\http_storage.conduit.com_0.localstorage"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Willy\appdata\local\cre"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/02/2014 at  0:13:16.18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

  • Staff

Hello NoWayIn

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

1. Close any open browsers or any other programs that are open.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.

When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
Link to post
Share on other sites

combofix.txt

 

 

ComboFix 14-02-03.01 - Willy 02/03/2014  23:54:41.3.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.3990.2472 [GMT -8:00]
Running from: c:\users\Willy\Desktop\malwarestuff\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2014-01-04 to 2014-02-04  )))))))))))))))))))))))))))))))
.
.
2014-02-04 08:03 . 2014-02-04 08:03 -------- d-----w- c:\users\Public\AppData\Local\temp
2014-02-04 08:03 . 2014-02-04 08:03 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-02-02 20:19 . 2014-02-02 20:19 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89C9064C-5559-4304-9AAE-D73C4613AF0E}\offreg.dll
2014-02-02 09:36 . 2014-02-02 09:36 -------- d-----w- c:\windows\Sun
2014-01-31 23:42 . 2013-12-16 09:54 10315576 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{89C9064C-5559-4304-9AAE-D73C4613AF0E}\mpengine.dll
2014-01-30 08:14 . 2014-01-30 08:14 -------- d-----w- C:\_OTL
2014-01-16 03:26 . 2013-12-19 05:09 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-01-15 01:20 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 01:20 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 01:20 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 01:20 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 01:20 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 01:20 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 01:20 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 01:20 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-15 01:20 . 2013-11-26 11:40 376768 ----a-w- c:\windows\system32\drivers\netio.sys
2014-01-13 15:49 . 2014-02-02 20:22 80184 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-01-05 23:38 . 2014-01-05 23:38 -------- d-----w- c:\users\Willy\AppData\Roaming\CyberLink
2014-01-05 23:38 . 2014-01-05 23:38 -------- d-----w- c:\users\Willy\AppData\Local\CyberLink
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-02-02 20:22 . 2013-10-06 17:25 421704 ----a-w- c:\windows\system32\drivers\aswSP.sys
2014-02-02 20:22 . 2013-10-06 17:25 1038072 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-02-02 20:22 . 2013-10-06 17:25 78648 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-02-02 20:22 . 2013-10-06 17:25 334136 ----a-w- c:\windows\system32\aswBoot.exe
2014-02-02 20:22 . 2013-10-06 17:25 43152 ----a-w- c:\windows\avastSS.scr
2014-01-16 17:59 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-01-15 20:13 . 2013-08-03 11:42 86054176 ----a-w- c:\windows\system32\MRT.exe
2014-01-13 15:48 . 2013-10-06 17:25 207904 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-12-14 06:53 . 2013-10-06 17:25 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-12-14 06:53 . 2013-10-06 17:25 92544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-12-11 10:38 . 2013-10-06 17:45 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 10:38 . 2013-10-06 17:45 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-10 11:04 . 2013-12-10 11:04 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-10 11:04 . 2013-12-10 11:04 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-10 11:04 . 2013-12-10 11:04 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-10 11:04 . 2013-12-10 11:04 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-10 11:04 . 2013-12-10 11:04 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-10 11:04 . 2013-12-10 11:04 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-10 11:04 . 2013-12-10 11:04 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-10 11:04 . 2013-12-10 11:04 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-10 11:04 . 2013-12-10 11:04 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-10 11:04 . 2013-12-10 11:04 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-10 11:04 . 2013-12-10 11:04 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-10 11:04 . 2013-12-10 11:04 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-10 11:04 . 2013-12-10 11:04 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-10 11:04 . 2013-12-10 11:04 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-10 11:04 . 2013-12-10 11:04 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-10 11:04 . 2013-12-10 11:04 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-10 11:04 . 2013-12-10 11:04 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-10 11:04 . 2013-12-10 11:04 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-10 11:04 . 2013-12-10 11:04 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-10 11:04 . 2013-12-10 11:04 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-10 11:04 . 2013-12-10 11:04 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-10 11:04 . 2013-12-10 11:04 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-10 11:04 . 2013-12-10 11:04 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-10 11:04 . 2013-12-10 11:04 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-10 11:04 . 2013-12-10 11:04 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-10 11:04 . 2013-12-10 11:04 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-10 11:04 . 2013-12-10 11:04 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-10 11:04 . 2013-12-10 11:04 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-10 11:04 . 2013-12-10 11:04 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-10 11:04 . 2013-12-10 11:04 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-10 11:04 . 2013-12-10 11:04 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-10 11:04 . 2013-12-10 11:04 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-10 11:04 . 2013-12-10 11:04 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-10 11:04 . 2013-12-10 11:04 413696 ----a-w- c:\windows\system32\html.iec
2013-12-10 11:04 . 2013-12-10 11:04 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-10 11:04 . 2013-12-10 11:04 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-10 11:04 . 2013-12-10 11:04 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-10 11:04 . 2013-12-10 11:04 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-10 11:04 . 2013-12-10 11:04 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-10 11:04 . 2013-12-10 11:04 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-10 11:04 . 2013-12-10 11:04 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-10 11:04 . 2013-12-10 11:04 235520 ----a-w- c:\windows\system32\url.dll
2013-12-10 11:04 . 2013-12-10 11:04 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-10 11:04 . 2013-12-10 11:04 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-10 11:04 . 2013-12-10 11:04 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-10 11:04 . 2013-12-10 11:04 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-10 11:04 . 2013-12-10 11:04 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-10 11:04 . 2013-12-10 11:04 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-10 11:04 . 2013-12-10 11:04 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-10 11:04 . 2013-12-10 11:04 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-10 11:04 . 2013-12-10 11:04 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-10 11:04 . 2013-12-10 11:04 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-10 11:04 . 2013-12-10 11:04 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-10 11:04 . 2013-12-10 11:04 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-10 11:04 . 2013-12-10 11:04 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-10 11:04 . 2013-12-10 11:04 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-10 11:04 . 2013-12-10 11:04 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-10 11:04 . 2013-12-10 11:04 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-10 11:04 . 2013-12-10 11:04 101376 ----a-w- c:\windows\system32\inseng.dll
2013-11-26 11:54 . 2013-12-12 19:31 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-12 19:32 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-12 19:32 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-12 19:31 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-12 19:31 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-12 19:31 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-12 19:31 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-12 19:31 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-12 19:32 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-12 19:31 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-12 19:31 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-12 19:31 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-12 19:31 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-12 19:31 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-12 19:31 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-12 19:31 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2013-11-26 08:16 . 2013-12-12 19:31 4243968 ----a-w- c:\windows\SysWow64\jscript9.dll
2013-11-26 08:02 . 2013-12-12 19:31 1995264 ----a-w- c:\windows\system32\inetcpl.cpl
2013-11-26 07:48 . 2013-12-12 19:31 12996608 ----a-w- c:\windows\system32\ieframe.dll
2013-11-26 07:32 . 2013-12-12 19:31 1928192 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2013-11-26 07:07 . 2013-12-12 19:31 2334208 ----a-w- c:\windows\system32\wininet.dll
2013-11-26 06:40 . 2013-12-12 19:31 1395200 ----a-w- c:\windows\system32\urlmon.dll
2013-11-26 06:34 . 2013-12-12 19:31 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2013-11-26 06:33 . 2013-12-12 19:31 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2013-11-23 18:26 . 2013-12-11 20:13 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-11-23 17:47 . 2013-12-11 20:13 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-11-12 02:23 . 2013-12-11 20:13 2048 ----a-w- c:\windows\system32\tzres.dll
2013-11-12 02:07 . 2013-12-11 20:13 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-01-09 11:25 . 2013-08-06 12:06 424299 ----a-w- c:\program files (x86)\Yahoo Messenger.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Willy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Willy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 131248 ----a-w- c:\users\Willy\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2013-12-11 1564528]
"Akamai NetSession Interface"="c:\users\Willy\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-15 20584608]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-12-11 311152]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"ADSK DLMSession"="c:\program files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe" [2013-02-01 1641368]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="d:\itunes\iTunesHelper.exe" [2013-11-02 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-02-02 3767096]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2013-12-05 811792]
.
c:\users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Willy\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-2 30714328]
Yahoo Messenger!.lnk - c:\program files (x86)\Yahoo Messenger.exe [2013-8-6 424299]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-8 4236288]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 Autodesk Content Service;Autodesk Content Service;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe;c:\program files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [x]
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SamsungDeviceConfigurationWinService;SamsungDeviceConfiguration;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe;c:\program files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe [x]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [x]
R2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe;c:\program files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [x]
R3 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUVStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUVStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 SABI;SAMSUNG Kernel Driver For Windows 7;c:\windows\system32\Drivers\SABI.sys;c:\windows\SYSNATIVE\Drivers\SABI.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel® ME Service;Intel® ME Service;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]
S2 ZAtheros Bt&Wlan Coex Agent;ZAtheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{2D46B6DC-2207-486B-B523-A557E6D54B47}]
start [bU]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-29 18:36 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.102\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-02-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-06 10:38]
.
2014-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-02 09:50]
.
2014-02-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-08-02 09:50]
.
2014-02-03 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26 11:24]
.
2014-02-02 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel® ME FW Recovery Agent\bin\Bootstrap.exe [2012-03-26 11:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7C021C07-7CB2-4194-1568-66178E51E2A4}]
2013-11-11 05:53 407552 ----a-w- c:\program files (x86)\sUerf iandd. kEep\2zE23p_Y.x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-02-02 20:22 287280 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Willy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Willy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Willy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54 164016 ----a-w- c:\users\Willy\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-03-27 12459112]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [bU]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-03-09 1021056]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-03-09 800896]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mStart Page = 
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 137.82.1.2 142.103.1.42
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-02-04  00:06:28
ComboFix-quarantined-files.txt  2014-02-04 08:06
ComboFix2.txt  2013-10-12 06:38
ComboFix3.txt  2013-10-06 00:20
.
Pre-Run: 31,408,398,336 bytes free
Post-Run: 31,116,521,472 bytes free
.
- - End Of File - - C595C3DF350A47BB1C5D89F6BFEBF4AA
Link to post
Share on other sites

  • Staff

Hello NoWayIn

Which browser are you getting the popups?

Lets get a deeper look into the system and lets see if something shows up.

Download and run OTL

Download OTL by Old Timer and save it to your Desktop.

  • Double click on OTL.exe to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened and the that I need posted back here
    • Extra.txt <-- Will be minimized - save this one on your desktop in case I ask for it later
  • Please post the contents of OTL.txt in your next reply.
Gringo
Link to post
Share on other sites

Popups appearing in Google Chrome.

 

OTL.txt

 

 

OTL logfile created on: 2/5/2014 2:52:07 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Willy\Desktop\malwarestuff
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16428)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.90 Gb Total Physical Memory | 1.80 Gb Available Physical Memory | 46.32% Memory free
7.79 Gb Paging File | 4.98 Gb Available in Paging File | 63.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 99.90 Gb Total Space | 29.03 Gb Free Space | 29.06% Space Free | Partition Type: NTFS
Drive D: | 806.51 Gb Total Space | 700.19 Gb Free Space | 86.82% Space Free | Partition Type: NTFS
 
Computer Name: WILLY-PC | User Name: Willy | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Users\Willy\Desktop\malwarestuff\OTL.exe (OldTimer Tools)
PRC - C:\Users\Willy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
PRC - C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
PRC - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
PRC - C:\Program Files (x86)\Yahoo Messenger.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe (Samsung Electronics CO., LTD.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe (CyberLink)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe ()
PRC - C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe (Samsung Electronics)
PRC - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe (SEC)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
PRC - C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe (CyberLink Corp.)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppgooglenaclpluginchrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll ()
MOD - C:\Users\Willy\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\d633e37c729c49af66b6e1443e4e8ec0\HD-Agent.ni.exe ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\JSON\245880b6686de6f8a8f2e7ebed5cd5f3\JSON.ni.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Users\Willy\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\46863d4abf7db3e009962abc8710c945\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\4eef5a3a4d0ed6d6fd882947a70df530\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\464a76a3fdc9ee7456cb4baaea3e503a\PresentationFramework.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\b5b66869081b909d238fdea083cf3179\PresentationCore.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Core\dac1208781fdd0b960afc12efff42944\System.Core.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\0b37b2bafc33ef52282b9d7b217cabaf\WindowsBase.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\71d887ce964fb69b7f03c4fe7a3f28ff\System.Configuration.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7bf3e4deef4483205017aa7b13194845\System.ServiceProcess.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\4d277a8481c203a35c58bd277a2e71df\System.Xaml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\d4493b0e5a5c6faf89cfeaa5f2a21034\IAStorUtil.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System.Xml\884bcbd22130ebeb1211bc7bcc3910c9\System.Xml.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\System\de853615c8224ba5d9aa9b76276c6d98\System.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\6e3778958a8bfd03bf0f2f60c4e25623\IAStorCommon.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll ()
MOD - C:\windows\assembly\NativeImages_v4.0.30319_32\mscorlib\cf58670896c5313b9b52f026f4455a5d\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Yahoo Messenger.exe ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\plugin\PServerPlugin.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\featureController.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\DeviceProfile.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\eventsSender.dll ()
MOD - C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\log4cplus.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\libgsoap.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtXml4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtCore4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\zlib1.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Settings\WinCRT.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\Samsung\Easy Settings\HookDllPS2.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (IEEtwCollectorService) -- C:\windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (FLEXnet Licensing Service 64) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (Intel® -- C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel® Corporation)
SRV:64bit: - (WDDMService) -- C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe (WDC)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BstHdLogRotatorSvc) -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
SRV - (BstHdAndroidSvc) -- C:\Program Files (x86)\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel® -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Intel Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (ZAtheros Bt&Wlan Coex Agent) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Atheros)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (SamsungDeviceConfigurationWinService) -- C:\Program Files (x86)\Samsung\Easy Settings\SamsungDeviceConfiguration.exe ()
SRV - (Autodesk Content Service) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe (Autodesk, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (WDSC) -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDSC.exe ()
SRV - (WDFME) -- C:\Program Files (x86)\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe ()
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswstm.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswVmm) -- C:\windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswRvrt) -- C:\windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssadmdm) -- C:\Windows\SysNative\drivers\ssadmdm.sys (MCCI Corporation)
DRV:64bit: - (ssadbus) -- C:\Windows\SysNative\drivers\ssadbus.sys (MCCI Corporation)
DRV:64bit: - (ssadmdfl) -- C:\Windows\SysNative\drivers\ssadmdfl.sys (MCCI Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdkmpfd) -- C:\Windows\SysNative\drivers\amdkmpfd.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (RSUSBVSTOR) -- C:\Windows\SysNative\drivers\RtsUVStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (Fs_Rec) -- C:\windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (clwvd) -- C:\Windows\SysNative\drivers\clwvd.sys (CyberLink Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SABI) -- C:\Windows\SysNative\drivers\SABI.sys (SAMSUNG ELECTRONICS)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV - (BstHdDrv) -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys (BlueStack Systems)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Willy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013/08/02 06:37:23 | 000,000,000 | ---D | M]
 
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.376\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java Platform SE 7 U45 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Willy\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
CHR - plugin: iTunes Application Detector (Enabled) = D:\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Google Docs = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Missing e = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid\2.14.3_0\
CHR - Extension: Turn Off the Lights = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.3.0.5_0\
CHR - Extension: YouTube = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Facebook = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm\1.0.3_0\
CHR - Extension: Google Search = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Line messenger = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\dngafncjggabnheiinpoocchdpfignoj\0.0.0.3_0\
CHR - Extension: Gmail Offline = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: Window Expander For YouTube = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkpaakpeehepibjpdmoocdaonognfiog\2.3_0\
CHR - Extension: avast! Online Security = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2013.75_0\
CHR - Extension: Website Blocker (Beta) = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.5_0\
CHR - Extension: JavaScript Popup Blocker = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol\1.2.6_0\
CHR - Extension: Crimson Red Theme = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfgbckkcgepopaojnhcnkcdiafkcdjo\1_0\
CHR - Extension: YouTube Video Deck = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpoakikepagdiphlmfaeifpojdmbnegj\0.9.6.4_0\
CHR - Extension: Rdio Mini Player = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nepblamgofpnmpkpmldlghcabonhdepn\0.2.0_0\
CHR - Extension: TransitDB = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpolhbffjljhoeklikgkbkjpkbjkapp\0.0.6_0\
CHR - Extension: Google Wallet = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_1\
CHR - Extension: Currently = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojhmphdkpgbibohbnpbfiefkgieacjmh\2.7.0_0\
CHR - Extension: Rdio = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchjhmiapbbphflbgejhigbmfmmgbngn\1.2_0\
CHR - Extension: Gmail = C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013/10/05 16:19:00 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (sUerf iandd. kEep) - {7C021C07-7CB2-4194-1568-66178E51E2A4} - C:\Program Files (x86)\sUerf iandd. kEep\2zE23p_Y.x64.dll ()
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3:64bit: - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe (Autodesk, Inc.)
O4 - HKLM..\Run: [AMD AVT] C:\windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000..\Run: [Akamai NetSession Interface] C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - Startup: C:\Users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Willy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Yahoo Messenger!.lnk = C:\Program Files (x86)\Yahoo Messenger.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:  = 
O7 - HKU\S-1-5-21-457241823-3690726184-1205769209-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 137.82.1.2 142.103.1.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3FBE32D7-401A-48D1-B26C-DA9131690090}: DhcpNameServer = 137.82.1.2 142.103.1.42
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7266E235-2A0B-4650-A2D8-E03C1B1BE011}: DhcpNameServer = 137.82.1.2 142.103.1.42
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/08/06 03:59:31 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/02/05 14:50:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Willy\Desktop\OTL.exe
[2014/02/05 13:23:15 | 000,000,000 | R--D | C] -- C:\Users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
[2014/02/04 00:06:35 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/02/04 00:03:19 | 000,000,000 | ---D | C] -- C:\windows\temp
[2014/02/02 01:36:48 | 000,000,000 | ---D | C] -- C:\windows\Sun
[2014/01/30 00:14:51 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/01/15 19:26:45 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaws.exe
[2014/01/15 19:26:26 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\javaw.exe
[2014/01/15 19:26:26 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\java.exe
[2014/01/15 19:26:26 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\windows\SysWow64\WindowsAccessBridge-32.dll
[2014/01/15 19:26:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/01/14 17:20:32 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbport.sys
[2014/01/14 17:20:31 | 000,007,808 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\usbd.sys
[2014/01/14 17:20:30 | 000,376,768 | ---- | C] (Microsoft Corporation) -- C:\windows\SysNative\drivers\netio.sys
[2014/01/13 07:49:44 | 000,080,184 | ---- | C] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014/01/11 20:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
 
========== Files - Modified Within 30 Days ==========
 
[2014/02/05 14:51:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Willy\Desktop\OTL.exe
[2014/02/05 14:38:00 | 000,000,830 | ---- | M] () -- C:\windows\tasks\Adobe Flash Player Updater.job
[2014/02/05 14:26:00 | 000,000,896 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/02/05 13:32:03 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/05 13:32:03 | 000,028,848 | -H-- | M] () -- C:\windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/05 13:22:38 | 000,000,892 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/02/05 13:22:05 | 000,000,828 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/02/05 13:20:19 | 000,067,584 | --S- | M] () -- C:\windows\bootstat.dat
[2014/02/05 13:19:50 | 4183,461,888 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/04 20:38:08 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerApp.exe
[2014/02/04 20:38:08 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/02/04 15:03:15 | 000,778,834 | ---- | M] () -- C:\windows\SysNative\PerfStringBackup.INI
[2014/02/04 15:03:15 | 000,660,318 | ---- | M] () -- C:\windows\SysNative\perfh009.dat
[2014/02/04 15:03:15 | 000,121,214 | ---- | M] () -- C:\windows\SysNative\perfc009.dat
[2014/02/04 14:56:34 | 000,002,143 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014/02/02 12:23:06 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/02/02 12:22:06 | 001,038,072 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSnx.sys
[2014/02/02 12:22:06 | 000,421,704 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswSP.sys
[2014/02/02 12:22:06 | 000,334,136 | ---- | M] (AVAST Software) -- C:\windows\SysNative\aswBoot.exe
[2014/02/02 12:22:06 | 000,080,184 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswstm.sys
[2014/02/02 12:22:06 | 000,078,648 | ---- | M] (AVAST Software) -- C:\windows\SysNative\drivers\aswMonFlt.sys
[2014/02/02 12:22:05 | 000,043,152 | ---- | M] (AVAST Software) -- C:\windows\avastSS.scr
[2014/02/02 10:33:03 | 000,000,830 | ---- | M] () -- C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/01/27 22:53:28 | 000,002,148 | ---- | M] () -- C:\Users\Public\Desktop\Style Builder 2013.lnk
[2014/01/27 22:53:28 | 000,002,062 | ---- | M] () -- C:\Users\Public\Desktop\LayOut 2013.lnk
[2014/01/27 22:53:28 | 000,001,977 | ---- | M] () -- C:\Users\Public\Desktop\SketchUp 2013.lnk
[2014/01/20 01:51:06 | 000,000,010 | ---- | M] () -- C:\Users\Willy\Documents\.Rhistory
[2014/01/15 17:00:53 | 000,001,011 | ---- | M] () -- C:\Users\Willy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/01/15 17:00:27 | 000,000,979 | ---- | M] () -- C:\Users\Willy\Desktop\Dropbox.lnk
[2014/01/15 16:08:09 | 000,498,400 | ---- | M] () -- C:\windows\SysNative\FNTCACHE.DAT
[2014/01/13 07:48:59 | 000,207,904 | ---- | M] () -- C:\windows\SysNative\drivers\aswVmm.sys
[2014/01/11 20:51:52 | 000,000,714 | ---- | M] () -- C:\Users\Public\Desktop\R i386 3.0.2.lnk
[2014/01/11 20:51:52 | 000,000,709 | ---- | M] () -- C:\Users\Public\Desktop\R x64 3.0.2.lnk
 
========== Files Created - No Company Name ==========
 
[2014/01/20 01:51:06 | 000,000,010 | ---- | C] () -- C:\Users\Willy\Documents\.Rhistory
[2014/01/11 20:51:52 | 000,000,709 | ---- | C] () -- C:\Users\Public\Desktop\R x64 3.0.2.lnk
[2014/01/11 20:51:51 | 000,000,714 | ---- | C] () -- C:\Users\Public\Desktop\R i386 3.0.2.lnk
[2013/10/11 22:21:45 | 000,256,000 | ---- | C] () -- C:\windows\PEV.exe
[2013/10/11 22:21:45 | 000,208,896 | ---- | C] () -- C:\windows\MBR.exe
[2013/10/11 22:21:45 | 000,098,816 | ---- | C] () -- C:\windows\sed.exe
[2013/10/11 22:21:45 | 000,080,412 | ---- | C] () -- C:\windows\grep.exe
[2013/10/11 22:21:45 | 000,068,096 | ---- | C] () -- C:\windows\zip.exe
[2013/08/06 04:06:52 | 000,424,299 | ---- | C] () -- C:\Program Files (x86)\Yahoo Messenger.exe
[2013/08/02 07:53:17 | 000,773,050 | ---- | C] () -- C:\windows\SysWow64\PerfStringBackup.INI
[2013/06/14 03:56:26 | 000,030,568 | ---- | C] () -- C:\windows\MusiccityDownload.exe
[2013/06/14 03:56:18 | 000,974,848 | ---- | C] () -- C:\windows\SysWow64\cis-2.4.dll
[2013/06/14 03:56:18 | 000,081,920 | ---- | C] () -- C:\windows\SysWow64\issacapi_bs-2.3.dll
[2013/06/14 03:56:18 | 000,065,536 | ---- | C] () -- C:\windows\SysWow64\issacapi_pe-2.3.dll
[2013/06/14 03:56:18 | 000,057,344 | ---- | C] () -- C:\windows\SysWow64\issacapi_se-2.3.dll
[2012/06/05 21:30:14 | 000,307,200 | ---- | C] () -- C:\windows\SetDisplayResolution.exe
[2012/06/05 21:01:18 | 000,003,586 | ---- | C] () -- C:\windows\HotFixList.ini
[2012/06/05 20:42:00 | 000,000,000 | ---- | C] () -- C:\windows\ativpsrm.bin
[2012/06/05 20:33:56 | 000,003,917 | ---- | C] () -- C:\windows\SysWow64\atipblup.dat
[2012/04/17 14:16:54 | 000,204,952 | ---- | C] () -- C:\windows\SysWow64\ativvsvl.dat
[2012/04/17 14:16:54 | 000,157,144 | ---- | C] () -- C:\windows\SysWow64\ativvsva.dat
[2012/04/17 14:14:24 | 000,054,784 | ---- | C] () -- C:\windows\SysWow64\OVDecode.dll
[2012/03/26 03:19:10 | 000,755,188 | ---- | C] () -- C:\windows\SysWow64\igkrng700.bin
[2012/03/26 03:19:08 | 000,561,508 | ---- | C] () -- C:\windows\SysWow64\igfcg700m.bin
[2012/03/26 03:08:42 | 000,963,912 | ---- | C] () -- C:\windows\SysWow64\igkrng600.bin
[2012/03/26 03:08:42 | 000,261,208 | ---- | C] () -- C:\windows\SysWow64\igfcg600m.bin
[2012/03/26 03:08:42 | 000,145,804 | ---- | C] () -- C:\windows\SysWow64\igcompkrng600.bin
[2012/03/26 03:03:46 | 000,058,880 | ---- | C] () -- C:\windows\SysWow64\igdde32.dll
[2012/03/26 01:53:42 | 013,024,768 | ---- | C] () -- C:\windows\SysWow64\ig7icd32.dll
[2012/03/26 01:47:54 | 013,212,672 | ---- | C] () -- C:\windows\SysWow64\ig4icd32.dll
[2012/03/06 08:40:52 | 000,001,536 | ---- | C] () -- C:\windows\SysWow64\IusEventLog.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
< End of report >
Link to post
Share on other sites

  • Staff

Hello NoWayIn

We need to reset Chrome back to defaults to completely clear out what is going on.

We can keep the bookmarks by exporting them - Export Bookmarks

Then I need you to go Google Sync and sign into your account

scroll down untill you see the "Stop and Clear" button and click on button

At the prompt click on "Ok"

Now we need to uninstall chrome

I want you to uninstall Chrome and if asked about user data or settings then remove this also

restart the computer and reinstall chrome, You can download The latest version from here - Google Chrome

After you have Chrome reinstalled please check things out and let me know how it is doing.

Gringo

Link to post
Share on other sites

  • Staff

Hello NoWayIn

I would like you to run this custom script for me now and when it is complete please give me the report and a status update for the computer.

Run OTL Script

  • Double-click OTL.exe to start the program.
  • Copy and Paste the following code into the customFix.png text box.

    :OTLO9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found :Filesipconfig /flushdns /cC:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default:Commands[PURITY][emptyjava][EMPTYFLASH][reboot]
  • Then click the Run Fix button at the top.
  • Click btnOK.png.
  • OTL may ask to reboot the machine. Please do so if asked.
  • The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply.

    Note** if the report does not popup after the computer reboots you can find it here in this folder - C:\_OTL\MovedFiles

    It will be named - mmddyyyy_hhmmss.log

    Where mmddyyyy_hhmmss - are numbers representing the date and time the fix was run.

Let me know How things are doing

Gringo

Link to post
Share on other sites

OTL text file

 

 

========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}\ deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Willy\Desktop\malwarestuff\cmd.bat deleted successfully.
C:\Users\Willy\Desktop\malwarestuff\cmd.txt deleted successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Sync Data scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Session Storage scheduled to be moved on reboot.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\z.cdn.turner.com\xslo\cvp\core\player\CVP_2.4.2.1.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\z.cdn.turner.com\xslo\cvp\core\player folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\z.cdn.turner.com\xslo\cvp\core folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\z.cdn.turner.com\xslo\cvp folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\z.cdn.turner.com\xslo folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\z.cdn.turner.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.video44.net\gogo\yume-h.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.video44.net\gogo folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.video44.net\##D322AEF493D8BAA3 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.video44.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.thedarewall.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.the-binary-theorem.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.kongregate.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.collegehumor.com\moogaloop\ch_flash_player-0.2.2.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.collegehumor.com\moogaloop folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.collegehumor.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.acciona.es folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\www.acciona.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\w#\ww.the-binary-options-guide.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\w# folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\vox-static.liverail.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\vk.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\vidspot.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\videobug.net\flowplayer\fl#\owplayer.commercial-3.2.7.1.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\videobug.net\flowplayer\fl# folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\videobug.net\flowplayer folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\videobug.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\securepaths.com\sp.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\securepaths.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\secure-us.imrworldwide.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\sa.kewego.com\swf\kp.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\sa.kewego.com\swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\sa.kewego.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\s3.amazonaws.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\s.ytimg.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\player.ooyala.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\play44.net\flowplayer\fl#\owplayer.commercial-3.2.7.1.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\play44.net\flowplayer\fl# folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\play44.net\flowplayer folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\play44.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\opf.ooyala.com\3rdparty\espn_ui_module_v3_06_2.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\opf.ooyala.com\3rdparty folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\opf.ooyala.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\moneygainers.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\mochiads.com\__ms_1# folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\mochiads.com\__ms_# folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\mochiads.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\medicguru.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#z.cdn.turner.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#www.video44.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#www.thedarewall.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#www.the-binary-theorem.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#www.kongregate.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#www.collegehumor.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#www.acciona.es folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#www.acciona.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#vox-static.liverail.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#vk.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#vidspot.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#videobug.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#securepaths.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#secure-us.imrworldwide.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#sa.kewego.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#s3.amazonaws.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#s.ytimg.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#player.ooyala.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#play44.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#opf.ooyala.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#moneygainers.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#mochiads.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#medicguru.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#live.sekindo.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#ishared.eu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#i.nflcdn.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#i.cdn.turner.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#grooveshark.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#glamourgazette.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#flash.quantserve.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#entitlement.auth.adobe.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#elancrafts.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#core.mochibot.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#clipstime.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#clicktoview.org folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#cheesestream.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#chatango.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#chat.kongregate.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#celebrityheadline.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#cdn.selectmedia.asia folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#cdn.optimatic.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#cdn.adnxs.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#cache.btrll.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#audienceinsights.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#assets.tp-cdn.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#assets.kongregate.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#assets.bunchball.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#allmyvideos.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys\#a.blip.tv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer\sys folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support\flashplayer folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\support folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\##AB9C1C2DBA311ECC folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com\##85292A41C9D2D5D5 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\macromedia.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\live.sekindo.com\##78CC5CD70E98ABF3 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\live.sekindo.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\ishared.eu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\i.nflcdn.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\i.cdn.turner.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\grooveshark.com\static\JSQueue_20140129154635.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\grooveshark.com\static folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\grooveshark.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\glamourgazette.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\flash.quantserve.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\files.provenpixel.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\entitlement.auth.adobe.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\elancrafts.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\core.mochibot.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\clipstime.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\clicktoview.org folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cheesestream.com\jwplayer\yume-h.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cheesestream.com\jwplayer folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cheesestream.com\##1AB3E47638933B0D folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cheesestream.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chatango.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0019\9394\live\CosmicClicks01.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0019\9394\live folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0019\9394 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0019 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0012\5968\live\Rebuild2.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0012\5968\live folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0012\5968 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0012\1657\live\KONGwonderputt.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0012\1657\live folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0012\1657 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0012 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0010\2267\live\hackslashcrawlK.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0010\2267\live folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0010\2267 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0010 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0002\3249\live\Contraption.swf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0002\3249\live folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0002\3249 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez\0002 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\gamez folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com\##5DDE01276333DCD7 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\chat.kongregate.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\celebrityheadline.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cdn.selectmedia.asia folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cdn.optimatic.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cdn.adnxs.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cdn-static.liverail.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\cache.btrll.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\audienceinsights.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\assets.tp-cdn.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\assets.kongregate.com folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\assets.bunchball.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\allmyvideos.net folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\a.blip.tv folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot scheduled to be moved on reboot.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache\CCXYF8QV folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot\AssetCache folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\CacheWritableAdobeRoot folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Media Cache scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Local Storage scheduled to be moved on reboot.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.google.ca_0.indexeddb.leveldb folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_docs.google.com_0.indexeddb.leveldb folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\IndexedDB folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\GPUCache scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\Origins scheduled to be moved on reboot.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\Paths folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\001\t folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\001 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\000\t folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\000 folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System scheduled to be moved on reboot.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX\_locales folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\__MACOSX folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_TW folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\zh_CN folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\vi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\uk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\tr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\th folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\sk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\se folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ru folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ro folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_PT folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pt_BR folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\pl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\no folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\nl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\lt folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ko folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ja folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\it folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\id folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\hi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fil folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\fi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\es folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\en folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\el folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\de folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\da folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\cs folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ca folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\bg folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales\ar folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\_locales folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\zh_TW folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\zh_CN folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\vi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\uk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\tr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\th folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\sk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ru folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ro folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pt_PT folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pt_BR folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\pl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\nl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\nb folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\lv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\lt folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ko folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ja folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\it folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\id folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\hi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fil folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\fi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\et folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\es_419 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\es folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\en_GB folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\en folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\el folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\de folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\da folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\cs folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\ca folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales\bg folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\_locales folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\images folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\html folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\css folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\7.0.14735.1561_0 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_TW folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\zh_CN folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\vi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\uk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\tr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\th folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\sk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ru folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ro folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_PT folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pt_BR folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\pl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\no folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\nl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\lt folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ko folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ja folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\it folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\id folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\hi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\he folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fil folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\fi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\et folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es_419 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\es folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_US folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en_GB folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\en folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\el folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\de folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\da folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\cs folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ca folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\bg folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales\ar folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\_locales folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\zh_TW folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\zh_CN folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\vi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\uk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\tr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\th folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\sk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ru folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ro folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pt_PT folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pt_BR folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\pl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\no folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\nl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\lv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\lt folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ko folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ja folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\it folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\id folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\hi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\he folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fil folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\fi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\es folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\en folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\el folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\de folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\da folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\cs folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ca folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\bg folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales\ar folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\_locales folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_TW folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\zh_CN folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\vi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\uk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\tr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\th folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\sk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ru folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ro folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_PT folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pt_BR folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\pl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\no folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\nl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ms folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\lt folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ko folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ja folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\it folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\id folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\hi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\he folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fil folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\fi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\eu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\et folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es_419 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\es folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_US folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\en_GB folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\el folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\de folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\da folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\cs folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ca folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\bg folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales\ar folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\_locales folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\zh_TW folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\zh_CN folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\vi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\uk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\tr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\th folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\sk folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ru folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ro folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pt_PT folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pt_BR folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\pl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\no folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\nl folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ms folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\lv folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\lt folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ko folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ja folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\it folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\id folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\hu folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\hi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\he folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fr folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fil folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\fi folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\et folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\es_419 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\es folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\en_US folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\en_GB folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\el folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\de folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\da folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\cs folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ca folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\bg folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales\ar folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\_locales folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0 folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extensions folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extension State scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extension Rules scheduled to be moved on reboot.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\databases\https_www.google.com_0 folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\databases scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Cache scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Application Cache scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default scheduled to be moved on reboot.
========== COMMANDS ==========
 
[EMPTYJAVA]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Willy
->Java cache emptied: 232826 bytes
 
Total Java Files Cleaned = 0.00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: Default
 
User: Default User
 
User: Public
 
User: Willy
->Flash cache emptied: 82955 bytes
 
Total Flash Files Cleaned = 0.00 mb
 
 
OTL by OldTimer - Version 3.2.69.0 log created on 02152014_012932
 
Files\Folders moved on Reboot...
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Sync Data folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Session Storage folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data scheduled to be moved on reboot.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Media Cache folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Local Storage folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\GPUCache folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System\Origins folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\File System folder moved successfully.
File\Folder C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extension State not found!
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Extension Rules folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\databases folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Cache folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Application Cache folder moved successfully.
C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\User StyleSheets folder moved successfully.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com\##75233E3DE50FD79A scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af#\6c054efb801.r29.cf1.rackcdn.com scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f#\20512dbe-483e6ce63d68aeb3d05af# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF\97ff0e7e610f# scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\XUZAUVJF scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default\Pepper Data scheduled to be moved on reboot.
Folder move failed. C:\Users\Willy\AppData\Local\Google\Chrome\User Data\Default scheduled to be moved on reboot.
 
PendingFileRenameOperations files...
 
Registry entries deleted on Reboot...
Link to post
Share on other sites

  • Staff

Hello NoWayIn

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Gringo
Link to post
Share on other sites

FRST.txt

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by Willy (administrator) on WILLY-PC on 17-02-2014 23:25:04
Running from C:\Users\Willy\Desktop\malwarestuff
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\windows\system32\atiesrxx.exe
(AMD) C:\windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Akamai Technologies, Inc.) C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Easy Software Manager\SWMAgent.exe
(Akamai Technologies, Inc.) C:\Users\Willy\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\MovieColorEnhancer.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\SmartSetting.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Easy Settings\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel Corporation) C:\windows\system32\hkcmd.exe
(Intel Corporation) C:\windows\system32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateS