Fynloski.AA trojan

FinalSpark · January 16, 2014

so i've been getting these notification from my anti-virus lately
i also read about the older forum and i'm not sure if i should use combofix
and so.. i come here for some advice~

Thank you for everyone in advance!

Maniac · January 16, 2014

Hello FinalSpark and :welcome: ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

FinalSpark · January 16, 2014

Thanks for your instructions! here're the logs
-From DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by NEXT Speed at 23:00:15 on 2014-01-16
Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1033.18.6142.4289 [GMT 7:00]
.
AV: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\UnsignedThemesSvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Microsoft\Client\taskhost.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
F:\Garena Plus\ggdllhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
F:\Garena Plus\GarenaMessenger.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\system32\svchost.exe -k imgsvc
F:\Garena Plus\bbtalk\BBtalk.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\notepad.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
BHO: HP Print Enhancer: {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
BHO: Webexp Enhanced: {5f6cde8e-3ab7-441c-8ea7-a9cb0c3221bf} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha1749\ie\WebexpEnhancedV1alpha1749.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Video Player: {a1ee299d-bb3e-40da-803f-5330e5dc8f46} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta847\ie\VideoPlayerV3beta847.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_bho.dll
uRun: [AdobeBridge] <no file>
uRunOnce: [zsodl] C:\Users\NEXTSP~1\AppData\Local\Temp\zsodl\89062.vbs
uRunOnce: [iqrqu] C:\Users\NEXTSP~1\AppData\Local\Temp\iqrqu\12433.vbs
mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [DeathAdder] C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\HPDIGI~1.LNK - C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\コンテ~1.LNK - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CB7A9533-0527-4A75-9AA6-903F3503C4E4} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 genuine.microsoft.com
Hosts: 127.0.0.1 mpa.one.microsoft.com
Hosts: 127.0.0.1 sls.microsoft.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\NEXT Speed\AppData\Roaming\Mozilla\Firefox\Profiles\s0wdfvz4.default\
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2014-01-07 20:57; ext@WebexpEnhancedV1alpha1749.net; C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha1749\ff
FF - ExtSQL: 2014-01-10 20:57; ext@VideoPlayerV3beta847.net; C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta847\ff
FF - ExtSQL: !HIDDEN! 2012-06-14 16:55; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-12-12 55280]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/12/12 12:06:56];C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [2011-5-20 148976]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [2011-12-12 83240]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [2011-12-12 70952]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [2011-12-12 312616]
R2 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2011-8-9 202576]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2011-8-9 974944]
R2 epfwwfpr;epfwwfpr;C:\Windows\System32\drivers\epfwwfpr.sys [2011-8-4 137144]
R2 IDMWFP;IDMWFP;C:\Windows\System32\drivers\idmwfp.sys [2011-11-14 145008]
R2 ntk_PowerDVD;ntk_PowerDVD;C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [2011-12-12 75248]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]
R2 UnsignedThemes;Unsigned Themes;C:\Windows\UnsignedThemesSvc.exe [2009-7-13 24168]
R2 uxpatch;uxpatch;C:\Windows\System32\drivers\uxpatch.sys [2009-7-13 30568]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-12-12 31216]
R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-7-6 283064]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-6-11 187392]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2013-11-15 39080]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2013-11-15 149160]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-3 160944]
S2 winlogon;winlogon;C:\Windows\Microsoft\winlogon.exe [2013-8-25 72192]
S3 ampa;ampa;C:\Windows\System32\ampa.sys [2013-12-14 17008]
S3 BBSvc;Bing Bar Update Service;C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-4-1 183560]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-2-6 102936]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2012-6-2 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2012-3-8 1492840]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-14 111616]
S3 npggsvc;nProtect GameGuard Service;C:\Windows\System32\GameMon.des -service --> C:\Windows\System32\GameMon.des -service [?]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-2-6 203544]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2010-11-21 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 tsusbhub;Remote Deskotop USB Hub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 WatAdminSvc;WatAdminSvc;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-6-3 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2088-01-11 23:30:04 -------- d-----w- C:\Users\NEXT Speed\AppData\Local\{28FB4D07-F174-42EF-B151-8D47EC74FC5E}
2080-01-12 00:27:59 -------- d-----w- C:\Users\NEXT Speed\AppData\Local\{9D24A5AE-A59B-4DDF-8E82-19531B4D335E}
2036-01-13 19:36:32 -------- d-----w- C:\Users\NEXT Speed\AppData\Local\{356064CD-A9F5-4DCD-A87A-0516FBE257BC}
2028-01-12 08:19:12 195584 ----a-w- C:\Windows\SysWow64\Xvoice.dll
2014-01-15 10:14:57 53248 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2014-01-15 10:14:57 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys
2014-01-15 10:14:56 99840 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 10:14:56 7808 ----a-w- C:\Windows\System32\drivers\usbd.sys
2014-01-15 10:14:56 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2014-01-15 10:14:56 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 10:14:56 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2014-01-15 10:14:54 3156480 ----a-w- C:\Windows\System32\win32k.sys
2014-01-10 13:57:08 -------- d-----w- C:\Program Files (x86)\VideoPlayerV3
2014-01-08 12:29:48 -------- d-----w- C:\Users\NEXT Speed\AppData\Local\Skyrim
2014-01-07 13:57:12 -------- d-----w- C:\Program Files (x86)\WebexpEnhancedV1
2013-12-23 11:55:37 0 ----a-w- C:\Users\NEXT Speed\AppData\Roaming\wininit.exe
2013-12-23 11:55:37 -------- d-----w- C:\Users\NEXT Speed\AppData\Roaming\dclogs
2013-12-23 11:54:39 -------- d-----w- C:\Users\NEXT Speed\AppData\Local\SwvUpdater
.
==================== Find3M ====================
.
2013-12-14 12:23:45 1024 ---h--w- C:\AMTAG.BIN
2013-12-11 13:22:18 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-11 13:22:18 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-12-07 02:23:59 77312 ----a-w- C:\Windows\System32\tdc.ocx
2013-12-07 02:23:59 548352 ----a-w- C:\Windows\System32\vbscript.dll
2013-12-07 02:23:59 48640 ----a-w- C:\Windows\System32\mshtmler.dll
2013-12-07 02:23:59 413696 ----a-w- C:\Windows\System32\html.iec
2013-12-07 02:23:59 40448 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-12-07 02:23:59 30208 ----a-w- C:\Windows\System32\licmgr10.dll
2013-12-07 02:23:59 167424 ----a-w- C:\Windows\System32\iexpress.exe
2013-12-07 02:23:59 143872 ----a-w- C:\Windows\System32\wextract.exe
2013-12-07 02:23:59 1228800 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2013-12-07 02:23:59 105984 ----a-w- C:\Windows\System32\iesysprep.dll
2013-12-07 02:23:58 83968 ----a-w- C:\Windows\System32\MshtmlDac.dll
2013-12-07 02:23:58 48128 ----a-w- C:\Windows\System32\imgutil.dll
2013-12-07 02:23:58 13824 ----a-w- C:\Windows\System32\mshta.exe
2013-12-04 08:13:53 327168 ----a-w- C:\Windows\System32\mswsock.dll
2013-12-04 08:13:53 231424 ----a-w- C:\Windows\SysWow64\mswsock.dll
2013-12-04 08:13:53 1903552 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-11-29 13:42:08 1806960 ----a-w- C:\Windows\ampa.exe
2013-11-29 03:31:28 17008 ----a-w- C:\Windows\SysWow64\ampa.sys
2013-11-29 03:31:28 17008 ----a-w- C:\Windows\System32\ampa.sys
2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-11-15 06:37:16 39080 ----a-w- C:\Windows\System32\drivers\rzendpt.sys
2013-11-15 06:37:14 149160 ----a-w- C:\Windows\System32\drivers\rzudd.sys
2013-11-15 06:32:00 57344 ----a-w- C:\Windows\SysWow64\rzdevinfo.dll
2013-11-15 06:32:00 154112 ----a-w- C:\Windows\SysWow64\rztouchdll.dll
2013-11-15 06:31:58 834560 ----a-w- C:\Windows\SysWow64\rzdevicedll.dll
2013-11-15 06:31:56 296448 ----a-w- C:\Windows\SysWow64\rzaudiodll.dll
2013-11-15 06:31:56 117248 ----a-w- C:\Windows\SysWow64\rzdisplaydll.dll
2013-11-12 02:23:09 2048 ----a-w- C:\Windows\System32\tzres.dll
2013-11-12 02:07:29 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll
2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll
.
============= FINISH: 23:01:26.76 ===============

-From Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 1/6/2555 14:42:53
System Uptime: 16/1/2557 8:52:30 (15 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | EP35-DS3R
Processor: Intel® Core2 Duo CPU E8200 @ 2.66GHz | Socket 775 | 2667/333mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 62 GiB total, 4.406 GiB free.
D: is FIXED (NTFS) - 93 GiB total, 3.96 GiB free.
E: is FIXED (NTFS) - 143 GiB total, 24.491 GiB free.
F: is FIXED (NTFS) - 466 GiB total, 166.809 GiB free.
G: is CDROM ()
H: is Removable
I: is Removable
J: is Removable
K: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
????????? ActiveX ?? Windows Live Mesh ????????????????????????? (???)
64 Bit HP CIO Components Installer
7-Zip 9.20
ACDSee Pro 5
Adobe Acrobat X Pro - English, Fran?ais, Deutsch
Adobe AIR
Adobe Audition 3.0
Adobe Audition 3.0 Vista Compatibility
Adobe Community Help
Adobe Creative Suite 5 Master Collection
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Anime downloader
Anomaly 2 © 11 bit studios version 1
AOMEI Partition Assistant Standard Edition 5.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArmA II Launcher
ArnA 2: Combined Operations
Battle.net
Bing Bar
BitTorrent
Blades of Time
Blaze Media Pro
Bonjour
BufferChm
BusinessCards MX
C-Free 4 Standard
C9 Thailand version 1.004.0
Cambridge Advanced Learner's Dictionary - 3rd Edition
Caribbean Islands 3D Screensaver and Animated Wallpaper 1.1
CCleaner
CLANNAD Full Voice 1.5
Copy
Coupon Printer for Windows
CyberLink PowerDVD 11
CyberLink YouCam 5
D3DX10
DAEMON Tools Lite
Darksiders II
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Destinations
DeviceDiscovery
DJ_AIO_06_K209a-z_SW_Min
DMC Devi May Cry © Capcom version 1
DomDomSoft Anime Downloader (remove only)
Dragon Nest
Dragonica 1.4.0
EdenOnline
ELSWORD
EnglishToThai
ESET NOD32 Antivirus
EverybodyMarble (Remove only)
Facebook Video Calling 2.0.0.447
Fantasy Saga Online
Fevermix (remove only)
Foobar2000 1.1.8 XPack 1.08 (20.09.2011)
FormatFactory 2.70
Fraps (remove only)
Garena - Heroes of Newerth
Garena - League of Legends
Garena Plus
GIF Viewer version 4.0.02
Glory Destiny Online
GOM Player
Google Chrome
Google Update Helper
GPBaseService2
Hearthstone
HP Customer Participation Program 14.0
HP Deskjet Ink Advant K209a-z All-in-One Driver Software 14.0 Rel. 6
HP Imaging Device Functions 14.0
HP Photo Creations
HP Smart Web Printing 4.60
HP Solution Center 14.0
HP Update
HPPhotoGadget
HPProductAssistant
HPSSupply
IBM SPSS Statistics 19
ILLUSION むすメイク
ILLUSION むすメイクきゃらメイクビューアー
Internet Download Manager
iTunes
Java 7 Update 45
Java Auto Updater
Junk Mail filter update
K-Lite Mega Codec Pack 8.0.0
K209a-z
League of Legends
Left 4 Dead 2
LINE
Magical Jelly Bean KeyFinder
MarketResearch
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office Access MUI (English) 2010
Microsoft Office Access MUI (Thai) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Excel MUI (Thai) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office Groove MUI (Thai) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office InfoPath MUI (Thai) 2010
Microsoft Office Language Pack 2010 - Thai/???
Microsoft Office O MUI (Thai) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office OneNote MUI (Thai) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office Outlook MUI (Thai) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint MUI (Thai) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proof (Thai) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Proofing (Thai) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Publisher MUI (Thai) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit MUI (Thai) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared MUI (Thai) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office SharePoint Designer MUI (Thai) 2010
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Office Word MUI (Thai) 2010
Microsoft Office X MUI (Thai) 2010
Microsoft Silverlight
Microsoft Speech SDK 5.1
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visio Premium 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft XNA Framework Redistributable 3.1
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Miku
Miku 2013 V5 by andrea_37
mIRC
Mozilla Firefox 8.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB973688)
Nero 11 Mini Repack
NVIDIA 3D Vision Controller Driver 314.22
NVIDIA 3D Vision Driver 314.22
NVIDIA Control Panel 314.22
NVIDIA Graphics Driver 314.22
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.12.12
NVIDIA Update Components
OpenAL
OpenMG Limited Patch 4.7-07-14-05-01
OpenMG Secure Module 4.7.00
osu!
Pando Media Booster
PangYa_Th (NtreevSoft)
Path of Exile
PCSX2 - Playstation 2 Emulator
PDF Settings CS5
PHANTASY STAR ONLINE 2
Photodex Presenter
PhotoScape
Playpark Launcher
ProShow Producer
PunkBuster Services
PxMergeModule
QUICKfind server v1.1
Ragnarok Online2
Razer DeathAdder Mouse
Razer Synapse 2.0
Realtek High Definition Audio Driver
SAMSUNG USB Driver for Mobile Phones
Scan
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition
Shop for HP Supplies
Skype Click to Call
Skype? 5.10
SmartWebPrinting
Software Version Updater
SolutionCenter
SonicStage 4.3
StarCraft II
Status
Synthesia
TeamSpeak 3 Client
Thai Translator Tool
ThaiSoftware Dictionary v.7.0
Toolbox
Torchlight II © Runic Games version 1
TrayApp
Typing Master 1.0
UE3Redist
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2836939)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
UxStyle Core Beta
Video Player
VLC media player 1.1.11
Vocaloid IA V2
Webexp Enhanced
WebReg
Winamp
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24)
Windows Driver Package - Parallax Inc CDM Driver Package - Bus & VCP Driver (04/10/2012 2.08.24)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Media Player Firefox Plugin
WinRAR 4.20 (64-bit)
Wiring 1.0 IPST-SE
Xilisoft Video Converter Ultimate
xuggle-xuggler
μTorrent
コンテンツ管理アシスタント for PlayStation®
ヨスガノソラ
東方心綺楼 Ver1.30
.
==== Event Viewer Messages From Past Week ========
.
16/1/2557 9:54:38, Error: NetBT [4321] - The name "NEXTSPEED-PC :0" could not be registered on the interface with IP address 192.168.1.4. The computer with the IP address 192.168.1.2 did not allow the name to be claimed by this computer.
16/1/2557 8:57:14, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
16/1/2557 8:56:44, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the LanmanServer service.
16/1/2557 8:55:46, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
16/1/2557 8:55:46, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
16/1/2557 8:53:44, Error: Service Control Manager [7034] - The winlogon service terminated unexpectedly. It has done this 1 time(s).
16/1/2557 8:53:39, Error: Server [2505] - The server could not bind to the transport \Device\NetBT_Tcpip_{CB7A9533-0527-4A75-9AA6-903F3503C4E4} because another computer on the network has the same name. The server could not start.
16/1/2557 8:53:39, Error: NetBT [4321] - The name "NEXTSPEED-PC :20" could not be registered on the interface with IP address 192.168.1.4. The computer with the IP address 192.168.1.2 did not allow the name to be claimed by this computer.
16/1/2557 8:52:36, Error: volmgr [46] - Crash dump initialization failed!
16/1/2557 22:27:38, Error: Service Control Manager [7023] - The SPP Notification Service service terminated with the following error: Access is denied.
16/1/2557 11:50:08, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: {F87B28F1-DA9A-4F35-8EC0-800EFCF26B83} as /. The error: "5" Happened while starting this command: C:\Windows\System32\slui.exe -Embedding
.
==== End Of File ===========================

Thank you again for your help sir!

Maniac · January 16, 2014

One or more of the identified infections is related to a nasty rootkit component which is difficult to remove. Rootkits and backdoor Trojans are very dangerous because they use advanced techniques (backdoors) as a means of accessing a computer system that bypasses security mechanisms and steal sensitive information which they send back to the hacker. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. Remote attackers use backdoor Trojans and rootkits as part of an exploit to gain unauthorized access to a computer and take control of it without your knowledge.

If your computer was used for online banking, has credit card information or other sensitive data on it, you should immediately disconnect from the Internet until your system is cleaned. All passwords should be changed immediately to include those used for banking, email, eBay, paypal and online forums from a CLEAN COMPUTER. You should consider them to be compromised. You should change each password by using a different computer and not the infected one. If not, an attacker may get the new passwords and transaction information. If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again. Banking and credit card institutions should be notified of the possible security breach. Because your computer was compromised please read How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

Although the rootkit has been identified and may be removed, your PC has likely been compromised and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume that because this malware has been removed the computer is now secure. In some instances an infection may have caused so much damage to your system that it cannot be completely cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, delete the partition, reformat and reinstall the Operating System.

Please read:

Should you decide not to follow this advice, we will do our best to help clean the computer of any infections but we cannot guarantee it to be trustworthy or that the removal will be successful. If you wish to proceed, disinfection will require more time and more advanced tools.

Please let us know how you would like to proceed.

FinalSpark · January 16, 2014

I don't have any important information/passwords on my computer link bank accounts so I don't think it's that serious
but I think it'd be best if I remove this rootkit so I would like to disinfect this

Maniac · January 17, 2014

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
Press Scan button.
It will produce a log called FRST.txt in the same directory the tool is run from.
Please copy and paste log back here.
The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

FinalSpark · January 19, 2014

FRST log

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-01-2014 03
Ran by NEXT Speed (administrator) on NEXTSPEED-PC on 19-01-2014 17:46:42
Running from C:\Users\NEXT Speed\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(The Within Network, LLC) C:\Windows\UnsignedThemesSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\Photodex\ProShowProducer\scsiaccess.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
() F:\Garena Plus\ggdllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\Microsoft\Client\taskhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
() F:\Garena Plus\GarenaMessenger.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegSvcs.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Razer Inc.) C:\Program Files (x86)\Razer\DeathAdder\razerofa.exe
() F:\Garena Plus\bbtalk\BBTalk.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(ppy) F:\osu!\osu!.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12445288 2012-01-16] (Realtek Semiconductor)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4030008 2012-06-01] (ESET)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2009-11-18] (Hewlett-Packard)
HKLM-x32\...\Run: [Razer Synapse] - C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442712 2013-11-17] (Razer Inc.)
HKLM-x32\...\Run: [DeathAdder] - C:\Program Files (x86)\Razer\DeathAdder\razerhid.exe [251392 2010-05-05] ()
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [Facebook Update] - C:\Users\NEXT Speed\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-10-18] (Facebook Inc.)
HKCU\...\Run: [GarenaPlus] - F:\Garena Plus\GarenaMessenger.exe [9890608 2013-12-13] ()
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-27] ()
HKCU\...\Run: [iDMan] - C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3437976 2011-11-14] (Tonec Inc.)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673184 2013-07-03] (Disc Soft Ltd)
HKCU\...\RunOnce: [zsodl] - C:\Users\NEXTSP~1\AppData\Local\Temp\zsodl\89062.vbs [210 2013-12-23] ()
HKCU\...\RunOnce: [iqrqu] - C:\Users\NEXTSP~1\AppData\Local\Temp\iqrqu\12433.vbs [210 2013-12-23] ()
MountPoints2: L - L:\setup.exe
MountPoints2: {0a5d9009-c5cc-11e2-9282-001d7d0a4a06} - M:\setup.exe
MountPoints2: {3fd68d44-c396-11e2-8a68-001d7d0a4a06} - L:\setup.exe
MountPoints2: {5ecbc326-0637-11e2-8b29-001d7d0a4a06} - N:\Setup.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.facebook.com/
SearchScopes: HKCU - DefaultScope {C5EB994D-BE37-4466-B3A1-D12A3361044F} URL = http://www.google.com/cse?q={searchTerms}&cx=partner-pub-7167212161349819:frn256rnrn5&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
SearchScopes: HKCU - {20928C3E-84C1-4848-ACFD-6BBF3950B57E} URL = http://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}
SearchScopes: HKCU - {3E5645F9-1B45-4485-9379-36351CDC81E4} URL = http://search.yahoo.com/search?p={searchTerms}&b={startPage?}&fr=ie8
SearchScopes: HKCU - {49DE0DB2-43D2-41B4-B860-8333D76F5EF8} URL = http://www.youtube.com/results?search_query={searchTerms}
SearchScopes: HKCU - {5CC8F9B1-0D51-4332-8BB6-86042A463EEC} URL = http://rover.ebay.com/rover/1/711-43047-14818-1/4?satitle={searchTerms}
SearchScopes: HKCU - {78A36E83-B98D-4B8F-A7F7-E4A3D7190D55} URL = http://www.amazon.com/s?ie=UTF8&tag=amznsearch.ms-20&index=aps&linkFcode=qs&field-keywords={searchTerms}
SearchScopes: HKCU - {9D512A4C-D812-45AC-B74B-43175EB207CE} URL = http://www.facebook.com/search/?src=os&q={searchTerms}
SearchScopes: HKCU - {C1D35D5A-3DCF-45DF-A45A-7A0AA3F0F598} URL = http://www.newegg.com/Product/ProductList.aspx?Submit=ENE&Description={searchTerms}
SearchScopes: HKCU - {C5EB994D-BE37-4466-B3A1-D12A3361044F} URL = http://www.google.com/cse?q={searchTerms}&cx=partner-pub-7167212161349819:frn256rnrn5&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}
BHO: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Webexp Enhanced - {5f6cde8e-3ab7-441c-8ea7-a9cb0c3221bf} - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha1749\ie\WebexpEnhancedV1alpha1749.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Video Player - {a1ee299d-bb3e-40da-803f-5330e5dc8f46} - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta847\ie\VideoPlayerV3beta847.dll ()
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\NEXT Speed\AppData\Roaming\Mozilla\Firefox\Profiles\s0wdfvz4.default
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @photodex.com/PhotodexPresenter - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
FF Plugin-x32: @t.garena.com/garenatalk - F:\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.11 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\NEXT Speed\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-07-13]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-06-01]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2011-12-12]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2011-12-12]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-14]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha1749.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha1749\ff
FF Extension: Webexp Enhanced - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha1749\ff [2014-01-07]
FF HKLM-x32\...\Firefox\Extensions: [ext@VideoPlayerV3beta847.net] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta847\ff
FF Extension: Video Player - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta847\ff [2014-01-10]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-06-01]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NEXT Speed\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\NEXT Speed\AppData\Roaming\IDM\idmmzcc5 [2011-12-12]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-06-14]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\NEXT Speed\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\NEXT Speed\AppData\Roaming\IDM\idmmzcc5 [2011-12-12]

Chrome:
=======
CHR DefaultSearchKeyword: google.co.th
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrl.dll No File
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Photodex Presenter Plugin) - C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll ( )
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube Options) - C:\Users\NEXT Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdokagampppgbnjfdlkfpphniapiiifn [2013-09-26]
CHR Extension: (Webexp Enhanced) - C:\Users\NEXT Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibacigppidcgnhchabmfmlmbjlkilfhc [2014-01-07]
CHR Extension: (Skype Click to Call) - C:\Users\NEXT Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2012-08-14]
CHR Extension: (Video Player) - C:\Users\NEXT Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpiflmjfidpdoeghmcaodpmpjjadfcjb [2014-01-10]
CHR Extension: (Google Wallet) - C:\Users\NEXT Speed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR HKLM-x32\...\Chrome\Extension: [ibacigppidcgnhchabmfmlmbjlkilfhc] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha1749\ch\WebexpEnhancedV1alpha1749.crx [2013-12-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-12-13]
CHR HKLM-x32\...\Chrome\Extension: [mpiflmjfidpdoeghmcaodpmpjjadfcjb] - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta847\ch\VideoPlayerV3beta847.crx [2014-01-08]

==================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-12-12] (Adobe Systems)
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [83240 2011-05-19] ()
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [70952 2011-05-12] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [312616 2011-05-12] (CyberLink)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [974944 2011-08-09] (ESET)
S3 MSCSPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation)
R2 NMSAccess; C:\Program Files (x86)\Blaze Media Pro\NMSAccess32.exe [71096 2009-01-12] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5729128 2013-07-14] (INCA Internet Co., Ltd.)
S3 PACSPTISVR; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-07-23] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShowProducer\ScsiAccess.exe [186760 2011-12-12] ()
S3 SonicStage Back-End Service; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SsBeSvc.exe [112184 2007-02-05] (Sony Corporation)
S3 SPTISRV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation)
S3 SSScsiSV; C:\Program Files (x86)\Common Files\Sony Shared\AVLib\SSScsiSV.exe [75320 2007-02-05] (Sony Corporation)
R2 UnsignedThemes; C:\Windows\UnsignedThemesSvc.exe [24168 2009-07-13] (The Within Network, LLC)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2012-06-03] ()
S2 winlogon; C:\Windows\Microsoft\winlogon.exe [72192 2013-08-25] ()

==================== Drivers (Whitelisted) ====================

S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-11-29] ()
S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-11-29] ()
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-06] (Disc Soft Ltd)
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [202576 2011-08-09] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [146432 2011-08-04] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2011-08-04] (ESET)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39080 2013-11-15] (Razer Inc)
R2 uxpatch; C:\Windows\system32\drivers\uxpatch.sys [30568 2009-07-13] ()
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [148976 2011-05-20] (CyberLink Corp.)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 GGSAFERDriver; \??\F:\Garena Plus\Room\safedrv.sys [x]
S3 qkt; \??\F:\Glory Destiny\GloryDestiny\avital\qkwyw64.sys [x]
S3 s2; \??\F:\Glory Destiny\GloryDestiny\avital\qkwyw64.sys [x]
S3 tsj; \??\F:\Eden\EdenOnline\avital\tsjcs64.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2088-01-12 06:30 - 2088-01-12 06:30 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\{28FB4D07-F174-42EF-B151-8D47EC74FC5E}
2080-01-12 07:27 - 2080-01-12 07:28 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\{9D24A5AE-A59B-4DDF-8E82-19531B4D335E}
2036-01-14 02:36 - 2036-01-14 02:36 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\{356064CD-A9F5-4DCD-A87A-0516FBE257BC}
2028-01-12 15:19 - 2028-01-12 15:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Xvoice.dll
2014-01-19 17:46 - 2014-01-19 17:47 - 00025485 _____ C:\Users\NEXT Speed\Desktop\FRST.txt
2014-01-19 17:46 - 2014-01-19 17:46 - 02076160 _____ (Farbar) C:\Users\NEXT Speed\Desktop\FRST64.exe
2014-01-19 17:46 - 2014-01-19 17:46 - 00000000 ____D C:\FRST
2014-01-16 23:01 - 2014-01-16 23:01 - 00022808 _____ C:\Users\NEXT Speed\Desktop\dds.txt
2014-01-16 23:01 - 2014-01-16 23:01 - 00015202 _____ C:\Users\NEXT Speed\Desktop\attach.txt
2014-01-16 22:59 - 2014-01-16 22:59 - 00000648 _____ C:\Users\NEXT Speed\Desktop\how to use dds.txt
2014-01-16 22:58 - 2014-01-16 22:58 - 00688992 ____R (Swearware) C:\Users\NEXT Speed\Desktop\dds.scr
2014-01-16 08:58 - 2014-01-19 12:14 - 00003376 _____ C:\Windows\System32\Tasks\gg_uac_daemon_NEXT Speed
2014-01-15 17:24 - 2014-01-15 17:24 - 00005924 _____ C:\Windows\PFRO.log
2014-01-15 17:14 - 2013-11-27 08:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 17:14 - 2013-11-27 08:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 17:14 - 2013-11-27 08:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 17:14 - 2013-11-27 08:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 17:14 - 2013-11-27 08:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 17:14 - 2013-11-27 08:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 17:14 - 2013-11-27 08:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 17:14 - 2013-11-26 17:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 17:07 - 2014-01-19 12:15 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-13 20:43 - 2014-01-13 20:43 - 00000061 _____ C:\Users\NEXT Speed\AppData\Roaming\mao.xml
2014-01-13 20:42 - 2014-01-13 20:42 - 00000724 _____ C:\Users\NEXT Speed\Desktop\Fantasy Saga Online.lnk
2014-01-13 20:42 - 2014-01-13 20:42 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gen C Inspire
2014-01-12 22:17 - 2014-01-12 22:17 - 00000877 _____ C:\Users\NEXT Speed\Desktop\Black Rock Shooter.lnk
2014-01-10 20:57 - 2014-01-10 20:57 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2014-01-10 19:59 - 2014-01-10 19:59 - 00001397 _____ C:\Users\NEXT Speed\Desktop\Skyrim.lnk
2014-01-10 18:49 - 2014-01-10 18:49 - 00561184 ____H C:\Windows\SysWOW64\mlfcache.dat
2014-01-08 19:29 - 2014-01-08 19:29 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\Skyrim
2014-01-08 19:14 - 2014-01-13 20:43 - 00035254 _____ C:\Windows\DirectX.log
2014-01-07 20:57 - 2014-01-07 20:57 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2014-01-03 12:55 - 2014-01-03 12:55 - 00003066 _____ C:\Windows\System32\Tasks\{022E48C9-E13B-4498-BAE0-333C5E30DF08}
2013-12-31 17:35 - 2013-12-31 17:35 - 00000814 _____ C:\Users\NEXT Speed\Desktop\Minami - Ke.lnk
2013-12-26 13:13 - 2014-01-03 14:32 - 00323656 _____ C:\Users\NEXT Speed\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-26 12:05 - 2014-01-19 12:14 - 00003720 _____ C:\Windows\setupact.log
2013-12-26 12:05 - 2013-12-26 12:05 - 00000000 _____ C:\Windows\setuperr.log
2013-12-26 12:04 - 2014-01-16 08:53 - 05846424 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-23 18:55 - 2013-12-23 18:55 - 00000000 _____ C:\Users\NEXT Speed\AppData\Roaming\wininit.exe
2013-12-23 18:54 - 2014-01-19 15:56 - 00000376 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-12-23 18:54 - 2013-12-23 18:54 - 00003406 _____ C:\Windows\System32\Tasks\AmiUpdXp
2013-12-23 18:54 - 2013-12-23 18:54 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\SwvUpdater
2013-12-22 22:28 - 2013-12-22 22:28 - 00000582 _____ C:\Users\NEXT Speed\Desktop\ELSWORD.lnk
2013-12-21 11:41 - 2013-12-21 11:41 - 00000000 ____D C:\Users\NEXT Speed\Documents\Nero
2013-12-20 14:05 - 2013-12-20 14:05 - 00000000 ____D C:\Users\NEXT Speed\Documents\Avatar

==================== One Month Modified Files and Folders =======

2088-01-12 06:30 - 2088-01-12 06:30 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\{28FB4D07-F174-42EF-B151-8D47EC74FC5E}
2080-01-12 07:28 - 2080-01-12 07:27 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\{9D24A5AE-A59B-4DDF-8E82-19531B4D335E}
2036-01-14 02:36 - 2036-01-14 02:36 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\{356064CD-A9F5-4DCD-A87A-0516FBE257BC}
2028-01-12 15:19 - 2028-01-12 15:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Xvoice.dll
2014-01-19 17:47 - 2014-01-19 17:46 - 00025485 _____ C:\Users\NEXT Speed\Desktop\FRST.txt
2014-01-19 17:47 - 2012-12-27 12:36 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\PMB Files
2014-01-19 17:46 - 2014-01-19 17:46 - 02076160 _____ (Farbar) C:\Users\NEXT Speed\Desktop\FRST64.exe
2014-01-19 17:46 - 2014-01-19 17:46 - 00000000 ____D C:\FRST
2014-01-19 17:46 - 2011-12-12 11:10 - 00000906 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-19 17:45 - 2009-07-14 11:45 - 00016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 17:45 - 2009-07-14 11:45 - 00016768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 17:43 - 2011-12-11 19:11 - 00003962 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{8201D6D4-7036-4302-9634-D624025C9887}
2014-01-19 17:22 - 2012-06-09 08:17 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 17:02 - 2012-10-18 22:57 - 00000948 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3432931919-1619684807-4284191451-1000UA.job
2014-01-19 16:46 - 2011-12-12 11:10 - 00000902 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-19 15:56 - 2013-12-23 18:54 - 00000376 _____ C:\Windows\Tasks\AmiUpdXp.job
2014-01-19 15:29 - 2013-11-13 16:01 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\Battle.net
2014-01-19 12:18 - 2012-06-01 14:44 - 01670411 _____ C:\Windows\WindowsUpdate.log
2014-01-19 12:16 - 2013-06-26 22:13 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\GarenaPlus
2014-01-19 12:16 - 2013-06-26 22:11 - 00000000 ____D C:\ProgramData\GarenaMessenger
2014-01-19 12:15 - 2014-01-15 17:07 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-19 12:15 - 2011-12-12 11:37 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2014-01-19 12:14 - 2014-01-16 08:58 - 00003376 _____ C:\Windows\System32\Tasks\gg_uac_daemon_NEXT Speed
2014-01-19 12:14 - 2013-12-26 12:05 - 00003720 _____ C:\Windows\setupact.log
2014-01-19 12:14 - 2012-06-01 15:06 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-19 12:14 - 2009-07-14 12:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 10:12 - 2011-12-12 11:22 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\DMCache
2014-01-18 23:02 - 2012-10-18 22:57 - 00000926 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3432931919-1619684807-4284191451-1000Core.job
2014-01-18 20:58 - 2013-07-23 12:17 - 00002254 _____ C:\Users\NEXT Speed\Desktop\anime.txt
2014-01-18 09:56 - 2012-07-04 20:59 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\uTorrent
2014-01-16 23:01 - 2014-01-16 23:01 - 00022808 _____ C:\Users\NEXT Speed\Desktop\dds.txt
2014-01-16 23:01 - 2014-01-16 23:01 - 00015202 _____ C:\Users\NEXT Speed\Desktop\attach.txt
2014-01-16 22:59 - 2014-01-16 22:59 - 00000648 _____ C:\Users\NEXT Speed\Desktop\how to use dds.txt
2014-01-16 22:58 - 2014-01-16 22:58 - 00688992 ____R (Swearware) C:\Users\NEXT Speed\Desktop\dds.scr
2014-01-16 08:53 - 2013-12-26 12:04 - 05846424 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-15 18:09 - 2013-07-19 12:53 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 18:06 - 2013-10-01 11:42 - 00000000 ____D C:\Users\NEXT Speed\Desktop\สอบ
2014-01-15 18:06 - 2012-07-04 20:54 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 17:24 - 2014-01-15 17:24 - 00005924 _____ C:\Windows\PFRO.log
2014-01-15 17:20 - 2011-12-12 11:28 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 17:20 - 2009-07-14 09:34 - 00000513 _____ C:\Windows\win.ini
2014-01-15 17:18 - 2011-12-12 11:34 - 00000039 _____ C:\Windows\vbaddin.ini
2014-01-13 20:43 - 2014-01-13 20:43 - 00000061 _____ C:\Users\NEXT Speed\AppData\Roaming\mao.xml
2014-01-13 20:43 - 2014-01-08 19:14 - 00035254 _____ C:\Windows\DirectX.log
2014-01-13 20:42 - 2014-01-13 20:42 - 00000724 _____ C:\Users\NEXT Speed\Desktop\Fantasy Saga Online.lnk
2014-01-13 20:42 - 2014-01-13 20:42 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Gen C Inspire
2014-01-12 22:17 - 2014-01-12 22:17 - 00000877 _____ C:\Users\NEXT Speed\Desktop\Black Rock Shooter.lnk
2014-01-10 23:44 - 2013-08-25 22:08 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\mIRC
2014-01-10 23:28 - 2013-08-25 22:08 - 00000000 ____D C:\Program Files (x86)\mIRC
2014-01-10 21:05 - 2012-07-04 21:10 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\DAEMON Tools Lite
2014-01-10 20:57 - 2014-01-10 20:57 - 00000000 ____D C:\Program Files (x86)\VideoPlayerV3
2014-01-10 19:59 - 2014-01-10 19:59 - 00001397 _____ C:\Users\NEXT Speed\Desktop\Skyrim.lnk
2014-01-10 19:48 - 2012-07-18 20:06 - 00000000 ____D C:\Users\NEXT Speed\Documents\My Games
2014-01-10 18:49 - 2014-01-10 18:49 - 00561184 ____H C:\Windows\SysWOW64\mlfcache.dat
2014-01-09 19:26 - 2009-07-14 12:13 - 00782922 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-08 19:29 - 2014-01-08 19:29 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\Skyrim
2014-01-07 20:57 - 2014-01-07 20:57 - 00000000 ____D C:\Program Files (x86)\WebexpEnhancedV1
2014-01-05 08:40 - 2012-11-03 15:48 - 00001715 _____ C:\Users\NEXT Speed\Desktop\Little Busters!.lnk
2014-01-03 14:32 - 2013-12-26 13:13 - 00323656 _____ C:\Users\NEXT Speed\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-03 12:55 - 2014-01-03 12:55 - 00003066 _____ C:\Windows\System32\Tasks\{022E48C9-E13B-4498-BAE0-333C5E30DF08}
2013-12-31 17:35 - 2013-12-31 17:35 - 00000814 _____ C:\Users\NEXT Speed\Desktop\Minami - Ke.lnk
2013-12-28 09:38 - 2011-12-12 11:22 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\IDM
2013-12-26 12:05 - 2013-12-26 12:05 - 00000000 _____ C:\Windows\setuperr.log
2013-12-25 20:30 - 2011-12-12 13:25 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\Media Player Classic
2013-12-23 18:55 - 2013-12-23 18:55 - 00000000 _____ C:\Users\NEXT Speed\AppData\Roaming\wininit.exe
2013-12-23 18:54 - 2013-12-23 18:54 - 00003406 _____ C:\Windows\System32\Tasks\AmiUpdXp
2013-12-23 18:54 - 2013-12-23 18:54 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\SwvUpdater
2013-12-23 18:54 - 2011-12-12 11:54 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\Downloaded Installations
2013-12-22 22:28 - 2013-12-22 22:28 - 00000582 _____ C:\Users\NEXT Speed\Desktop\ELSWORD.lnk
2013-12-22 22:28 - 2013-04-28 20:47 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Asiasoft
2013-12-21 11:41 - 2013-12-21 11:41 - 00000000 ____D C:\Users\NEXT Speed\Documents\Nero
2013-12-20 14:06 - 2011-12-12 12:10 - 00000000 ____D C:\Users\NEXT Speed\Documents\Youcam
2013-12-20 14:05 - 2013-12-20 14:05 - 00000000 ____D C:\Users\NEXT Speed\Documents\Avatar
2013-12-20 14:05 - 2011-12-12 12:07 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\CyberLink

Some content of TEMP:
====================
C:\Users\NEXT Speed\AppData\Local\Temp\DSETUP.dll
C:\Users\NEXT Speed\AppData\Local\Temp\dsetup32.dll
C:\Users\NEXT Speed\AppData\Local\Temp\DXSETUP.exe
C:\Users\NEXT Speed\AppData\Local\Temp\patch_3020902.exe
C:\Users\NEXT Speed\AppData\Local\Temp\patch_3021001.exe
C:\Users\NEXT Speed\AppData\Local\Temp\patch_3030001.exe
C:\Users\NEXT Speed\AppData\Local\Temp\patch_3030003.exe
C:\Users\NEXT Speed\AppData\Local\Temp\patch_3030004.exe
C:\Users\NEXT Speed\AppData\Local\Temp\Setup.exe
C:\Users\NEXT Speed\AppData\Local\Temp\Setup1.exe
C:\Users\NEXT Speed\AppData\Local\Temp\vcredist_x86.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!

LastRegBack: 2014-01-19 09:00

==================== End Of Log ============================

Addition log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-01-2014 03
Ran by NEXT Speed at 2014-01-19 17:47:41
Running from C:\Users\NEXT Speed\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: ESET NOD32 Antivirus 5.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (x32 Version: 3.3.0.29544 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.20 (x32 Version: - )
ACDSee Pro 5 (x32 Version: 5.0.110 - ACD Systems International Inc.)
Adobe Acrobat X Pro - English, Fran็ais, Deutsch (x32 Version: 10.0.0 - Adobe Systems)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9120 - Adobe Systems Inc.) Hidden
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated)
Adobe Audition 3.0 (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden
Adobe Audition 3.0 Vista Compatibility (Version: - )
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (x32 Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Anime downloader (x32 Version: 1.14.0924 - Kaminari)
Anomaly 2 © 11 bit studios version 1 (x32 Version: 1 - )
AOMEI Partition Assistant Standard Edition 5.5 (x32 Version: - AOMEI Technology Co., Ltd.)
Apple Application Support (x32 Version: 2.1.5 - Apple Inc.)
Apple Mobile Device Support (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
ArmA II Launcher (x32 Version: 1.4.0.0 - Spirited Machine)
ArnA 2: Combined Operations (x32 Version: 1.60 - Bohemia Interactive)
Battle.net (x32 Version: - Blizzard Entertainment)
Bing Bar (x32 Version: 7.0.619.0 - Microsoft Corporation)
BitTorrent (x32 Version: 7.8.0.29676 - BitTorrent Inc.)
Blades of Time (x32 Version: - )
Blaze Media Pro (x32 Version: 9.0 - Mystik Media)
Blaze Media Pro (x32 Version: 9.0 - Mystik Media) Hidden
Bonjour (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
BusinessCards MX (x32 Version: 4.62 - MOJOSOFT)
C9 Thailand version 1.004.0 (x32 Version: 1.004.0 - Ini3 Digital)
Cambridge Advanced Learner's Dictionary - 3rd Edition (x32 Version: - )
Caribbean Islands 3D Screensaver and Animated Wallpaper 1.1 (x32 Version: 1.1 - 3Planesoft)
CCleaner (Version: 3.13 - Piriform)
C-Free 4 Standard (x32 Version: - Program Arts)
CLANNAD Full Voice 1.5 (x32 Version: - Visual Art's / Key)
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (x32 Version: 5.0.0.0 - Coupons.com Incorporated) <==== ATTENTION
CyberLink PowerDVD 11 (x32 Version: 11.0.1719.51 - CyberLink Corp.)
CyberLink PowerDVD 11 (x32 Version: 11.0.1719.51 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (x32 Version: 5.0.0909 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.0909 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.47.1.0335 - Disc Soft Ltd)
Darksiders II (x32 Version: - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DJ_AIO_06_K209a-z_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
DMC Devi May Cry © Capcom version 1 (x32 Version: 1 - )
DomDomSoft Anime Downloader (remove only) (x32 Version: - )
Dragon Nest (x32 Version: 1.0.75 - Asiasoft)
Dragonica 1.4.0 (x32 Version: - )
EdenOnline (x32 Version: 1.0000 - Winner)
ELSWORD (x32 Version: 3.0.0 - AsiaSoft)
EnglishToThai (x32 Version: - )
ESET NOD32 Antivirus (Version: 5.0.93.0 - ESET, spol. s r.o.)
EverybodyMarble (Remove only) (x32 Version: 1.0 - SBT Co., Ltd.)
Facebook Video Calling 2.0.0.447 (x32 Version: 2.0.447 - Skype Limited)
Fantasy Saga Online (HKCU Version: - Gen C Inspire Corporation)
Fevermix (remove only) (x32 Version: - )
Foobar2000 1.1.8 XPack 1.08 (20.09.2011) (Version: 1.08 - vadimsva)
FormatFactory 2.70 (x32 Version: 2.70 - Free Time)
Fraps (remove only) (x32 Version: - )
Garena - Heroes of Newerth (x32 Version: - Garena Online Pte Ltd.)
Garena - League of Legends (x32 Version: - Garena Online Pte Ltd.)
Garena Plus (x32 Version: 2011 - Garena Online Pte Ltd.)
GIF Viewer version 4.0.02 (x32 Version: 4.0.02 - Stefan Wobbe)
Glory Destiny Online (x32 Version: 1.0000 - WINNER)
GOM Player (x32 Version: 2.1.43.5119 - Gretech Corporation)
Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Hearthstone (x32 Version: - Blizzard Entertainment)
HP Customer Participation Program 14.0 (Version: 14.0 - HP)
HP Deskjet Ink Advant K209a-z All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (Version: 14.0 - HP)
HP Photo Creations (x32 Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Smart Web Printing 4.60 (Version: 4.60 - HP)
HP Solution Center 14.0 (Version: 14.0 - HP)
HP Update (x32 Version: 5.002.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IBM SPSS Statistics 19 (x32 Version: 19.0.0 - SPSS Inc., an IBM Company)
ILLUSION むすメイク (x32 Version: 1.00.0000 - ILLUSION)
ILLUSION むすメイクきゃらメイクビューアー (x32 Version: 1.00.0000 - ILLUSION)
Internet Download Manager (x32 Version: - )
iTunes (Version: 10.5.1.42 - Apple Inc.)
Java 7 Update 45 (x32 Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K209a-z (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
K-Lite Mega Codec Pack 8.0.0 (x32 Version: 8.0.0 - )
League of Legends (x32 Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Left 4 Dead 2 (x32 Version: - Valve)
LINE (x32 Version: 3.3.0.70 - NHN Japan)
Magical Jelly Bean KeyFinder (x32 Version: 2.0.8.2 - Magical Jelly Bean)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Language Pack 2010 - Thai/ไทย (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office O MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (x32 Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Thai) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office SharePoint Designer MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office X MUI (Thai) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Speech SDK 5.1 (x32 Version: 5.1.4324.0 - Microsoft)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Miku (x32 Version: - k-rlitos.com)
Miku 2013 V5 by andrea_37 (x32 Version: - k-rlitos.com)
mIRC (x32 Version: 7.32 - mIRC Co. Ltd.)
Mozilla Firefox 8.0.1 (x86 en-US) (x32 Version: 8.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
Nero 11 Mini Repack (Version: - )
NVIDIA 3D Vision Controller Driver 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA Control Panel 314.22 (Version: 314.22 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 314.22 (Version: 314.22 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.115.743 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1422 - NVIDIA Corporation) Hidden
NVIDIA Update 1.12.12 (Version: 1.12.12 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.12.12 - NVIDIA Corporation) Hidden
OpenAL (x32 Version: - )
OpenMG Limited Patch 4.7-07-14-05-01 (x32 Version: - )
OpenMG Secure Module 4.7.00 (x32 Version: 4.7.00.12140 - Sony Corporation)
OpenMG Secure Module 4.7.00 (x32 Version: 4.7.00.12140 - Sony Corporation) Hidden
osu! (x32 Version: 0.0.0.0 - peppy)
Pando Media Booster (x32 Version: 2.6.0.8 - Pando Networks Inc.)
PangYa_Th (NtreevSoft) (x32 Version: - )
Path of Exile (x32 Version: - Grinding Gear Games)
PCSX2 - Playstation 2 Emulator (x32 Version: - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PHANTASY STAR ONLINE 2 (x32 Version: - SEGA)
Photodex Presenter (x32 Version: - Photodex Corporation)
PhotoScape (x32 Version: - )
Playpark Launcher (x32 Version: 2.0 - Playpark)
ProShow Producer (x32 Version: - Photodex Corporation)
PunkBuster Services (x32 Version: 0.993 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
QUICKfind server v1.1 (x32 Version: - IDM)
Ragnarok Online2 (x32 Version: 2.00.0000 - Gravity)
Razer DeathAdder Mouse (x32 Version: 3.00 - Razer USA Ltd.)
Razer Synapse 2.0 (x32 Version: 1.16.6 - Razer Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6554 - Realtek Semiconductor Corp.)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32 Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (x32 Version: - Microsoft) Hidden
Shop for HP Supplies (Version: 14.0 - HP)
Skype Click to Call (x32 Version: 6.5.11422 - Skype Technologies S.A.)
Skype™ 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Software Version Updater (x32 Version: 1.1.3.8 - ) <==== ATTENTION
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
SonicStage 4.3 (x32 Version: 4.3 - Sony Corporation)
StarCraft II (x32 Version: - Blizzard Entertainment)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Synthesia (x32 Version: 8.6 - Synthesia LLC)
TeamSpeak 3 Client (Version: 3.0.13 - TeamSpeak Systems GmbH)
Thai Translator Tool (x32 Version: - )
ThaiSoftware Dictionary v.7.0 (x32 Version: v.7.0 - ThaiSoftware Enterprise Co.,ltd)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Torchlight II © Runic Games version 1 (x32 Version: 1 - )
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Typing Master 1.0 (x32 Version: - )
UE3Redist (HKCU Version: 1.00.0000 - Epic Games)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
UxStyle Core Beta (Version: 0.2.1.1 - The Within Network, LLC)
Video Player (x32 Version: 1.1 - Video Player)
VLC media player 1.1.11 (x32 Version: 1.1.11 - VideoLAN)
Vocaloid IA V2 (x32 Version: - k-rlitos.com)
Webexp Enhanced (x32 Version: 1.1 - Webexp Enhanced) <==== ATTENTION
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Winamp (x32 Version: 5.622 - Nullsoft, Inc)
Windows Driver Package - FTDI CDM Driver Package - Bus/D2XX Driver (04/10/2012 2.08.24) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - FTDI CDM Driver Package - VCP Driver (04/10/2012 2.08.24) (Version: 04/10/2012 2.08.24 - FTDI)
Windows Driver Package - Parallax Inc CDM Driver Package - Bus & VCP Driver (04/10/2012 2.08.24) (Version: 04/10/2012 2.08.24 - Parallax Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (64-bit) (Version: 4.20.0 - win.rar GmbH)
Wiring 1.0 IPST-SE (x32 Version: Wiring 1.0 IPST-SE - Wiring)
Xilisoft Video Converter Ultimate (x32 Version: 7.0.0.1121 - Xilisoft)
xuggle-xuggler (x32 Version: 3.4.1012 - Xuggle)
コンテンツ管理アシスタント for PlayStation® (x32 Version: 2.50.6733.38 - Sony Computer Entertainment Inc.)
ヨスガノソラ (x32 Version: 1.00.0000 - 有限会社CUFFS)
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) (x32 Version: 15.4.5722.2 - Microsoft Corporation)
東方心綺楼 Ver1.30 (x32 Version: - 黄昏フロンティア)

==================== Restore Points =========================

==================== Hosts content: ==========================

2009-07-14 09:34 - 2012-07-04 20:26 - 00001038 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 www.internetdownloadmanager.com
127.0.0.1 secure.internetdownloadmanager.com
127.0.0.1 activate.adobe.com
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

Task: {22D4F4CC-F976-487D-8159-5F419358D62D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2011-12-12] ()
Task: {4125C076-ADA6-45F6-AF1D-451C59106A70} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3432931919-1619684807-4284191451-1000Core => C:\Users\NEXT Speed\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-18] (Facebook Inc.)
Task: {677D1A1B-9B9E-45D3-8755-50FE8059FFBD} - System32\Tasks\gg_uac_daemon_NEXT Speed => F:\Garena Plus\ggdllhost.exe [2013-07-10] ()
Task: {69B303B8-E2C1-4A3E-8807-8FB993D0E96E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12] (Google Inc.)
Task: {7AFF1568-347D-4711-8744-287B291726ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12] (Google Inc.)
Task: {8C2604E9-9D7B-4393-80E3-3A22FF07E813} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3432931919-1619684807-4284191451-1000UA => C:\Users\NEXT Speed\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-18] (Facebook Inc.)
Task: {98B9AAC7-A3DA-4C80-B763-2961090F4613} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {ACD0C682-FC9F-4EBD-803F-866D2076BAC2} - System32\Tasks\Microsoft\Windows\RAI\RaiTask => C:\Windows\system32\net.exe [2009-07-14] (Microsoft Corporation)
Task: {B414C7A6-87A4-480B-867F-75D00C69694D} - System32\Tasks\AmiUpdXp => C:\Users\NEXT Speed\AppData\Local\SwvUpdater\Updater.exe [2013-12-23] (Amonetizé Ltd) <==== ATTENTION
Task: {D8FEE047-50B8-4FD7-B96D-7CBE7ADDF8BC} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {DD4F6F94-28F7-4B7C-9379-6DE903CDD50B} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-03] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\NEXT Speed\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3432931919-1619684807-4284191451-1000Core.job => C:\Users\NEXT Speed\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3432931919-1619684807-4284191451-1000UA.job => C:\Users\NEXT Speed\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-29 19:21 - 2013-08-23 16:10 - 00553776 _____ () F:\Garena Plus\ggspawn.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00104752 _____ () F:\Garena Plus\CommonLib.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00033584 _____ () F:\Garena Plus\DibModule.dll
2013-06-20 18:25 - 2014-01-07 14:30 - 00027952 _____ () F:\Garena Plus\VersionModule.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00051504 _____ () F:\Garena Plus\FileLoader.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00087344 _____ () F:\Garena Plus\PluginKernel.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00487216 _____ () F:\Garena Plus\CxImage.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00025392 _____ () F:\Garena Plus\PluginModule.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00170800 _____ () F:\Garena Plus\lib\fs\YYFileSystem.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00374064 _____ () F:\Garena Plus\lib\Http.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00184624 _____ () F:\Garena Plus\lib\MP3Module.dll
2012-02-22 15:52 - 2012-02-22 15:52 - 00162304 _____ () F:\Garena Plus\lame_enc.DLL
2013-06-06 18:47 - 2013-06-06 18:47 - 00219952 _____ () F:\Garena Plus\lib\TaskManagerLib.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00106288 _____ () F:\Garena Plus\lib\UILayout.dll
2013-06-06 18:47 - 2013-07-26 13:18 - 00957232 _____ () F:\Garena Plus\lib\XLL.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00055088 _____ () F:\Garena Plus\lib\XmlUIModule.dll
2012-02-22 15:52 - 2012-02-22 15:52 - 00573100 _____ () F:\Garena Plus\sqlite3.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00224560 _____ () F:\Garena Plus\Plugins\StatsPlugin.dll
2013-06-06 18:47 - 2013-12-13 10:24 - 00896304 _____ () F:\Garena Plus\Plugins\ggplugin.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00192816 _____ () F:\Garena Plus\ImageModule.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00155440 _____ () F:\Garena Plus\libmpg123.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 02941232 _____ () F:\Garena Plus\ggdownloader.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00065840 _____ () F:\Garena Plus\lib\delay_load\AudioMixerLib.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00016688 _____ () F:\Garena Plus\lib\delay_load\ClientTcp.dll
2013-06-06 18:47 - 2013-07-15 21:29 - 01545520 _____ () F:\Garena Plus\lib\delay_load\FileSender.dll
2013-02-01 12:42 - 2013-02-01 12:42 - 00153088 _____ () F:\Garena Plus\libzmq.dll
2013-06-06 18:47 - 2013-09-20 18:12 - 00956208 _____ () F:\Garena Plus\lib\delay_load\GaFileTransfer.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00245040 _____ () F:\Garena Plus\lib\delay_load\MediaEngine.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00026416 _____ () F:\Garena Plus\ServerMemAlloc.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00516912 _____ () F:\Garena Plus\lib\delay_load\RSALib.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00068400 _____ () F:\Garena Plus\lib\delay_load\UdtLib.dll
2013-06-06 18:46 - 2013-06-06 18:46 - 00147248 _____ () F:\Garena Plus\xIM.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00590128 _____ () F:\Garena Plus\xim\plugin_msn.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00460592 _____ () F:\Garena Plus\xim\plugin_xmpp.dll
2013-06-06 18:47 - 2013-06-06 18:47 - 00194864 _____ () F:\Garena Plus\xim\plugin_yahoo.dll
2013-05-29 19:21 - 2013-07-10 18:54 - 00098608 _____ () F:\Garena Plus\Plugins\PlatformPlugin.dll
2013-05-29 19:21 - 2013-08-06 18:01 - 00236848 _____ () F:\Garena Plus\Plugins\PluginNews.dll
2013-05-29 19:21 - 2013-09-20 18:11 - 00397104 _____ () F:\Garena Plus\Plugins\GarenaTalkPlugin.dll
2013-05-29 19:21 - 2013-08-06 18:01 - 00287024 _____ () F:\Garena Plus\Plugins\DailyTaskPlugin.dll
2013-05-29 19:21 - 2013-07-10 18:54 - 00133936 _____ () F:\Garena Plus\Plugins\ClanBoxPlugin.dll
2013-07-23 20:04 - 2013-09-05 16:12 - 00215856 _____ () F:\Garena Plus\Plugins\GameSalePlugin.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-29 18:40 - 2013-12-19 18:34 - 00066864 _____ () F:\Garena Plus\bbtalk\InputHook.dll
2013-05-29 18:40 - 2013-12-19 18:34 - 02380080 _____ () F:\Garena Plus\bbtalk\Overlay.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00104240 _____ () F:\Garena Plus\bbtalk\CommonLib.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00063280 _____ () F:\Garena Plus\bbtalk\PluginKernel.dll
2013-05-29 18:40 - 2013-12-19 18:34 - 00033072 _____ () F:\Garena Plus\bbtalk\DibModule.dll
2013-05-29 18:40 - 2013-12-19 18:34 - 00382256 _____ () F:\Garena Plus\bbtalk\ImageModule.dll
2013-07-23 20:04 - 2013-12-19 18:34 - 00799024 _____ () F:\Garena Plus\bbtalk\gagmhook.dll
2013-08-24 18:05 - 2013-12-19 18:34 - 00041264 _____ () F:\Garena Plus\bbtalk\lollauncher.dll
2013-05-29 18:40 - 2013-12-27 11:44 - 00022832 _____ () F:\Garena Plus\bbtalk\VersionModule.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00448160 _____ () F:\Garena Plus\bbtalk\sqlite3.dll
2013-05-29 19:32 - 2013-09-05 16:01 - 00108848 _____ () F:\Garena Plus\bbtalk\lib\AudioMixerLib.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00030000 _____ () F:\Garena Plus\bbtalk\lib\ChannelUrlDll.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00424752 _____ () F:\Garena Plus\bbtalk\lib\exchndl.dll
2013-05-29 18:40 - 2013-08-06 17:27 - 00077104 _____ () F:\Garena Plus\bbtalk\lib\FileManager.dll
2013-05-29 18:40 - 2013-12-19 18:34 - 00053040 _____ () F:\Garena Plus\bbtalk\FileSystem.dll
2013-05-29 18:40 - 2013-07-10 18:17 - 00374064 _____ () F:\Garena Plus\bbtalk\lib\Http.dll
2013-05-29 18:40 - 2013-09-05 16:01 - 00046896 _____ () F:\Garena Plus\bbtalk\lib\InputHookLib.dll
2013-05-29 18:40 - 2013-07-10 18:17 - 00041776 _____ () F:\Garena Plus\bbtalk\lib\IPCLib.dll
2013-05-29 18:40 - 2013-07-10 18:17 - 00055600 _____ () F:\Garena Plus\bbtalk\lib\LangLib.dll
2013-05-29 18:40 - 2013-12-19 18:34 - 00089904 _____ () F:\Garena Plus\bbtalk\audiohost.dll
2013-05-29 18:40 - 2013-07-10 18:17 - 00134960 _____ () F:\Garena Plus\bbtalk\lib\MessagePumpLib.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00030512 _____ () F:\Garena Plus\bbtalk\lib\MP3Saver.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00238384 _____ () F:\Garena Plus\bbtalk\libmp3lame.DLL
2013-12-20 13:48 - 2013-12-19 18:34 - 01047856 _____ () F:\Garena Plus\bbtalk\lib\RealTimeVideoEngine.dll
2013-05-29 18:40 - 2013-07-10 18:17 - 00056112 _____ () F:\Garena Plus\bbtalk\lib\ResLib.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00099120 _____ () F:\Garena Plus\bbtalk\PngModule.dll
2013-05-29 18:40 - 2013-07-10 18:17 - 00127792 _____ () F:\Garena Plus\bbtalk\lib\TcpClient.dll
2013-05-29 18:40 - 2013-05-29 18:40 - 00137520 _____ () F:\Garena Plus\bbtalk\lib\UdpClient.dll
2013-05-29 18:40 - 2013-11-07 15:00 - 00110896 _____ () F:\Garena Plus\bbtalk\lib\UILayout.dll
2013-05-29 18:40 - 2013-12-19 18:34 - 00864048 _____ () F:\Garena Plus\bbtalk\lib\UILib.dll
2013-05-29 18:40 - 2013-08-06 17:27 - 00055600 _____ () F:\Garena Plus\bbtalk\lib\XmlUIModule.dll
2014-01-16 09:48 - 2014-01-11 17:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
2014-01-16 09:48 - 2014-01-11 17:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
2014-01-16 09:48 - 2014-01-11 17:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
2014-01-16 09:48 - 2014-01-11 17:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
2014-01-16 09:48 - 2014-01-11 17:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
2014-01-16 09:48 - 2014-01-11 17:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll
2012-07-03 11:31 - 2013-02-02 08:07 - 122274888 _____ () F:\osu!\osu.dll
2012-04-09 17:42 - 2013-11-13 16:02 - 00015944 _____ () F:\osu!\osu!framework.dll
2013-03-19 14:10 - 2014-01-10 21:50 - 10263112 _____ () F:\osu!\osu!gameplay.dll
2013-03-19 14:10 - 2014-01-15 18:09 - 08284744 _____ () F:\osu!\osu!ui.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 04:23:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: TESV.exe, version: 1.9.32.0, time stamp: 0x51437ce5
Faulting module name: kernel32.dll, version: 6.1.7601.18229, time stamp: 0x51fb1115
Exception code: 0xc0000005
Fault offset: 0x000e030c
Faulting process id: 0x1554
Faulting application start time: 0xTESV.exe0
Faulting application path: TESV.exe1
Faulting module path: TESV.exe2
Report Id: TESV.exe3

Error: (01/19/2014 00:15:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 00:14:54 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (01/19/2014 00:11:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 00:10:25 PM) (Source: Winlogon) (User: )
Description: Windows license activation failed. Error 0x80070005.

Error: (01/19/2014 00:10:18 PM) (Source: Bonjour Service) (User: )
Description: Local Hostname NEXTSPEED-PC.local already in use; will try NEXTSPEED-PC-2.local instead

Error: (01/19/2014 00:10:18 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 NEXTSPEED-PC.local. Addr 192.168.1.2

Error: (01/19/2014 00:10:18 PM) (Source: Bonjour Service) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.4:5353 4 NEXTSPEED-PC.local. Addr 192.168.1.4

Error: (01/19/2014 00:01:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: th14.exe, version: 0.0.0.0, time stamp: 0x520dc559
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0098bf00
Faulting process id: 0x1760
Faulting application start time: 0xth14.exe0
Faulting application path: th14.exe1
Faulting module path: th14.exe2
Report Id: th14.exe3

Error: (01/19/2014 11:20:25 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (01/19/2014 05:45:05 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5

Error: (01/19/2014 04:45:05 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5

Error: (01/19/2014 03:45:05 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5

Error: (01/19/2014 02:45:05 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5

Error: (01/19/2014 01:45:05 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5

Error: (01/19/2014 00:45:05 PM) (Source: Service Control Manager) (User: )
Description: The SPP Notification Service service terminated with the following error:
%%5

Error: (01/19/2014 00:17:03 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error:
%%1069

Error: (01/19/2014 00:17:03 PM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error:
%%1330

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (01/19/2014 00:15:02 PM) (Source: Service Control Manager) (User: )
Description: The winlogon service terminated unexpectedly. It has done this 1 time(s).

Error: (01/19/2014 00:14:23 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 12:12:55 on ‎19/‎1/‎2557 was unexpected.

Microsoft Office Sessions:
=========================
Error: (01/19/2014 04:23:22 PM) (Source: Application Error)(User: )
Description: TESV.exe1.9.32.051437ce5kernel32.dll6.1.7601.1822951fb1115c0000005000e030c155401cf14f0b34c28d6F:\Elder Scroll V - Skyrim\The Elder Scrolls V Skyrim\TESV.exeC:\Windows\syswow64\kernel32.dll5702b013-80eb-11e3-9560-001d7d0a4a06

Error: (01/19/2014 00:15:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 00:14:54 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (01/19/2014 00:11:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 00:10:25 PM) (Source: Winlogon)(User: )
Description: 0x800700050x00000000

Error: (01/19/2014 00:10:18 PM) (Source: Bonjour Service)(User: )
Description: Local Hostname NEXTSPEED-PC.local already in use; will try NEXTSPEED-PC-2.local instead

Error: (01/19/2014 00:10:18 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 NEXTSPEED-PC.local. Addr 192.168.1.2

Error: (01/19/2014 00:10:18 PM) (Source: Bonjour Service)(User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.4:5353 4 NEXTSPEED-PC.local. Addr 192.168.1.4

Error: (01/19/2014 00:01:43 PM) (Source: Application Error)(User: )
Description: th14.exe0.0.0.0520dc559unknown0.0.0.000000000c00000050098bf00176001cf14d3857ecd75E:\Touhou14th Double Dealing Character\東方輝針城\th14\th14.exeunknownc99c5d83-80c6-11e3-9692-001d7d0a4a06

Error: (01/19/2014 11:20:25 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

CodeIntegrity Errors:
===================================
Date: 2013-08-06 17:13:59.948
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-06 15:47:32.403
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 20:54:15.560
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 19:15:41.187
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 18:40:00.361
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 17:54:43.586
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-04 22:02:24.089
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-04 19:28:58.508
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-04 15:45:36.339
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

Date: 2013-08-04 15:31:34.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\user32.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 54%
Total physical RAM: 6142.49 MB
Available physical RAM: 2792.23 MB
Total Pagefile: 6140.67 MB
Available Pagefile: 2462.07 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Windows 7 SP1 x64) (Fixed) (Total:62.05 GB) (Free:4.4 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Private) (Fixed) (Total:93.13 GB) (Free:3.96 GB) NTFS
Drive e: (DaTa) (Fixed) (Total:142.91 GB) (Free:24.49 GB) NTFS
Drive f: (Data) (Fixed) (Total:465.75 GB) (Free:168.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 0923834E)
Partition 1: (Active) - (Size=62 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=236 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 2D5BD8AA)
Partition 1: (Not Active) - (Size=466 GB) - (Type=OF Extended)

==================== End Of Log ============================

Thanks[again!]

Maniac · January 19, 2014

Step 1

Please uninstall the following applications:

Coupon Printer for Windows

Software Version Updater

Webexp Enhanced

Step 2

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 3

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Scan button. Wait until is finished.
Click on Clean.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.

Step 4

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

In your next reply, post the following log files:

Junkware Removal Tool log
AdwCleaner log
FRST log

fixlist.txt

FinalSpark · January 19, 2014

JRT log :

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Ultimate x64
Ran by NEXT Speed on 01/19/2014 Sun at 23:25:10.82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\baidu
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{20928C3E-84C1-4848-ACFD-6BBF3950B57E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{78A36E83-B98D-4B8F-A7F7-E4A3D7190D55}

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\NEXT Speed\AppData\Roaming\baidu"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{005BF120-1786-49F7-AFC7-C2031183D845}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0077606D-08ED-4479-9F06-88E141CEB221}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{00AE1942-A788-450E-9625-D1AC44CF85F5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{00C65716-7367-45E9-93F7-A44758D091A6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{00F3C7D4-05B0-4ED4-A5DE-249F64B2A7B0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0157F12A-FA8A-4F1F-82FA-3C5B124F5471}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{01F3B835-7846-4818-B273-6EBB991BB2F9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{02976D1C-BFF9-4612-ABA8-7D573A615E63}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{036D1956-4526-499A-936C-15077EEB18C5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0480A620-67D8-476E-BE2C-D44569D45CAB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{04EF1ACA-F1A6-4032-98F9-DE49162CBDB6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{05B70C4D-D444-4BD7-B6B8-E97CFEBB22DA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{060279F6-6D28-479D-92F1-B84B56A0C443}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0609323F-DCB4-49CA-969E-E0444DBD7AD9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{06302480-40C1-40F8-9C9F-B5DFF6768E8E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{063A3EAD-97B9-4147-BD66-C33F5D7E5F4A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{06737D12-85B5-4A21-9EF4-F83E8F3858FC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{06A9923C-1A59-45FD-B787-BBC40AF6469E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{08CDEA53-72D3-45BF-965E-1F274458533F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{09E333F1-EDFA-488E-BB6C-209EB9D1447F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0AB85E37-054E-4F71-B616-76248EA92B5E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0ADB8576-3276-4790-9456-EA4707B62769}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0C683FC1-D471-4169-A345-A26826FCEB0D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0C909FDE-4DD9-4C84-8D06-1FDB70133F38}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0CAF9A30-6CCB-46B1-96A1-424191444830}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0D6134C5-6E65-497E-9228-68A66431C709}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0D6E4F74-8AF5-4CBB-8EFD-FE16EBC15B02}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0E687D01-2E6D-4910-98B0-15D260836C48}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0E727E2C-93D2-42AD-975B-8ACB3402E926}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0EC256B3-3BB7-4703-B5B2-921CCDEF5C20}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0FB0EBC7-A288-4A1B-8D28-DFE778923AB5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{0FC58FAA-7366-4146-84F3-66DCC057ECE0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{11A002DF-2B31-4BE9-95DF-F06266DCBF04}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{11F2E625-DEA9-4C9F-9859-27300C2DA84D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{12465C2F-CF31-4F9A-B989-CF9F129248CC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{125B9C91-CC93-4074-A845-3BE7AEB67786}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{12BC0EF7-719E-43DD-9316-0C294C601E4A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{133B5A78-597C-47F2-B7DA-32F85794B737}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{13BA3705-F5B2-4690-852E-F2DD3A89CC58}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{13CC7482-8C41-4537-8265-BB0641480213}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{14134193-4D8A-4DCE-A710-08117BF06665}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1511B464-4624-4950-8A40-584B8531F88E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1562EB8D-A51D-4600-B2F9-ED4933F8F622}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{15F8AF9C-A484-4BAF-B91C-BFB75E6DE206}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{16B78E16-C024-4D84-AD88-E8D0D6E5450D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{183C046A-F284-4083-97C3-493861A8C2C9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{18880729-ABDA-4097-BB59-E645F48EA5EB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{18A45763-A432-454F-B2BB-C2FEA478A7D5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{18ADF530-DB44-4A6F-8A6A-D7010203038D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1ADAC37F-EF61-416A-9716-507E6DFB6654}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1BC07AD7-9DA9-43F6-90C7-806A0B511BD8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1CA5E7FD-CE84-49EF-B239-5990011348F8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1CDBF3B0-F8F0-4092-BC20-1C1B154B1B29}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1CF43F2D-E5B8-4E14-9E09-70FD8A3126C7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1D1547E8-9D58-4C7A-8002-BB65E79ED866}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1EC2FDA7-CEEE-4900-80AF-F7B90DFA5242}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{1F2EC50A-60D8-48D3-9948-55D09A738968}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{206517C7-F0B8-4CF6-97F9-9C23EB1B81CD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{20682D4B-0A04-47C3-B703-91BA660F2034}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{20A18638-9367-4869-9360-183A4B275099}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{21141B8A-2A63-4331-9D04-2358935DD8B9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{212230DD-B22B-4801-BCA3-F870618B5492}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{218AC9AD-C74B-4B76-A519-062633FCCCE2}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{21DD852A-5A13-4C25-9543-73272C42B104}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{21ED12BC-E3EC-4202-8F8B-6E818B40AA08}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{22F089AC-9DD8-40D2-A774-1719D22F1222}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{23160DF9-E58E-48CB-A6BC-4FFC541F9B2A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{233BB06F-CEA9-47B3-A31B-6D8A800A1674}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{23D0DF67-FB41-4B55-8B23-5889AB5F0825}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{23D6BD28-F103-41C4-A645-526985EB84D3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{24476763-D4F7-4C0A-AD77-3AB28209439F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2485462F-2502-4A6C-9149-901BFF4C909B}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{24C29B78-12E3-456E-9AE9-D77CE6DEA7AB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{256767D8-53E6-4833-8E3A-68B1107B2D0C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{26275498-B3A0-42CA-B735-E8CB575F7F78}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{26C9228C-2D60-4F37-8B33-17B1F1BEB308}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{277E513A-443C-4736-A55E-B07FB9C2987E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{277EB3CC-F101-4EC3-8356-99D20C2D561C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{27825DA4-E8EF-4FE6-8BDC-BDB92158CDB3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{27D2BACA-688D-46B2-8A18-B1E50341E287}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{27EEBFA9-C657-48F6-A5D0-E615EECEDAEF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{28AF62C5-8C0E-4EA4-ADF4-97B21A60F7FB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{28FB4D07-F174-42EF-B151-8D47EC74FC5E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{29097267-7910-46EC-A376-99D07E21B231}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{29D77B66-F5CE-46A4-8411-A16E38E4ED46}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2A1B51B2-1E83-4B59-BDB3-B052810F9E8C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2A6B56F3-0636-41BB-B70F-7495E48EB5DA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2A7CAB32-0484-4DE2-9F20-ADE519589BE9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2AEAB162-0800-43B0-8866-61A3228C1CB0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2B37B6FE-9B0F-4287-A6F5-8B90EB397C75}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2B64017B-A705-46EC-AB7B-D1C1DE58C2C8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2B6CE203-C6DB-4FA7-B6E9-A5F0E7C60B00}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2BEDD9D7-ECDB-4456-9834-55AD762F7A92}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2CB3BDC8-A4E8-4BE2-95DA-FE9C1F881815}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2D3AD35A-1B22-4FDA-AE01-CB366A7A0D91}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2D67337C-AA2B-486F-B6DB-2A8D6A1361B1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{2E3C6CE1-1CB6-4BE8-88C3-D06814CF82C7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{308695B9-8055-4DA2-A85E-E83A4E668AEC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{30F6AE3C-62EB-41F6-A1FD-5629B5634B04}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{311591EF-E0D8-43DD-927C-76C172391231}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{316F3DB4-B429-449E-BC5A-54B66A14F3F3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{31752228-2C74-44B4-AAAC-6E8CBB93C573}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{324BFB2E-D1D1-444E-B138-E8D68C5C9A6A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{328F34D1-5B96-4791-8EBE-F747A0AB088D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{335DA346-F57F-453E-8DBC-5BCDAF67CF00}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{34585E3C-E8A2-467D-B6C5-FF3EF1F6385F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{356064CD-A9F5-4DCD-A87A-0516FBE257BC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{35A02EAB-4530-440D-9B0E-8779FFE8BF49}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{35B88DBC-4618-4CD2-AA12-938720480118}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{368AB716-5621-4F88-B85E-BADE3D89CFCD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{36A75D33-29E0-449A-B2CA-04013D950F7B}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{36B0F78A-A7B1-4125-9E47-DD721C0C3FF5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3789004B-EB46-497E-A08A-301933C652D7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{383A0CAA-0289-42C9-882E-482FC1CA9E62}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{389A20B2-80FD-4C59-B62D-25FB2EB64EDD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{39616402-4A25-4227-A6D3-57D6F0018019}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3989345A-190D-4479-A921-86C79271CE91}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3A17CEC6-41D5-449B-A96D-75DE92C8BDC6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3AD5D4DC-36D9-40AA-BB67-27729BA5E0D6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3BB91E54-6190-4E66-9162-505E33BFCEE8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3BDEA379-4E40-4305-89A8-644BD1F0A2FE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3C17BA99-7D9C-49FB-9AC2-649D89896DEC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3C8C64C4-74D0-41CA-999C-A27D429C9D0A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3CE37167-F081-4844-8486-2D87973B480C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3D2F2C1B-CEA6-4B26-9299-A07D5FB83BD5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3D386BC9-349D-407E-A2A6-5981D15D35BE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3D678789-7B67-4976-8860-576BD863DAAB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3F053001-4023-4C70-BA7D-FAD67B39BF16}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3F0B369B-8F8C-4B0C-AD13-0E90554B01A0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3FB046BE-3454-4C09-BEF9-0DE82E073088}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3FB5F06B-C98B-44E2-A825-F5A8925BF760}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3FCCC8CF-1000-4F90-AD76-E01063474643}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{3FD94CAF-DACD-43F5-B825-0409F789981C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{409CB823-F396-4594-BECA-E149546E0B27}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{40B3924B-4774-48C9-A6C3-E66DAD53BAC7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{40CF6B25-5D68-4C83-88A1-B916BF30E5DA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{41A1BD53-D24D-4401-83B5-8DA45ECCB1EA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{41E705F0-66CB-4F42-A09C-68D80E3FE98D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4242C234-5333-49E3-8E67-787596DB6901}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{42EAE690-9756-4BF5-BDA7-40538962071B}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{42FBC825-3430-4476-A4F8-725FE8091536}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{433E3C07-F7ED-45D5-A35C-46DCBA6364EA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4378821A-31E4-432B-8E2C-4354DA26B56A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{43905449-5736-4C02-9C80-424930DF50EA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{43C2A23A-67A1-4A2A-BA5E-F2D0FFF3792F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{44051846-1D8D-430E-8FE9-324A23F4339D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{448BB5E4-CDE8-41EA-A1C4-D42FB229900B}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{45182606-3D5A-48A5-9C3C-A8F8D25F787E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4544554C-D046-42AD-A1DD-597FA9EE05B9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{457D78D4-C4EB-4962-A83F-60634E168699}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{46AF8D18-903F-4EF5-A439-B3B47176FFFC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{498EE862-50B9-4460-BD10-DA822A030A40}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{49CF4DB9-10A7-4ADE-89D2-2EB704C9B519}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4A39496B-A524-4EDD-B3DA-5FCE9A3970E1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4A4B63BC-1214-4869-8E8F-57E0C032E1CF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4AE6DDEF-DAE7-4FB6-815D-3C84095265DF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4B83BA97-E2A1-452A-BD0B-21598A6172F4}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4D604FD8-5468-487B-A195-57DE943A9004}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4D9A8AC7-5E8B-4330-B07B-BD3358087B6D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4DBEB27B-7E50-4829-80EC-C600E0E8E455}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4E2A5344-5006-4CD8-B202-888E64A35119}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4EC85488-86BF-44CA-8DC1-C50CF57C6EE8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{4FE48CD0-BA5E-434D-ACC7-6EC3EF8889CE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{511F2BF6-AFBE-4B26-8B0B-46DB215904F9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5319E2CB-8E2D-4377-BA08-B9CAE482C181}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{54727A7F-293D-4F42-97B1-1C3BC91C1130}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{54888017-1F93-4C32-B89E-AAF9D7EACFCB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5549A44E-F1C8-440E-9146-632FBC078526}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{55C31233-8F84-4976-BE3F-E05D1F2D97CD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{566B4B4C-A404-4A75-A96C-141650FAF76C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{56F156FB-03BB-4525-A65C-F2F4D2A72F77}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{56FB0E44-9F6C-4ABE-B5F3-79ED248EE050}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{57BEC20A-31F2-40DE-A3F4-BC098F5CF2FA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{58099D34-D426-4095-B830-ECDE1DDF32DC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{58258FA4-CF1B-41B0-9983-77C2CBBA43CD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{589C931C-15F6-4BAD-998F-0F1EFB009E26}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{58B6C473-7DD5-41A5-A031-4411BA7F7CAC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5A0A6CC7-4972-452B-8C6E-8094085DBE0D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5A9A9933-EFD9-4850-A116-7ECCDC34EB40}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5C617023-BBD8-467F-85F3-FC3A59E0EF30}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5D4D0B56-2741-4F7F-A4A1-4997FA0463D9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5D8E242C-41C0-4038-A043-B0FA33AF92AC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5E7C5270-3F55-48DE-9D38-FE03463FA1C6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{5F58F299-71EA-45EF-9FAE-2A3764B68F4D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{604D220D-CB85-4C97-880F-B220534394AB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{60DA64FA-C416-4E7E-B240-B91EBC099B89}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{61194790-7231-43C0-BB35-F16C80715A21}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6145DAEE-A6CD-4398-A3B6-9CAE5B35FB6C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{614B8078-157F-475C-A6C3-1FF9677A65B1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{61543A1F-DD2F-466A-A077-39F0E889E10E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{63076F0D-B7D1-478F-B76A-E9437EB72272}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{63DE7817-FBE5-4208-A20E-F2F3B8BE7287}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6548D750-CB4F-41EE-B391-9BA3AA813F92}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{65DFAD3D-F81B-476E-AA11-EAB603D97113}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{66174FD8-37CE-4B92-8111-533D2FA73650}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{66AFA510-E842-41C6-B106-534B91515E35}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{66DE5F82-699D-4360-8EF2-385878C9C0F1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{67FF160B-B6F8-4E24-BBA1-55C7DEABA591}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{684427F5-C660-4709-94B9-F6C11A5F7E5A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{68C29E8F-5859-49E4-84BA-B9914C5E6901}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{69CA5D6E-06E0-4D4C-9427-74290C541FAA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6A3CEE1C-8F9C-48F6-A53D-CC46CD447532}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6A53C732-D664-4F8E-8F15-5D82FB5B4497}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6A5533C7-4C96-40D8-9204-DD174812AE6F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6B8F4491-3224-4B85-A0F1-4480E083F582}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6BB03472-D994-4C0B-B491-90EA5469E784}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6C2D4F3D-49C5-4369-9179-C0838DEC7AAB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6C52C1FD-4007-4F36-92C3-51D2E46135F0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6CA5FE2B-CCCE-4EFF-B79C-8652FDCC121C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6CDB8141-1BA4-4DEC-A49A-AD673BE4139D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6E3C3647-CAAE-4655-AA85-6A03C21E8D01}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6E6FFA34-CDFA-4206-B00A-A35CC446E5D1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{6EC819CD-4154-44AD-80C1-1217DF0B24B0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{702162FD-BD87-4FF9-B331-ECDDE56AF260}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{707EED1A-1A09-462C-8A32-832A5A1669ED}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{73BD9D45-FA57-4643-B358-503E17AC6B34}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{73F3BF30-DB26-46D9-9D02-AE05FF6863C2}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7469BCD5-E2AA-485C-B70A-F4A6A0CF5389}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{753D4DB4-496E-4602-A653-F9B65DB74BB9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{75FD8536-C00A-41FF-9B4E-05BD371A4504}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{763AF893-C068-4851-91E3-64EFCA64789D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{76D552A5-9906-4799-AD37-C24F33E6A7B4}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{783C2F5C-E443-4809-875E-65D302E2A36B}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7889AF14-A397-464E-A8A5-0EC3BCB51597}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{78B61166-BEA9-4509-8E24-BC269D2B560C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{79609113-BFF9-4550-9895-E90FC49336D1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7B82C69B-E262-4321-9078-53692B56135A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7CCA189F-B2FD-4004-931C-C40D888D2BFC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7DBCB7D5-202D-4348-9BD2-BD7968B4A65D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7DC4B529-8DA0-4AC5-80E2-DC7DC8F68AC7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7E598302-097A-4559-87AC-016B8D4A2B98}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7E6BBC56-51F3-4D89-990A-AEAC43D002D3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7E757FD7-EF43-4568-8F76-858E40E9EC2C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7F4660FA-30EE-4570-BCD3-64BD989EB35F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7F7FC6B1-8FCC-4ECB-B60F-7C4A77C7E22A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7F939F2E-2D66-4F53-AF5B-C84BAE5B23F0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7FE1739C-D6C9-44D2-890B-23F321060C2E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{7FECA783-1459-4020-A42A-A50CB063AEFF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{80080FCF-CD02-461E-AF4E-235FBC338464}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8025040C-DC80-4AF6-8FF0-E986610D2D09}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{80C393E3-FD9E-4351-B796-B70B3556F8AE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{818C65F6-38CA-494C-9F32-0B65D0B283F0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{81E238A9-2F15-4EDF-98F3-E4B5C249D5B2}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8213007F-46AA-49C5-BE3C-090DC42C4B95}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8397E929-031D-4897-9926-A785A69E339E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{83A64C6B-6E27-424C-A80A-B1EF862722E3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{85536C8F-52F7-47F3-99D1-B07996DF31FF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{857D5256-DDBC-4FAC-BB60-BE2299C9267E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{85AF9861-301F-449C-A798-51C5E32A17B0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{86140D22-DE61-4AA3-9881-C6E6A04EC42D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{86D97534-88D0-4EDA-94B3-47C0E4AC7336}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{86F18B9C-67C5-42DE-9E4B-EE6AD4CB1E22}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{878257F1-BA6E-445E-A7E9-30591623CBA8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{87C017B7-BFF2-4592-9BB7-3CC1A81F55B1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{87F04B92-C44C-4085-9E1E-115428BBC64A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{88366ED1-B047-476C-9B41-0470A5DBEA0C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{890F2711-2DF8-41CC-BA31-54B4813BA9F1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{89C9586C-DC2E-4E5D-8CFE-CAD62F2674DC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8A21B148-F906-42E1-8BAE-E41B78FD0A18}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8A4CE8CC-4F07-49FF-9448-BBD3657C7640}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8B951403-E030-47FC-9975-1B3291067230}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8BC26B3C-BE4A-47E0-8A55-402E28DDEEA4}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8E1978FC-7AA9-4B30-8160-5247B63D0274}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8EA8492D-4DEE-4309-B8D8-B9B47EADC6F3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{8FA7B704-3AC2-4E1A-BE0A-D953FAB03189}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{90241923-439F-4E3B-9224-ACA9ED0AD1CA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{91ADDF5F-1F9F-4567-9FAE-9E2BB68044FF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{91C274EC-9149-4952-A640-0FBF762B761F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{92076A56-E0AE-40D1-896A-8ED9DF680C5F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9219B300-9209-4E9C-8119-BCA5B221C588}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{92AC3A69-DA8A-4F14-81A1-69FD8762A099}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{93234CCE-02E9-4CD3-BA1B-40D5403FECE0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{94C85019-4A0A-4BDA-9059-270D59FA562C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{950B4C69-2308-4977-ACCA-513FD23A2E08}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{96643A9C-8E5D-4A68-9E17-0F8D0C540E3B}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{969934C7-16BE-4C53-A976-8D69042F9843}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9748280C-2BAB-49ED-AE9A-1A751F91A677}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9758FC2B-1F02-493E-9AA4-5EBB4D4A5FF5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{97C324DA-E306-45FE-B0D0-5D6D7B201A17}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{97F795EE-4316-43B1-8170-BD834F7B84A6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{97F7F290-EC30-4AC6-A37E-8193FE2FD809}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{98568E01-1704-4796-B318-393FB23360F2}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9872E7C9-A5EC-4796-8B1F-008F7D192131}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{98DE7AED-B305-4EE9-9ED7-E1C56636C04F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{990171EF-4DEE-4907-A3B6-A1C9A63EEA20}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{992FB2D8-9C9C-4FF1-86FB-7B869BF83942}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{997D54C4-A841-4517-A152-88E41DE5F938}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9A10B01E-9949-4A4B-94C6-9761AB12D6C0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9A7BDD6D-595B-40DA-81CC-231DD5BD9117}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9B8E042D-1B31-4D53-93AF-0F8F68DF2A9C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9B8FD954-1A25-45D9-80AB-17D69CAD5BEC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9B9E34AD-6173-48FB-9E47-AA25612B23F7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9BDC192A-05EE-4F12-AE5E-F4B698E742DD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9C75BDC3-5DD7-45A1-8352-41F26218AAC7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9CEB2E64-5E0F-4576-8FC1-4330955EA4A2}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9D24A5AE-A59B-4DDF-8E82-19531B4D335E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9D3994D5-55ED-4BAA-A61E-3F8B658D05AA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9D4DDA86-AEB0-4F0E-A701-A4E0DF9A30F9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9E7B54C0-852D-4623-92F6-A98651D34890}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9E9FE6D0-7707-4855-B2B9-FDB750E514E8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{9FAB4CA7-B483-4EE8-8002-7B60E6D7B5ED}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A062AA3C-C130-45A3-B6B7-B3F15DC9FDE5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A0CF1FB4-E798-45F8-A275-EC4D2F5D08AB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A1954183-33AF-4FC8-B294-6BAE21017E00}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A1D44270-A46A-4E33-A550-9D00A404088D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A2B0DFF0-56C0-42D9-9338-FA9C61749D2F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A338C959-B4FE-4681-9B0F-9154D6D879B6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A5C2A169-BBAC-430F-8BE5-C46F685A0075}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A5E5949C-0140-4C80-976D-849434B4A146}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A6515035-E780-4F34-9D49-566EA8AB6850}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A6689CC5-EAD1-4699-B80A-A72C2B973ADC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A6B58CC5-A7DF-4FF8-A383-6A32CC6703AE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A70A56F1-5F7D-4B30-8518-DFB4C981A215}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A7B3A6B9-8C05-4615-9A9C-EBECFAD5371C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A8D1AA41-9EA9-4EE0-953E-BC4694D1827A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{A9046D55-6918-42E6-BAFD-8B77C3EDFB3C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AA6875EE-4789-4990-BC47-E798EECD1A19}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AA728FC8-A64A-415D-9EC8-69E8EFC71CB0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AA7E10D1-0D87-42A6-B20C-033064E8DA00}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AB8ADF25-697C-480B-83A9-A5DA09460853}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{ABF4FC90-3730-4DB3-B710-B103835BFA69}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AC08681E-4ECC-47CD-B7B2-D3D17CEA9209}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AD61B071-3AE2-4202-824B-E32DF60F2E50}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AEA86C68-DAA5-4C19-94A5-B68DB5B1CD46}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AF24C358-95C6-480A-9DE8-9100530F9FF9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{AFE2A80B-E2C2-4397-A20F-4523FA6FB76E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B0CA3C7F-8C5E-4F3E-A826-B518A73EDCFB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B10FC1D4-71C9-4C93-A5D2-CCC49945C5D3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B12F6155-07AB-48F0-A007-CA1151B62CCA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B14341AC-4710-474F-BE53-29AF6EFA2138}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B2BF2060-43A0-462A-8910-8B4C975C3096}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B343B3BE-51E6-4F30-8A3D-118539889B81}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B3FF50DB-66B2-4FBB-9B04-3CED830DB51A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B485BB95-6349-4128-8A53-9FE7807BDB96}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B4AC7962-B93B-404F-9C96-E87072A57957}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B527038E-C870-43E8-90DD-40308DA402B8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B5ED8758-1C95-4E48-9DEE-B16028F8FC8F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B614C79B-F5CF-4623-A0AA-C5B3261FC2DC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B73246C8-6EB8-4137-8EA0-2DA7BD2C91FE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B80A43EF-3E49-4855-9008-EC53CAA64E5A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B8A946F4-59BF-4B79-BD3F-2EC305B0E771}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B8F191F6-F07D-4DF7-9935-9A956C206F7E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B8FE743E-8D6E-41EF-8312-70A208A90398}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B92229BC-0418-4A9A-8BEA-FF9F3B6A433E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B92F3B7E-973F-4E9C-A639-312CA7D901BD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{B9AC144B-CADC-4F79-B55C-C26A473352CB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BAA6BD6F-7D96-4418-81CF-B6C110CA7A9C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BBEF9B74-A418-4FBA-A5F4-C8173375DB50}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BC5339EC-F9EF-4D67-AFE9-9DB7660F1707}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BDCFB6DF-58E0-423B-94B0-344185D5DAE8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BE03E8C5-8E60-4D3C-BB5B-0E0680EEAC63}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BE1E3EBF-B254-40AC-9DF5-F17677A2F868}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BE3BD742-5DF0-4766-B5E0-16D6F30DE47F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BEB10CE7-A66D-4704-B4EE-B907626F1F7E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BF88B940-556C-42BA-B2A1-3BE95957BA47}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BFC40564-3B64-4B32-827A-39985CCD05DA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{BFF14DFD-F7B3-4A46-96D1-1862D405B9B2}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C075CD66-9387-4319-9825-8CD1032737A8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C08B33B2-B677-4DD8-B811-C06D2FFBC677}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C0A7EF0F-CCA0-46D6-95EC-18FCB27BD320}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C0FE7D27-8E08-4523-A074-76B172493D7A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C1A156BC-45A4-4AE1-A17F-B260C11623D3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C2041F2A-DF8A-432E-A886-3EBFB3EFFF1C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C3317A6F-5AEB-4561-BC77-58D8774F09A1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C40BD666-AAB6-4B60-88A5-8CF533BB794E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C40D834D-5E4C-4126-BEEE-4453E4CC6888}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C4A47F90-BB70-482E-AB07-A0A2965EDA8A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C4C85E08-DB32-405B-AED8-E613FC7B79F0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C4E8A11A-0734-4E8A-8975-C814C30C5132}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C625A1EC-A9B7-48C6-BB3A-4A450C58F0B7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C7A34E33-B5A7-4612-9BD0-268C4CFF259D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C7BA6128-2328-4AAF-8593-E46CF3CCA77F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C85E9990-D1E1-4266-A2EE-55B15C5254B9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C8B0E57F-9F6B-4473-A0BB-5300263CFEED}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C926B251-9C9C-4932-B75E-FEB75583A619}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C92735E5-655F-4555-83F4-217A0CB2C840}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C9B79325-CE93-4469-8510-52A99282A23E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{C9F7E7C9-7034-40F3-B9CC-F7830498C6C8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CA40AFBB-30F3-4543-85A9-2C7639E56D54}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CA8EF1C8-2C48-4465-B59E-6882B546F0B9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CA956562-FE8E-4ABF-9BBB-90DD8C3E7A49}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CADD81D4-810C-409A-A0A8-79075C8E207A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CB7A916F-B682-4C2D-A373-7501CDD2B9AF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CB862824-60FC-49A8-8DB6-1B7824E95FD7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CC2559F9-6332-4150-8659-057ACCA820B9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CC4A457A-8649-4556-8D17-FA1396533524}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CC83DED2-DB24-48A9-A5DE-69AED63825EE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CC9FFFC2-D714-471A-9C76-3B609CF67C89}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CCEA8E5F-5632-49B7-AAC8-86A58EE9BAD1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CCFD8327-61F1-41F6-A0C2-FD2F9B35B797}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{CE56F59B-8E85-4D25-810C-9B31A4FA3DA0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D04208F3-E302-488C-8353-1B0D5D14E7DF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D06374C7-2B51-4C69-B133-99CC41982DA2}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D0B10047-DBE5-4955-8CC6-8B270E9FA761}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D17895EE-9981-4F6F-A555-5569319AA5D7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D202A6A6-1A7D-44C9-85E2-9B32FE73D5EE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D22D1D29-F8E2-452F-9FD2-EE9C9501B7A5}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D23A0D25-5E2E-421B-8597-BE6B0C1A1671}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D24107D7-7152-4327-A2AF-9C1D920D0120}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D261F180-09BB-4C3F-898C-D472F192C114}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D2D4D3B8-B8D0-4F49-A86F-58978117B65E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D3E1F599-1145-436D-AB84-8EF1DB85637C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D4E53FDC-6005-4017-B55A-8E50AB5C2A97}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D50857F7-EB3C-4E1C-896F-E20201F0FD4F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D5501363-1CA8-45FB-A045-0DB8E594BFD9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D5E8771D-F0C0-4F0E-8383-6C5B0468C339}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D6AF1200-D552-4073-94DB-6BABBC780543}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D6B32262-2811-416E-89A4-5A2CF9E2C1A9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D6D7BE4B-71BB-4CC3-9FCE-2155D7125E62}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D755C6B6-D14D-4A61-B02B-48E8BF6F425D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D7DA019D-5ACE-4612-AC95-EBFB69CAA0D8}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{D99408BD-8840-4FCE-926A-9C73387C8F37}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DB031CA6-2642-4FAB-9BD8-AEA0E079BAAD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DBBCC847-CCC8-4B4C-974D-4065DE1D5434}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DC166081-5DD2-41DE-A013-362C0019213B}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DCBEE4B8-724D-4D41-8327-A6789C570F6D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DD70D9D1-F641-41A9-A427-27C1C230E3B6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DD8B5CDD-B9BC-48E5-8977-B5B0771CB10A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DDBEBB64-7EC4-4BD5-86B3-49C8C04FF58C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DECB62E9-F6B2-4403-926D-C0D5A324C3EA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{DF647354-1252-4616-83F7-02DCDF08442F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E00D6747-02E9-4555-A467-1C47DC6EB52E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E043B5C3-0898-40A1-A96D-B9CA4FD85896}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E1A6DAC7-04AE-4AB5-9655-ED5E9973EDB3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E1AAEB4B-46DF-4E20-8172-D752077DE65F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E1D4F6FF-7866-47F0-B877-20EEB73FAA7A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E20589E2-2608-4C0B-A794-E86242886F83}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E2F117C1-7289-4074-9202-4CB08A113281}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E2F62CC6-CCF3-4760-9E24-53AAFD77E4CF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E30FB62E-F0A2-4C96-8943-F0270708DDB3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E34766A1-A18E-44C8-BE1A-0865EC7BA794}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E3952ABD-5753-4127-9059-49D5334B4BF0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E3BF0B78-21E4-4C3C-9D17-FEF1CEAFA803}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E3C4241A-1614-413A-A583-6E6207BF18F7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E3C6369D-FC86-4B2B-B4F0-6282B7BBAA83}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E3FB6027-E29B-478C-B0B8-D2DDB6EAC861}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E442D825-A349-41E5-96D8-A76F666DD5E0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E4524720-55E4-4211-8305-6F2C0615107A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E51D02F3-AA11-4B0F-A19F-06A3AFD5D1E4}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E62CED97-549A-46F3-9C73-D4EFAE8E0701}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E691CC52-E4FA-4EA5-8B5B-8F05F68CDDE0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E697DFCC-0668-47FB-97A9-142AD108782E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E6DB5BED-3ABE-461B-99A1-BB19BDF5CBEE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E7C69C35-0B7C-44D9-B8B0-B4ED71665C23}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E82F4D6A-D7ED-49AA-8D7A-32DD783BDA86}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E855EC9B-A481-4A9A-99E1-25A0F92E78D1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E863E989-04BF-483E-8503-101F015C9EC6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E93D6D09-FD20-4186-996A-B854A023E50C}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E9EF6728-755F-498C-BF08-398A6995CD7F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{E9FA71F4-B4A1-4164-B18B-0CB9B7D33AC3}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EA0B60D2-D375-413C-992A-EFC12A579E3B}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EA6DC181-9B59-4F68-8950-4E523EAFBCF9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EB16469B-2A0F-479B-AEC5-6A4A11A21540}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EB4E4758-BC03-4261-88AE-EA253CE2399D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EC147438-5CC2-48F6-9770-6DD613A5C65D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EE2B76C2-E434-4240-A837-52329D59C9DE}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EE399801-2626-4DBD-9413-02B912D68D88}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EE76559B-5EE9-42CD-945C-CDF39455FDC4}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EEA0DBC5-322D-4EED-8B6D-E5EF01CA5469}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EEF78FA8-3F91-4059-ACBB-4719F72162F6}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EF287AEF-2A2D-4F51-B698-771DBFC6C873}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{EFAEB4A6-3896-4289-838F-C5CEC3143DF1}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F0C8969F-4FDF-41F7-9464-F3F5C7B99F25}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F126EEF1-A0F2-4C25-9014-0B80168368AA}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F149F918-AC51-492C-8304-B4CAED046882}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F15CCC1D-68C2-435F-A9E7-F8DA4878DF7D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F27557B9-F754-4300-9E27-252212CE973A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F2C1749C-49C7-43B8-9026-F697A7310607}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F33128B0-523F-48A4-AAF3-E37AD5E6D3FB}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F3446481-06A0-4981-B4A7-9A8331A98879}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F48993D3-3914-46BC-ACE1-4FE4C59D80EC}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F4B57CEC-307C-4B34-AE39-E6D63629E335}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F5CD8A7B-8728-44FD-AB4D-E3B081E85191}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F646ACA4-FA67-4E09-8AA9-06B097B19908}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F658C396-9901-41E6-B2E7-A984EC8F1FA9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F723A0C7-EA95-4044-977E-4635AF51A87E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F79C3B11-D408-4F61-BEFA-8ED1D136EF55}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F7B2C170-D915-42EF-A5BB-0DFFFCB44624}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F7B8C0DE-A43E-49AC-B54D-8A3FC26C8C05}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F8ABE1B7-96C9-4F8F-A182-6912F1F1FEC9}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F90C3403-B465-4479-9AD5-095711DB3DE7}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{F914C872-6B95-4C0A-B85D-EC3A26812C1E}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FA951F78-E609-4243-88CF-D50A7153877D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FAA3D726-7CD3-4E37-AC94-4A24678FDCCD}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FD8E5DFB-AB12-4F9B-9160-43E7272A97AF}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FDF7F889-132D-48C2-A551-46ADCD69F67A}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FDFBACBE-6310-4E46-B3DD-15B2E84B131F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FE34C2C6-C319-4D41-9B51-CD634E7D4C1F}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FE723E71-5497-4B11-9A0C-06D8E7CE39D0}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FF2AE825-75C7-4BB2-95FD-7AE7BE462758}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FF5F019B-2B20-4B4E-BEFA-63C78731DB08}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FFDD2997-9E3D-4D2C-8274-82E06CDF427D}
Successfully deleted: [Empty Folder] C:\Users\NEXT Speed\appdata\local\{FFF23640-09E8-4B79-9D85-F2D44E86EEC0}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01/19/2014 Sun at 23:32:02.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

AdwCleaner log :

# AdwCleaner v3.017 - Report created 19/01/2014 at 23:38:46
# Updated 12/01/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : NEXT Speed - NEXTSPEED-PC
# Running from : C:\Users\NEXT Speed\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\NEXT Speed\AppData\Local\PackageAware
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\PackageAware

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\NSIS_cald3
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NSIS_cald3
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v8.0.1 (en-US)

[ File : C:\Users\NEXT Speed\AppData\Roaming\Mozilla\Firefox\Profiles\s0wdfvz4.default\prefs.js ]

[ File : C:\Users\UpdatusUser\AppData\Roaming\Mozilla\Firefox\Profiles\s0wdfvz4.default\prefs.js ]

-\\ Google Chrome v32.0.1700.76

[ File : C:\Users\NEXT Speed\AppData\Local\Google\Chrome\User Data\Default\preferences ]

[ File : C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [2427 octets] - [19/01/2014 23:32:52]
AdwCleaner[s0].txt - [2366 octets] - [19/01/2014 23:38:46]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2426 octets] ##########

Fixlog :

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 19-01-2014 02
Ran by NEXT Speed at 2014-01-19 23:44:10 Run:1
Running from C:\Users\NEXT Speed\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKCU\...\RunOnce: [zsodl] - C:\Users\NEXTSP~1\AppData\Local\Temp\zsodl\89062.vbs [210 2013-12-23] ()
HKCU\...\RunOnce: [iqrqu] - C:\Users\NEXTSP~1\AppData\Local\Temp\iqrqu\12433.vbs [210 2013-12-23] ()
2014-01-19 12:15 - 2014-01-15 17:07 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2014-01-19 12:15 - 2011-12-12 11:37 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2014-01-18 09:56 - 2012-07-04 20:59 - 00000000 ____D C:\Users\NEXT Speed\AppData\Roaming\uTorrent
2013-12-23 18:54 - 2013-12-23 18:54 - 00003406 _____ C:\Windows\System32\Tasks\AmiUpdXp
2013-12-23 18:54 - 2013-12-23 18:54 - 00000000 ____D C:\Users\NEXT Speed\AppData\Local\SwvUpdater
testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!
Task: {22D4F4CC-F976-487D-8159-5F419358D62D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2011-12-12] ()
Task: {B414C7A6-87A4-480B-867F-75D00C69694D} - System32\Tasks\AmiUpdXp => C:\Users\NEXT Speed\AppData\Local\SwvUpdater\Updater.exe [2013-12-23] (Amonetizé Ltd) <==== ATTENTION
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\NEXT Speed\AppData\Local\SwvUpdater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
End

*****************

HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\zsodl => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce\\iqrqu => Value deleted successfully.
C:\Windows\System32\Tasks\AutoKMS => Moved successfully.
C:\Windows\Tasks\AutoKMS.job => Moved successfully.
C:\Users\NEXT Speed\AppData\Roaming\uTorrent => Moved successfully.
"C:\Windows\System32\Tasks\AmiUpdXp" => File/Directory not found.
"C:\Users\NEXT Speed\AppData\Local\SwvUpdater" => File/Directory not found.

The operation completed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{22D4F4CC-F976-487D-8159-5F419358D62D} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{22D4F4CC-F976-487D-8159-5F419358D62D} => Key deleted successfully.
C:\Windows\System32\Tasks\AutoKMS not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B414C7A6-87A4-480B-867F-75D00C69694D} => Key not found.
C:\Windows\System32\Tasks\AmiUpdXp not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp => Key not found.
C:\Windows\Tasks\AmiUpdXp.job not found.
C:\Windows\Tasks\AutoKMS.job not found.

==== End of Fixlog ====

by the way
when my pc restarted after Adwcleaner , i ran my FRST64 and pressed 'fix'.
while I'm posting this reply NOD32 still give me the fynloski virus message , is that normal?
Thank you

Maniac · January 19, 2014

We still have work to do.

Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here

Please visit this webpage and read the ComboFix User's Guide:

Once you've read the article and are ready to use the program you can download it directly from the link below.
Important! - Please make sure you save combofix to your desktop and do not run it from your browser
Direct download link for: ComboFix.exe
Please make sure you disable your security applications before running ComboFix.
Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
Please copy/paste the contents or attach that log file to your next reply.
If needed the file can be located here: C:\combofix.txt
NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.

FinalSpark · January 19, 2014

combofix log :

ComboFix 14-01-16.03 - NEXT Speed 0/2014 Mon 0:09.1.2 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.932.81.1033.18.6142.4346 [GMT 7:00]
Running from: c:\users\NEXT Speed\Desktop\ComboFix.exe
AV: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 5.0 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\WebexpEnhancedV1
c:\users\Default\AppData\Roaming\Microsoft\AdjMmsVista.dll
c:\users\NEXT Speed\AppData\Local\Microsoft\Windows\Temporary Internet Files\{F4742A2E-3645-4FB1-9A5E-CBA4DDDE0A8C}.xps
c:\users\NEXT Speed\AppData\Roaming\dclogs
c:\users\NEXT Speed\AppData\Roaming\dclogs\2013-12-23-2.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2013-12-24-3.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2013-12-25-4.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2013-12-26-5.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2013-12-27-6.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2013-12-28-7.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2013-12-31-3.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-01-4.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-02-5.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-03-6.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-04-7.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-05-1.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-06-2.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-07-3.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-08-4.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-09-5.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-10-6.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-11-7.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-12-1.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-13-2.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-14-3.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-15-4.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-16-5.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-17-6.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-18-7.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-19-1.dc
c:\users\NEXT Speed\AppData\Roaming\dclogs\2014-01-20-2.dc
c:\users\NEXT Speed\AppData\Roaming\Microsoft\AdjMmsVista.dll
c:\users\NEXT Speed\AppData\Roaming\wininit.exe
c:\users\UpdatusUser\AppData\Roaming\Microsoft\AdjMmsVista.dll
c:\windows\jestertb.dll
c:\windows\MICROSOFT
c:\windows\MICROSOFT\Client\apps\featuredContent.btapp
c:\windows\MICROSOFT\Client\apps\player.btapp
c:\windows\MICROSOFT\Client\apps\plus.btapp
c:\windows\MICROSOFT\Client\apps\welcome-upsell.btapp
c:\windows\MICROSOFT\Client\dht_feed.dat
c:\windows\MICROSOFT\Client\dht_feed.dat.old
c:\windows\MICROSOFT\Client\dlimagecache\233C7608BA1220B4CF4A8303C4497EE6688AC331
c:\windows\MICROSOFT\Client\dlimagecache\32F529521A3DEC709F97F761F192AABF29BDC408
c:\windows\MICROSOFT\Client\resume.dat
c:\windows\MICROSOFT\Client\resume.dat.old
c:\windows\MICROSOFT\Client\settings.dat
c:\windows\MICROSOFT\Client\settings.dat.old
c:\windows\MICROSOFT\Client\taskhost.exe
c:\windows\MICROSOFT\Client\webui.zip
c:\windows\MICROSOFT\Config.dat
c:\windows\microsoft\winlogon.exe
c:\windows\MICROSOFT\winlogon.InstallState
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\Memman.vxd
c:\windows\SysWow64\skinboxer43.dll
.
Infected copy of c:\windows\SysWow64\userinit.exe was found and disinfected
Restored copy from - c:\windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_winlogon
.
.
((((((((((((((((((((((((( Files Created from 2013-12-19 to 2014-01-19 )))))))))))))))))))))))))))))))
.
.
2028-01-12 08:19 . 2028-01-12 08:19 195584 ----a-w- c:\windows\SysWow64\Xvoice.dll
2014-01-19 17:18 . 2014-01-19 17:18 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-01-19 17:18 . 2014-01-19 17:18 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-01-19 16:32 . 2014-01-19 16:39 -------- d-----w- C:\AdwCleaner
2014-01-19 16:25 . 2014-01-19 16:25 -------- d-----w- c:\windows\ERUNT
2014-01-19 10:46 . 2014-01-19 16:43 -------- d-----w- C:\FRST
2014-01-15 10:14 . 2013-11-27 01:41 53248 ----a-w- c:\windows\system32\drivers\usbehci.sys
2014-01-15 10:14 . 2013-11-27 01:41 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2014-01-15 10:14 . 2013-11-27 01:41 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2014-01-15 10:14 . 2013-11-27 01:41 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2014-01-15 10:14 . 2013-11-27 01:41 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2014-01-15 10:14 . 2013-11-27 01:41 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2014-01-15 10:14 . 2013-11-27 01:41 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2014-01-15 10:14 . 2013-11-26 10:32 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-01-10 13:57 . 2014-01-10 13:57 -------- d-----w- c:\program files (x86)\VideoPlayerV3
2014-01-08 12:29 . 2014-01-08 12:29 -------- d-----w- c:\users\NEXT Speed\AppData\Local\Skyrim
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-01-15 11:06 . 2012-07-04 13:54 86054176 ----a-w- c:\windows\system32\MRT.exe
2013-12-11 13:22 . 2012-06-09 01:17 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-12-11 13:22 . 2011-12-12 04:26 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-07 02:24 . 2013-12-07 02:24 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2013-12-07 02:24 . 2013-12-07 02:24 194048 ----a-w- c:\windows\SysWow64\elshyph.dll
2013-12-07 02:24 . 2013-12-07 02:24 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2013-12-07 02:24 . 2013-12-07 02:24 645120 ----a-w- c:\windows\SysWow64\jsIntl.dll
2013-12-07 02:24 . 2013-12-07 02:24 235008 ----a-w- c:\windows\system32\elshyph.dll
2013-12-07 02:24 . 2013-12-07 02:24 182272 ----a-w- c:\windows\SysWow64\msls31.dll
2013-12-07 02:24 . 2013-12-07 02:24 62464 ----a-w- c:\windows\SysWow64\tdc.ocx
2013-12-07 02:24 . 2013-12-07 02:24 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2013-12-07 02:24 . 2013-12-07 02:24 34816 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2013-12-07 02:24 . 2013-12-07 02:24 337408 ----a-w- c:\windows\SysWow64\html.iec
2013-12-07 02:24 . 2013-12-07 02:24 24576 ----a-w- c:\windows\SysWow64\licmgr10.dll
2013-12-07 02:24 . 2013-12-07 02:24 151552 ----a-w- c:\windows\SysWow64\iexpress.exe
2013-12-07 02:24 . 2013-12-07 02:24 139264 ----a-w- c:\windows\SysWow64\wextract.exe
2013-12-07 02:24 . 2013-12-07 02:24 1051136 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2013-12-07 02:24 . 2013-12-07 02:24 61952 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2013-12-07 02:24 . 2013-12-07 02:24 454656 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-12-07 02:24 . 2013-12-07 02:24 36352 ----a-w- c:\windows\SysWow64\imgutil.dll
2013-12-07 02:24 . 2013-12-07 02:24 13312 ----a-w- c:\windows\SysWow64\mshta.exe
2013-12-07 02:24 . 2013-12-07 02:24 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2013-12-07 02:24 . 2013-12-07 02:24 942592 ----a-w- c:\windows\system32\jsIntl.dll
2013-12-07 02:24 . 2013-12-07 02:24 90112 ----a-w- c:\windows\system32\SetIEInstalledDate.exe
2013-12-07 02:24 . 2013-12-07 02:24 86016 ----a-w- c:\windows\SysWow64\iesysprep.dll
2013-12-07 02:24 . 2013-12-07 02:24 86016 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2013-12-07 02:24 . 2013-12-07 02:24 74240 ----a-w- c:\windows\SysWow64\SetIEInstalledDate.exe
2013-12-07 02:24 . 2013-12-07 02:24 52224 ----a-w- c:\windows\system32\msfeedsbs.dll
2013-12-07 02:24 . 2013-12-07 02:24 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2013-12-07 02:24 . 2013-12-07 02:24 48640 ----a-w- c:\windows\SysWow64\mshtmler.dll
2013-12-07 02:24 . 2013-12-07 02:24 247808 ----a-w- c:\windows\system32\msls31.dll
2013-12-07 02:24 . 2013-12-07 02:24 195584 ----a-w- c:\windows\system32\msrating.dll
2013-12-07 02:24 . 2013-12-07 02:24 13312 ----a-w- c:\windows\system32\msfeedssync.exe
2013-12-07 02:24 . 2013-12-07 02:24 131072 ----a-w- c:\windows\system32\IEAdvpack.dll
2013-12-07 02:24 . 2013-12-07 02:24 111616 ----a-w- c:\windows\SysWow64\IEAdvpack.dll
2013-12-07 02:23 . 2013-12-07 02:23 84992 ----a-w- c:\windows\system32\mshtmled.dll
2013-12-07 02:23 . 2013-12-07 02:23 81408 ----a-w- c:\windows\system32\icardie.dll
2013-12-07 02:23 . 2013-12-07 02:23 77312 ----a-w- c:\windows\system32\tdc.ocx
2013-12-07 02:23 . 2013-12-07 02:23 626176 ----a-w- c:\windows\system32\msfeeds.dll
2013-12-07 02:23 . 2013-12-07 02:23 62464 ----a-w- c:\windows\system32\pngfilt.dll
2013-12-07 02:23 . 2013-12-07 02:23 616104 ----a-w- c:\windows\system32\ieapfltr.dat
2013-12-07 02:23 . 2013-12-07 02:23 548352 ----a-w- c:\windows\system32\vbscript.dll
2013-12-07 02:23 . 2013-12-07 02:23 48640 ----a-w- c:\windows\system32\mshtmler.dll
2013-12-07 02:23 . 2013-12-07 02:23 453120 ----a-w- c:\windows\system32\dxtmsft.dll
2013-12-07 02:23 . 2013-12-07 02:23 413696 ----a-w- c:\windows\system32\html.iec
2013-12-07 02:23 . 2013-12-07 02:23 40448 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-07 02:23 . 2013-12-07 02:23 30208 ----a-w- c:\windows\system32\licmgr10.dll
2013-12-07 02:23 . 2013-12-07 02:23 296960 ----a-w- c:\windows\system32\dxtrans.dll
2013-12-07 02:23 . 2013-12-07 02:23 263376 ----a-w- c:\windows\system32\iedkcs32.dll
2013-12-07 02:23 . 2013-12-07 02:23 243200 ----a-w- c:\windows\system32\webcheck.dll
2013-12-07 02:23 . 2013-12-07 02:23 235520 ----a-w- c:\windows\system32\url.dll
2013-12-07 02:23 . 2013-12-07 02:23 167424 ----a-w- c:\windows\system32\iexpress.exe
2013-12-07 02:23 . 2013-12-07 02:23 147968 ----a-w- c:\windows\system32\occache.dll
2013-12-07 02:23 . 2013-12-07 02:23 143872 ----a-w- c:\windows\system32\wextract.exe
2013-12-07 02:23 . 2013-12-07 02:23 1228800 ----a-w- c:\windows\system32\mshtmlmedia.dll
2013-12-07 02:23 . 2013-12-07 02:23 105984 ----a-w- c:\windows\system32\iesysprep.dll
2013-12-07 02:23 . 2013-12-07 02:23 101376 ----a-w- c:\windows\system32\inseng.dll
2013-12-07 02:23 . 2013-12-07 02:23 83968 ----a-w- c:\windows\system32\MshtmlDac.dll
2013-12-07 02:23 . 2013-12-07 02:23 774144 ----a-w- c:\windows\system32\jscript.dll
2013-12-07 02:23 . 2013-12-07 02:23 48128 ----a-w- c:\windows\system32\imgutil.dll
2013-12-07 02:23 . 2013-12-07 02:23 13824 ----a-w- c:\windows\system32\mshta.exe
2013-12-07 02:23 . 2013-12-07 02:23 135680 ----a-w- c:\windows\system32\iepeers.dll
2013-12-05 13:45 . 2013-12-05 13:45 243712 ----a-w- c:\windows\system32\wow64.dll
2013-12-05 13:45 . 2013-12-05 13:45 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-12-05 13:45 . 2013-12-05 13:45 859648 ----a-w- c:\windows\system32\tdh.dll
2013-12-05 13:45 . 2013-12-05 13:45 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-12-05 13:45 . 2013-12-05 13:45 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-12-05 13:45 . 2013-12-05 13:45 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-12-05 13:45 . 2013-12-05 13:45 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-12-05 13:45 . 2013-12-05 13:45 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-12-05 13:45 . 2013-12-05 13:45 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-12-05 13:45 . 2013-12-05 13:45 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-12-05 13:45 . 2013-12-05 13:45 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-12-05 13:45 . 2013-12-05 13:45 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-12-05 13:45 . 2013-12-05 13:45 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-12-05 13:45 . 2013-12-05 13:45 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-12-05 13:45 . 2013-12-05 13:45 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-12-05 13:45 . 2013-12-05 13:45 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-12-04 08:13 . 2013-12-04 08:13 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-12-04 08:13 . 2013-12-04 08:13 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-12-04 08:13 . 2013-12-04 08:13 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-11-29 13:42 . 2013-12-14 11:07 1806960 ----a-w- c:\windows\ampa.exe
2013-11-29 03:31 . 2013-12-14 11:07 17008 ----a-w- c:\windows\SysWow64\ampa.sys
2013-11-29 03:31 . 2013-12-14 11:07 17008 ----a-w- c:\windows\system32\ampa.sys
2013-11-26 11:54 . 2013-12-14 10:10 23183360 ----a-w- c:\windows\system32\mshtml.dll
2013-11-26 10:19 . 2013-12-14 10:10 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2013-11-26 10:18 . 2013-12-14 10:10 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2013-11-26 09:48 . 2013-12-14 10:10 66048 ----a-w- c:\windows\system32\iesetup.dll
2013-11-26 09:46 . 2013-12-14 10:10 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2013-11-26 09:41 . 2013-12-14 10:10 2764288 ----a-w- c:\windows\system32\iertutil.dll
2013-11-26 09:29 . 2013-12-14 10:10 53760 ----a-w- c:\windows\system32\jsproxy.dll
2013-11-26 09:27 . 2013-12-14 10:10 33792 ----a-w- c:\windows\system32\iernonce.dll
2013-11-26 09:23 . 2013-12-14 10:10 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-11-26 09:21 . 2013-12-14 10:10 574976 ----a-w- c:\windows\system32\ieui.dll
2013-11-26 09:18 . 2013-12-14 10:10 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2013-11-26 09:18 . 2013-12-14 10:10 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2013-11-26 09:16 . 2013-12-14 10:10 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2013-11-26 08:57 . 2013-12-14 10:10 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2013-11-26 08:35 . 2013-12-14 10:10 5769216 ----a-w- c:\windows\system32\jscript9.dll
2013-11-26 08:28 . 2013-12-14 10:10 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a1ee299d-bb3e-40da-803f-5330e5dc8f46}]
2014-01-07 22:14 87040 ----a-w- c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta847\ie\VideoPlayerV3beta847.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"GarenaPlus"="f:\garena plus\GarenaMessenger.exe" [2013-12-13 9890608]
"Pando Media Booster"="c:\program files (x86)\Pando Networks\Media Booster\PMB.exe" [2012-12-27 3093624]
"IDMan"="c:\program files (x86)\Internet Download Manager\IDMan.exe" [2011-11-14 3437976]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-07-03 3673184]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2009-11-18 54576]
"Razer Synapse"="c:\program files (x86)\Razer\Synapse\RzSynapse.exe" [2013-11-17 442712]
"DeathAdder"="c:\program files (x86)\Razer\DeathAdder\razerhid.exe" [2010-05-05 251392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
コンテンツ管理アシスタント for PlayStation®.lnk - c:\program files (x86)\Sony\Content Manager Assistant\CMA.exe [2013-6-18 3505048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ampa;ampa;c:\windows\system32\ampa.sys;c:\windows\SYSNATIVE\ampa.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 GGSAFERDriver;GGSAFER Driver;f:\garena plus\Room\safedrv.sys;f:\garena plus\Room\safedrv.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 qkt;qkt;f:\glory destiny\GloryDestiny\avital\qkwyw64.sys;f:\glory destiny\GloryDestiny\avital\qkwyw64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 s2;s2;f:\glory destiny\GloryDestiny\avital\qkwyw64.sys;f:\glory destiny\GloryDestiny\avital\qkwyw64.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 tsj;tsj;f:\eden\EdenOnline\avital\tsjcs64.sys;f:\eden\EdenOnline\avital\tsjcs64.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\System32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;WatAdminSvc;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x]
S2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/12/12 12:06];c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl;c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [x]
S2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [x]
S2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [x]
S2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe;c:\program files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServer.exe [x]
S2 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x]
S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x]
S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x]
S2 IDMWFP;IDMWFP;c:\windows\system32\DRIVERS\idmwfp.sys;c:\windows\SYSNATIVE\DRIVERS\idmwfp.sys [x]
S2 ntk_PowerDVD;ntk_PowerDVD;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys;c:\program files (x86)\CyberLink\PowerDVD11\Kernel\DMP\ntk_PowerDVD_64.sys [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UnsignedThemes;Unsigned Themes;c:\windows\UnsignedThemesSvc.exe;c:\windows\UnsignedThemesSvc.exe [x]
S2 uxpatch;uxpatch;c:\windows\system32\drivers\uxpatch.sys;c:\windows\SYSNATIVE\drivers\uxpatch.sys [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rzendpt;rzendpt;c:\windows\system32\DRIVERS\rzendpt.sys;c:\windows\SYSNATIVE\DRIVERS\rzendpt.sys [x]
S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-01-16 02:47 1211672 ----a-w- c:\program files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-01-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-09 13:22]
.
2014-01-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3432931919-1619684807-4284191451-1000Core.job
- c:\users\NEXT Speed\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-18 15:57]
.
2014-01-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3432931919-1619684807-4284191451-1000UA.job
- c:\users\NEXT Speed\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-10-18 15:57]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 04:10]
.
2014-01-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-12-12 04:10]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension]
@="{CDC95B92-E27C-4745-A8C5-64A52A78855D}"
[HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}]
2011-05-30 14:50 22408 ----a-w- c:\program files (x86)\Internet Download Manager\IDMShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-16 12445288]
"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2012-06-01 4030008]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Download all links with IDM - c:\program files (x86)\Internet Download Manager\IEGetAll.htm
IE: Download with IDM - c:\program files (x86)\Internet Download Manager\IEExt.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\NEXT Speed\AppData\Roaming\Mozilla\Firefox\Profiles\s0wdfvz4.default\
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2014-01-07 20:57; ext@WebexpEnhancedV1alpha1749.net; c:\program files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha1749\ff
FF - ExtSQL: 2014-01-10 20:57; ext@VideoPlayerV3beta847.net; c:\program files (x86)\VideoPlayerV3\VideoPlayerV3beta847\ff
FF - ExtSQL: !HIDDEN! 2012-06-14 16:55; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-ArnA 2: Combined Operations - f:\arma2\uninstall.exe
AddRemove-Blades of Time_is1 - f:\blades of time\unins000.exe
AddRemove-C9 Thailand_is1 - f:\c9\C9\unins000.exe
AddRemove-Darksiders II_is1 - f:\dark sider\Darksiders II\unins000.exe
AddRemove-DMC Devi May Cry © Capcom_is1 - f:\devil may cry\DMC Devi May Cry\unins000.exe
AddRemove-DomDomSoft Anime Downloader - f:\anime downloader\DomDomSoft Anime Downloader\uninstall.exe
AddRemove-Dragonica 1.4.0 - f:\dragonica\Dragonica\Uninstall.exe
AddRemove-release_is1 - f:\phantasy star online 2\PHANTASYSTARONLINE2\unins000.exe
AddRemove-{0283EDE1-D8A9-4F64-A035-5E35B4DD199A}_is1 - f:\clannad\CLANNAD Full Voice\unins000.exe
AddRemove-{88920117-09FC-4BF7-B700-2A600EC65D29}_is1 - f:\everybodymarble\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{329F96B6-DF1E-4328-BFDA-39EA953C1312}]
"ImagePath"="\??\c:\program files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-3432931919-1619684807-4284191451-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):46,9e,8a,78,88,d4,75,37,83,d8,b8,67,4a,5c,bb,ba,85,b1,70,7f,c8,
94,34,35,25,51,4f,41,0b,c1,ec,2f,41,fe,41,35,95,0b,7a,5a,00,00,00,00,00,00,\
.
[HKEY_USERS\S-1-5-21-3432931919-1619684807-4284191451-1000_Classes\Wow6432Node\CLSID\{da1578ed-9ce5-41c4-814b-4d71b5acf991}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000110
"Therad"=dword:00000019
"MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a,
1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\*+=*]
@=multi:"\00\04\00\00"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Blaze Media Pro\NMSAccess32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Photodex\ProShowProducer\ScsiAccess.exe
c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE
f:\garena plus\ggdllhost.exe
c:\program files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
c:\program files (x86)\Razer\DeathAdder\razerofa.exe
c:\program files (x86)\Internet Download Manager\IEMonitor.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
c:\program files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2014-01-20 00:25:43 - machine was rebooted
ComboFix-quarantined-files.txt 2014-01-19 17:25
.
Pre-Run: 4,304,379,904 bytes free
Post-Run: 4,834,611,200 bytes free
.
- - End Of File - - 1D0D286D4DBC8CC3C9F394177195EEFC
35C6B2FCDE68FACBEFE0A4A7200BAE58

again , thank you very much

Maniac · January 20, 2014

Step 1

Please uninstall the following applications:

Video Player

Webexp Enhanced

μTorrent

Step 2

Please open www.virustotal.com and upload the following file:

c:\windows\SysWow64\Xvoice.dll

Wait until scan finished (choose reanalyse if ask you) and copy/paste the URL here.

FinalSpark · January 24, 2014

sorry for the late reply
-I can't find Webexp Enhanced but i uninstalled the other 2 programs ask you told me
here's the URL
https://www.virustotal.com/en/file/2bb50939fa7068791eea58c1fe6b112bcf5bb423ca55b9698411957a6f82d1b8/analysis/1390534273/

Thank you

Maniac · January 24, 2014

Please upgrade your ESET NOD32 Antivirus.

http://kb.eset.com/esetkb/index?page=content&id=SOLN2476&actp=search&viewlocale=en_US&searchid=1390593665076

Reboot your system and then perform a full system scan.

FinalSpark · January 25, 2014

there were some viruses but they are cleaned now
thank you very much!

Maniac · January 25, 2014

How are things now?

FinalSpark · January 27, 2014

everything's okay now thanks to you!
i'm very appreciate it~

Maniac · January 27, 2014

Glad I could help!

Last steps:

Step 1

Download OTL to your desktop and run it.
Click on CleanUp button.
You will be asked to reboot the machine to finish the Cleanup process. Choose Yes.

Step 2

Double click on AdwCleaner.exe to run the tool.
Click on Uninstall
Confirm with Yes

Step 3

Some malware preventions:

users.telenet.be/bluepatchy/miekiemoes/prevention.html

Safe surfing!

FinalSpark · January 27, 2014

Again, thank you very much !
I'll be sure to spread this website to my friends when they need help too!
You are my life savior!

AdvancedSetup · January 30, 2014

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Fynloski.AA trojan

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information