Jump to content

http://search.yahoo.com/?type=714647&fr=spigot-yhp-ff


Recommended Posts

I have tried everything to get rid of this: http://search.yahoo.com/?type=714647&fr=spigot-yhp-ff

But it just keeps coming back. I got it from updating uTorrent, which by the way I do not use it for Piracy. I'm a Online Gamer and a lot of game sites use torrents for quicker downloads. Regardless I have uninstalled it as per your request.

 

I have used the following to try to get rid of spigot.

 

Malwarebytes + thier rootkit

Junkware Removal Tool

AdwCleaner

Rkill

RogueKiller

 

Spigot has hijacked all 3 of my browsers: Firefox, Chrome & Internet Explorer.

Link to post
Share on other sites

Hello and post-32477-1261866970.gif

 

P2P/Piracy Warning:

 

   

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Download Zoek.zip from here http://www.hijackthis.nl/smeenk/220813/zoek.zip and save that zip file to your Desktop. Make sure to select direct on the word “Zip”

 

Double click zip file and extract to your  Desktop:

 

 

Zoekd.jpg

 

 

you will now have 3 versions of the tool on the Desktop:

 

 

Zoeke.jpg

 

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/]

 

Double click on each in turn until one version of Zoek will run (accept UAC) The following window will open:

 

 

Zoekb.jpg

 

 

Copy and paste the following script from the code box and paste into the field.

 

 

standardsearch;autoruns;autoclean;emptyclsid;emptyalltemp;installedprogs;  

 

 

Select the "Run Script" tab. The following window will open:

 

 

 

Zoekc.jpg

 

 

 

Please be patient and do not use the PC when the scan is in progress.

 

When complete you maybe asked to re-boot your PC, if so please do

 

Zoekf.jpg

 

Post the produced log in your next reply…..

Link to post
Share on other sites

Here is the Log

 

Zoek.exe v5.0.0.0 Updated 18-Januari-2014
Tool run by Richard Suarez on Sat 01/18/2014 at  6:16:03.37.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Downloads\Zoek\zoek.exe [scan all users] [script inserted]

==== System Restore Info ======================

1/18/2014 6:17:48 AM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-385045414-941568273-1611141777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{88F94B64-C7C5-49AD-A112-8484291462AD} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

==== Installed Programs ======================

7-Zip 4.65  
AChat 1.14  
Acrobat.com  
Adobe AIR  
Adobe Flash Player 11 ActiveX 64-bit  
Adobe Flash Player 11 Plugin  
Adobe Reader 9.5.5 MUI  
Advanced SystemCare Ultimate 7  
Advertising Center  
Age of Conan: Unchained  
aiofw  
aioprnt  
aioscnnr  
Akamai NetSession Interface  
Bejeweled 2 Deluxe  
Blackhawk Striker 2  
Bob the Builder Can-Do-Zoo  
BoneTown  
Bonjour  
Build-a-lot 3  
C3  
CCleaner  
center  
CleanMem  
COMODO Registry Cleaner 1.0.17.23  
D3DX10  
DC Universe Online Live  
Dora's World Adventure  
Dragons Prophet  
Eighteen Wheels of Steel Haulin'  
eMachines Game Console  
eMachines Games  
eMachines Recovery Management  
eMachines Registration  
eMachines ScreenSaver  
eMachines Updater  
Escape Rosecliff Island  
Eusing Free Registry Cleaner  
Farm Frenzy - Pizza Party  
FATE Undiscovered Realms  
File Type Assistant  
FLVPlayer4Free Free FLV Player 4.4.0.0  
Game Booster 3  
GeForce Experience NvStream Client Components  
Google Chrome  
Google Talk (remove only)  
Google Talk Plugin  
Google Toolbar for Internet Explorer  
Google Update Helper  
GSplit 3  
HexEdit  
HitmanPro 3.7  
Identity Card  
ImagXpress  
Insaniquarium Deluxe  
IObit Uninstaller  
IrfanView (remove only)  
Jasc Paint Shop Pro 9  
Jasc Paint Shop Pro 9 GDI+ Patch  
Jasc Paint Shop Pro 9.01 - (9.0.1.1)  
Jasc Paint Shop Pro 9.01 Patch  
Java 7 Update 45  
Java Auto Updater  
Jewel Quest Solitaire 3  
Junk Mail filter update  
ksDIP  
Latency Optimizer FREE VERSION  
Liong - The Lost Amulets  
Liveupdate4  
Malwarebytes Anti-Malware version 1.75.0.1300  
Mesh Runtime  
Messenger Companion  
Microsoft .NET Framework 1.1  
Microsoft .NET Framework 4.5.1  
Microsoft Application Error Reporting  
Microsoft Silverlight  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175  
Microsoft Visual C++ 2005 Redistributable (x64)  
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148  
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219  
Microsoft Works  
More Games from eMachines Games  
Mozilla Firefox 26.0 (x86 en-US)  
Mozilla Maintenance Service  
Mozilla Thunderbird 24.2.0 (x86 en-US)  
MSI Afterburner 2.3.1  
MSVCRT  
MSVCRT_amd64  
MSXML 4.0 SP2 (KB954430)  
MSXML 4.0 SP2 (KB973688)  
Mystery P.I. - The Vegas Heist  
Nero 9 Essentials  
Nero ControlCenter  
Nero DiscSpeed  
Nero DiscSpeed Help  
Nero DriveSpeed  
Nero DriveSpeed Help  
Nero Express Help  
Nero InfoTool  
Nero InfoTool Help  
Nero Installer  
Nero Online Upgrade  
Nero StartSmart  
Nero StartSmart Help  
Nero StartSmart OEM  
NeroExpress  
neroxml  
Neverwinter  
Neverwinter Nude Mods v1.1.1 version 1.1.1  
Notepad++  
NVIDIA 3D Vision Controller Driver  
NVIDIA 3D Vision Controller Driver 332.21  
NVIDIA 3D Vision Driver 332.21  
NVIDIA Control Panel 332.21  
NVIDIA Drivers  
NVIDIA GeForce Experience 1.8.1  
NVIDIA Graphics Driver 332.21  
NVIDIA HD Audio Driver 1.3.30.1  
NVIDIA Install Application  
NVIDIA LED Visualizer 1.0  
NVIDIA Network Service  
NVIDIA PhysX  
NVIDIA PhysX System Software 9.13.0725  
NVIDIA ShadowPlay 10.11.15  
NVIDIA Stereoscopic 3D Driver  
NVIDIA Update 10.11.15  
NVIDIA Update Core  
NVIDIA Virtual Audio 1.2.19  
Paint.NET v3.5.10  
Perfect World Rebirth  
Perfect World Vendetta  
Polar Bowler  
Polar Golfer  
PreReq  
RaidCall  
Realtek High Definition Audio Driver  
Scrabble  
SHIELD Streaming  
Skype Click to Call  
SkypeT 6.11  
Smart Defrag 2  
Speccy  
Star Trek Online  
Surfing Protection  
System Requirements Lab CYRI  
TERA  
The Lord of the Rings OnlineT v03.04.04.8012  
TigerGame Superjoy Box Series  
TP-LINK TL-WN727N Driver  
TP-LINK Wireless Configuration Utility  
Trillian  
Virtual Villagers - The Secret City  
VLC media player 2.1.2  
Welcome Center  
Wheel of Fortune 2  
Windows Driver Package - Ralink Technology Corp. (rt61x64) Net  (10/16/2009 3.00.02.0000)  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live ID Sign-in Assistant  
Windows Live Installer  
Windows Live Language Selector  
Windows Live Mail  
Windows Live Mesh  
Windows Live Mesh ActiveX Control for Remote Connections  
Windows Live Messenger  
Windows Live Messenger Companion Core  
Windows Live MIME IFilter  
Windows Live Movie Maker  
Windows Live Photo Common  
Windows Live Photo Gallery  
Windows Live PIMT Platform  
Windows Live Remote Client  
Windows Live Remote Client Resources  
Windows Live Remote Service  
Windows Live Remote Service Resources  
Windows Live SOXE  
Windows Live SOXE Definitions  
Windows Live UX Platform  
Windows Live UX Platform Language Pack  
Windows Live Writer  
Windows Live Writer Resources  
WinUtilities Free Disk Cleaner 4.3  
Wisdom-soft ScreenHunter 6.0 Free  
World of Goo  
World of Tanks  
Zuma Deluxe

Link to post
Share on other sites

Second Part

 

==== Running Processes ======================

C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Monitor.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Downloads\WLAN Optimizer\WLAN Optimizer.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Richard Suarez\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Users\Richard Suarez\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Google\Google Talk\googletalk.exe
C:\Program Files (x86)\Trillian\trillian.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Downloads\Zoek\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Richard Suarez\AppData\Roaming\Mozilla\Firefox\Profiles\jdxmqo7a.default

user.js not found
---- Lines spigot removed from prefs.js ----
user_pref("browser.startup.homepage", "http://search.yahoo.com/?type=714647&fr=spigot-yhp-ff");
---- FireFox user.js and prefs.js backups ----

prefs_20140118_0624_.backup

==== Deleting Files \ Folders ======================

C:\ProgramData\Malwarebytes' Anti-Malware (portable) deleted
C:\PROGRA~2\File Type Assistant deleted
C:\PROGRA~2\Hosts_Anti_Adwares_PUPs deleted
C:\ProgramData\ProductData deleted
C:\Windows\Syswow64\InstallUtil.InstallLog deleted
C:\Windows\Syswow64\SET39AA.tmp deleted
C:\Windows\Syswow64\SET4979.tmp deleted
C:\Windows\Syswow64\SET557E.tmp deleted
C:\Windows\Syswow64\SETCAB5.tmp deleted
C:\Windows\Syswow64\SETDF92.tmp deleted
C:\Windows\Syswow64\SETEE77.tmp deleted
"C:\Users\Richard Suarez\AppData\Local\{0CC0ADC7-C303-4EFD-9BB6-9D825D238CD7}" deleted
"C:\Users\Richard Suarez\AppData\Roaming\Temp" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4096 MB
CPU Info: AMD Athlon II X2 270 Processor
CPU Speed: 3411.9 MHz
Sound Card: Speakers (Realtek High Definiti |
Realtek Digital Output (Realtek |
Display Adapters: NVIDIA GeForce GT 610  | NVIDIA GeForce GT 610  | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor |
Screen Resolution: 1920 X 1080 - 32 bit
Network: Network Present
Network Adapters: TP-LINK Wireless USB Adapter
CD / DVD Drives: 1x (D: | ) D: ATAPI   DVD A  DH16A6S
Ports: COM Ports NOT Present. LPT Port NOT Present.
Mouse: 4 Button Wheel Mouse Present
Hard Disks: C:  584.1GB
Hard Disks - Free: C:  65.9GB
Manufacturer *: AMI
BIOS Info: AT/AT COMPATIBLE | 08/16/32 | ACRSYS - 20091210
Time Zone: Eastern Standard Time
Motherboard *: eMachines MCP61PM-GM
Country: United States
Language: ENU

==== System Specs (Software) ======================

Anti-Virus: Advanced SystemCare Ultimate On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Default Browser: Firefox    26.0
Internet Explorer Version: 10.0.9200.16750
Mozilla Firefox version: 26.0 (x86 en-US)
Mozilla Firefox version: 5.0 (x86 en-US)
Google Chrome version: 32.0.1700.76
Adobe Reader version: 9.5.5.316
Sun Java version: 1.7.0_45 (32-bit)
Flash Player version: 11.9.900.152

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\RICHAR~1\AppData\Local\Temp ====
2014-01-18 09:15:37    FBC207AD85D053D4FD9DD93C595D1A1D    285455    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
2014-01-18 08:19:35    CAAAC014C5C56A69F710B5F1B836DE22    1732032    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\ntdll_dump.dll
2014-01-17 22:54:28    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-01-08 22:30:11    FD2CBAE7227882DAFC38D9F8F7E59F09    266984    ----a-w-    C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-08 22:30:11    D18F9D53B844B5E6FE614FEE8FBF186F    852768    ----a-w-    C:\Windows\SysWOW64\NvIFR.dll
2014-01-08 22:30:11    C1E3CC280E6CB4F3C1BA9F9EC50683E2    2747680    ----a-w-    C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-08 22:30:11    BDC32E3B7E5297EC0B4E0AEA2E2E55E0    9657464    ----a-w-    C:\Windows\SysWOW64\nvopencl.dll
2014-01-08 22:30:11    A403088619D575D43AA0C46AD56BB203    22960416    ----a-w-    C:\Windows\SysWOW64\nvoglv32.dll
2014-01-08 22:30:11    9C1FBE3D3CBFCF88DCDFCB21D38307A3    2947872    ----a-w-    C:\Windows\SysWOW64\nvcuvid.dll
2014-01-08 22:30:11    5F67586FFD23EBEF5C074296AA1E0F76    17560352    ----a-w-    C:\Windows\SysWOW64\nvcompiler.dll
2014-01-08 22:30:11    5B9DF8156153C839A0E6449294030519    847648    ----a-w-    C:\Windows\SysWOW64\NvFBC.dll
2014-01-08 22:30:11    44C9CDBE76C836F3B3A378E74C5BD46C    1242400    ----a-w-    C:\Windows\SysWOW64\nvumdshim.dll
2014-01-08 22:30:11    39BD6D4EF0FDBC92D0B1CD86A4D0BFF0    9700224    ----a-w-    C:\Windows\SysWOW64\nvcuda.dll
2014-01-08 22:30:11    31A3C683D1B38F8B139A21E1A690A772    141336    ----a-w-    C:\Windows\SysWOW64\nvinit.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-01-15 12:20:00    F2BF71FCEAB8FB8A691408C478E2FF4C    3156480    ----a-w-    C:\Windows\Sysnative\win32k.sys
2014-01-08 22:30:11    FE42965BAE6EC9ECAF0D3DCF80A57B14    168616    ----a-w-    C:\Windows\Sysnative\nvinitx.dll
2014-01-08 22:30:11    DF2393DCDA345251F6CC0F59D5AE6DBF    31520    ----a-w-    C:\Windows\Sysnative\nvhdap64.dll
2014-01-08 22:30:11    D22521804E3CB0DFB4FCB11A0E2A0CFF    879392    ----a-w-    C:\Windows\Sysnative\NvFBC64.dll
2014-01-08 22:30:11    CD4EC143C035E069B40775197336DD1A    25257248    ----a-w-    C:\Windows\Sysnative\nvcompiler.dll
2014-01-08 22:30:11    CBF3BF5CFA0AB6D77AB59272605F625B    1884448    ----a-w-    C:\Windows\Sysnative\nvdispco6433221.dll
2014-01-08 22:30:11    C5E80F5C39CD1FC4221CB20AD6710EFF    18222008    ----a-w-    C:\Windows\Sysnative\nvd3dumx.dll
2014-01-08 22:30:11    B99F55FC24FC321036BAD3F025DE5EB1    1515296    ----a-w-    C:\Windows\Sysnative\nvhdagenco6420103.dll
2014-01-08 22:30:11    96E23AC6B6E6007CC2B42C9FE2BD4E69    3132704    ----a-w-    C:\Windows\Sysnative\nvcuvid.dll
2014-01-08 22:30:11    8C0E8871D4E2FFAB20319FB4162FDA00    11554264    ----a-w-    C:\Windows\Sysnative\nvopencl.dll
2014-01-08 22:30:11    69FD5EAF3BA485A3584D7328759808F4    317472    ----a-w-    C:\Windows\Sysnative\nvoglshim64.dll
2014-01-08 22:30:11    55DFCF0031E7257E3DE83E219DC49E8B    882464    ----a-w-    C:\Windows\Sysnative\NvIFR64.dll
2014-01-08 22:30:11    334ECC4245D7E8A648D338E325E11C57    3125024    ----a-w-    C:\Windows\Sysnative\nvcuvenc.dll
2014-01-08 22:30:11    328D7B3C63E21B9B0D557484F99C177F    1511712    ----a-w-    C:\Windows\Sysnative\nvdispgenco6433221.dll
2014-01-08 22:30:11    10A5FF3ACDBA9289381772C5535CB55C    11605752    ----a-w-    C:\Windows\Sysnative\nvcuda.dll
2014-01-08 22:30:11    006A27B58271126AD1D58302666F1471    30372640    ----a-w-    C:\Windows\Sysnative\nvoglv64.dll
====== C:\Windows\Sysnative\drivers =====
2014-01-18 07:33:34    0C6125E43F42C4DA6E74D9AF2B75E40C    117464    ----a-w-    C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-01-18 07:32:47    90AA9E273410AD7A41D2D06E0FB46022    89304    ----a-w-    C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-01-15 12:20:25    3555BA97171CD153118F73FDCCC8BFDE    376768    ----a-w-    C:\Windows\Sysnative\drivers\netio.sys
2014-01-08 22:30:11    E366A5681C50785D4ED04FCFD65C3415    197408    ----a-w-    C:\Windows\Sysnative\drivers\nvhda64v.sys
2014-01-08 22:30:11    0218E1CE8F7B5D404980192B9112D03A    12645664    ----a-w-    C:\Windows\Sysnative\drivers\nvlddmkm.sys
2013-12-27 11:46:21    53D7442AA919C91D055DBD44635F32B1    1547616    ----a-w-    C:\Windows\Sysnative\drivers\netr28ux.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-01-17 23:34:21    --------    d-----w-    C:\Program Files\HitmanPro
======= C:\PROGRA~2 =====
2013-12-27 11:47:11    --------    d-----w-    C:\PROGRA~2\TP-LINK
======= C: =====
2014-01-17 23:25:14    D41D8CD98F00B204E9800998ECF8427E    0    ----a-w-    C:\asc_rdflag
====== C:\Users\Richard Suarez\AppData\Roaming ======
2014-01-18 10:09:43    --------    d-----w-    C:\Users\Richard Suarez\AppData\Local\CrashDumps
2014-01-05 22:39:34    --------    d-----w-    C:\Users\Richard Suarez\AppData\Local\Microsoft Games
2013-12-27 11:47:29    --------    d-----w-    C:\Users\Richard Suarez\AppData\Roaming\TP-LINK
====== C:\Users\Richard Suarez ======
2014-01-17 23:34:21    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-01-17 23:33:12    --------    d-----w-    C:\ProgramData\HitmanPro
2013-12-27 11:47:30    --------    d-----w-    C:\ProgramData\Ralink
2013-12-27 11:47:14    --------    d-----w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2013-12-27 11:43:59    --------    d-----w-    C:\ProgramData\TP-LINK

====== C: exe-files ==
2014-01-18 09:15:37    FBC207AD85D053D4FD9DD93C595D1A1D    285455    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\Install_HOSTS_Anti-Adware.exe
2014-01-18 08:29:29    DCD8506878DBE9B88B5202500E709D7A    299800    ----a-w-    C:\Users\Richard Suarez\AppData\Local\NVIDIA\NvBackend\Packages\000056f1\drsupdate.17662045_RUNASUSER.exe
2014-01-18 08:16:53    23DDCE98703DBD12117308D86464B9A3    4406784    ----a-w-    C:\Downloads\RogueKiller\RogueKillerX64.exe
2014-01-18 07:32:45    6CB8527528BFA9F690CD158EB61285C5    1175352    ----a-w-    C:\mbar\mbar.exe
2014-01-18 07:32:45    255411A7AC135FB4A1E90A2A6EA6C7C5    821560    ----a-w-    C:\mbar\Plugins\fixdamage.exe
2014-01-18 07:28:17    933169EEE58B90EB0900CD3B0AF02FD8    791393    ----a-w-    C:\Downloads\Erunt\erunt-setup.exe
2014-01-18 07:27:14    C038AC0153BFFE7F8778D404C0872317    1933048    ----a-w-    C:\Downloads\Rkill\rkill.exe
2014-01-17 23:34:22    AACD31D9B4129F05ECDE27DE98E6D96A    109352    ----a-w-    C:\Program Files\HitmanPro\hmpsched.exe
2014-01-17 23:34:21    76874123C258B0FE7A5E7E8F71555D52    10264904    ----a-w-    C:\Program Files\HitmanPro\HitmanPro.exe
2014-01-17 23:15:24    76874123C258B0FE7A5E7E8F71555D52    10264904    ----a-w-    C:\Downloads\HitmanPro\HitmanPro_378_x64.exe
2014-01-17 23:13:40    246FE58EFFD357B2078842708155E46C    1236282    ----a-w-    C:\Downloads\AdwCleaner\adwcleaner.exe
2014-01-17 22:54:28    2E0323A94915FAAB10A25F3BABF82584    157696    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-01-17 00:29:32    CA29059459C98937578B0F6B45E56E0F    3110568    ----a-w-    C:\Users\Richard Suarez\AppData\Local\NVIDIA\NvBackend\Packages\000056e3\dao.17646152.exe
2014-01-16 10:04:03    86D3D323F2D17DBCEA341A2CDF2C6D8B    514368    ----a-w-    C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCU-Pro.exe
2014-01-16 00:46:16    1D0A1FF655C6CF2EA2DE4FB6AA8246AD    9046696    ----a-w-    C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\32.0.1700.76\32.0.1700.76_31.0.1650.63_chrome_updater.exe
2014-01-15 12:40:56    EE386D5ACB945089BCD91766697224BB    1037068    ----a-w-    C:\Downloads\Junkware Removal Tool\JRT.exe
=== C: other files ==
2014-01-18 07:33:34    0C6125E43F42C4DA6E74D9AF2B75E40C    117464    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-01-18 07:32:47    90AA9E273410AD7A41D2D06E0FB46022    89304    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-01-18 07:24:53    E82F97D62E0EBA221051FD31F65D5B7D    104    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\utt5A9E.tmp.bat
2014-01-17 22:54:27    CC6C23C02BE66014AD87F2678BBB3A1D    8117    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\modules.bat
2014-01-17 22:54:27    C4A5476A9D54B400F1623A2EE7DDA5C5    13955    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\chrome.bat
2014-01-17 22:54:27    BAD6C67C870CC81C48DBA53089929884    153331    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\firefox.bat
2014-01-17 22:54:27    B964B792D3692699CD7D4FDB63EE470E    1239    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\FWPolicy.bat
2014-01-17 22:54:27    B7D46D5BC21F69EFEEFFC15060E423AC    154167    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\misc.bat
2014-01-17 22:54:27    B45931E5313CB14CAA0F2BC3DA30E6FC    29648    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\ask.bat
2014-01-17 22:54:27    80D02380F1AC33E459324B088392A1EC    732    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\ev_clear.bat
2014-01-17 22:54:27    75C9C20DD9839BF287B43B0E179822DC    31414    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\iexplore.bat
2014-01-17 22:54:27    7178963AEE641F3E47E1CE22416F8A3A    9295    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\runvalues.bat
2014-01-17 22:54:27    654E9FE74B930A454EE5BDE165794B65    85    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\delorphans.bat
2014-01-17 22:54:27    5AE8F4442CA6D69FE9A6738E8DB411F2    10261    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\JRT.bat
2014-01-17 22:54:27    58605DA3492FB918D3D40B1FB88046AE    39471    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\prelim.bat
2014-01-17 22:54:27    55D97CE5B1A61AD51F887E46550029F6    16063    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\get.bat
2014-01-17 22:54:27    372EA6F783198102CF5779072EE78C79    24751    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\searchlnk.bat
2014-01-17 22:54:27    1FBF882AA934A741530741FC134872A3    1243    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\TDL4.bat
2014-01-17 22:54:27    14D6EE8B672684E2232FB430D8C4A928    18668    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\medfos.bat
2014-01-17 22:54:27    0768E560CCD86C18F35FAD29DCEA7B80    1820    ----a-w-    C:\Users\Richard Suarez\AppData\Local\Temp\jrt\delfolders.bat
2014-01-15 12:20:25    3555BA97171CD153118F73FDCCC8BFDE    376768    ----a-w-    C:\Windows\System32\drivers\netio.sys
2014-01-15 12:20:00    F2BF71FCEAB8FB8A691408C478E2FF4C    3156480    ----a-w-    C:\Windows\System32\win32k.sys
2014-01-15 06:46:11    B2495762CBE4F8B72C9BF807379795AB    329392674    ----a-w-    C:\_Misc\_Pics\Cosplay\Kato (Kate Lambert)\Steamgirl.zip
2014-01-13 10:55:34    89028DB775C7D4C3407D749AEBB80675    50780640    ----a-w-    C:\_Misc\_Playboy\Ashleigh Elizabeth\Ashleigh Elizabeth - Playboy All Naturals, 2 Sets.zip
2014-01-13 08:11:50    3B2F4A2A801AD1400CAE6FE4B6AAFEC5    22709    ----a-w-    C:\Users\Public\Sony Online Entertainment\Installed Games\Dragons Prophet\CrashReports\_temp\01_13_14\dp_x64_10076_1312121805_13CE050A7B72406BE1D200BA35208113_140113031150.zip
2014-01-12 12:58:49    D8689ABE528C7FC0C1BA8E527D12E566    23336    ----a-w-    C:\Users\Public\Sony Online Entertainment\Installed Games\Dragons Prophet\CrashReports\_temp\01_12_14\dp_x64_10076_1312121805_13CE050A7B72406BE1D200BA35208113_140112075849.zip

Link to post
Share on other sites

Next

 

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-385045414-941568273-1611141777-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"WLAN Optimizer"="C:\Downloads\WLAN Optimizer\WLAN Optimizer.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Google Update"="C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Akamai NetSession Interface"="C:\Users\Richard Suarez\AppData\Local\Akamai\netsession_win.exe"
"Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe /Auto"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"googletalk"="C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WLAN Optimizer"="C:\Downloads\WLAN Optimizer\WLAN Optimizer.exe"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Google Update"="C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Akamai NetSession Interface"="C:\Users\Richard Suarez\AppData\Local\Akamai\netsession_win.exe"
"Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe /Auto"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"
"EKIJ5000StatusMonitor"="C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe"
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"

==== Startup Folders ======================

2013-09-23 22:24:14    1052    ----a-w-    C:\Users\Richard Suarez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
2013-12-27 11:47:14    2308    ----a-w-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\COMODO Updater.job --a------ C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/16/2010 04:11 AM]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11/16/2010 04:11 AM]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-385045414-941568273-1611141777-1000Core.job --a------ C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exC:Richard Suarez Keeps your Google software up to date. If this task is disabled or stopped your Google software will not be kept up to date meaning sC:urity vulnerabilities that may arise cannot be fixed and features may not work. This task uninstalls itself when there is no Google software using it.0 []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-385045414-941568273-1611141777-1000UA.job --a------ C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe [09/14/2012 03:05 PM]
C:\Windows\tasks\RegInOut Scheduled Scan - Richard Suarez.job --a------ C:-C:\Program Files (x86)\RegInOut\RegInOut.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ASC7U_SkipUac_Richard Suarez" [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe /SkipUac]
"C:\Windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Monitor.exe]
"C:\Windows\SysNative\tasks\Clean System Memory" [C:\Windows\syswow64\CleanMem.exe]
"C:\Windows\SysNative\tasks\COMODO Updater" [C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-385045414-941568273-1611141777-1000Core" [C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-385045414-941568273-1611141777-1000UA" [C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RegInOut Scheduled Scan - Richard Suarez" [C:\Program Files (x86)\RegInOut\RegInOut.exe]
"C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\SmartDefrag_Schedule" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe]
"C:\Windows\SysNative\tasks\{71106EB5-4DD5-4B65-B3AE-DA7A28E30FF1}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe]
"C:\Windows\SysNative\tasks\{D7A31E70-53F9-4B24-93A9-8425AA16BE36}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Richard Suarez\AppData\Roaming\Mozilla\Firefox\Profiles\jdxmqo7a.default
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Richard Suarez\AppData\Roaming\Mozilla\Firefox\Profiles\jdxmqo7a.default
C36444D7301A8C881FC7296B092609C7    - C:\Users\Richard Suarez\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll -    Google Update
EE8D96E7899D12FC3AA5DB2034C0853C    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll -    Shockwave Flash
68BCBB241EF254BC5100D9E6C06ECC71    - C:\Users\Richard Suarez\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll -    Google Talk Plugin Video Accelerator
99FE6AFE80EB7FE3EEB75DC504A326A3    - C:\Users\Richard Suarez\AppData\Roaming\Mozilla\plugins\npo1d.dll -    Google Talk Plugin Video Renderer
AF42019A3B0EDBFA6878F75B9377A792    - C:\Users\Richard Suarez\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -    Google Talk Plugin
C899B98999270821EDFFA56044DE2377    - C:\Users\Richard Suarez\AppData\Roaming\raidcall\plugins\nprcplugin.dll -    Raidcall plugin
D02ED3C972BBF10890CA2A586F2C0762    - C:\Users\Richard Suarez\AppData\LocalLow\Sony Online Entertainment\npsoe.dll -    SOE Web Installer
79BB0C72FD89D855561838E895EDCFFE    - C:\Users\Richard Suarez\AppData\LocalLow\Sony Online Entertainment\npsoeact.dll -    SOE Web Installer


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[05/14/2013 12:27 PM]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[10/12/2013 01:04 PM]

Google Docs - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Skype for Chromium - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Advanced SystemCare Surfing Protection - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Google Wallet - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.yahoo.com/?type=714647&fr=spigot-yhp-ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{88F94B64-C7C5-49AD-A112-8484291462AD}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_enUS406"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{88F94B64-C7C5-49AD-A112-8484291462AD} Yahoo  Url="http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}"

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [WLAN Optimizer] C:\Downloads\WLAN Optimizer\WLAN Optimizer.exe
O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Richard Suarez\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [Advanced SystemCare Ultimate] "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe" /Auto
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Trillian.lnk = C:\Program Files (x86)\Trillian\trillian.exe
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - C:\Program Files (x86)\Bonjour\ExplorerPlugin.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AdvancedSystemCareAntivirus (ASCAntivirusSrv) - IOBit - C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe
O23 - Service: GRegService (Greg_Service) - Acer Incorporated - C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Updater Service - Acer - C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
 

Link to post
Share on other sites

Next

 

==== Sysinternals Autoruns Log ======================

HKLM\System\CurrentControlSet\Services
   AdvancedSystemCareService7
     C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCService.exe
     Advanced SystemCare Service
     IObit
     7.0.0.15
     c:\program files (x86)\iobit\advanced systemcare ultimate 7\ascservice.exe
     12/16/2013 3:52 AM
   Akamai
     c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
     Provides networking protocol and file transfer technologies. If the service is stopped, those applications that depend on the service may fail to transfer files or otherwise function properly.
     Akamai Technologies, Inc.
     1.8.9.2
     c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
     6/4/2013 9:22 PM
   ASCAntivirusSrv
     C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ascavsvc.exe
     Advanced SystemCare Antivirus Service
     IOBit
     7.0.0.5095
     c:\program files (x86)\iobit\advanced systemcare ultimate 7\ascavsvc.exe
     12/8/2013 9:10 PM
   Bonjour Service
     "C:\Program Files (x86)\Bonjour\mDNSResponder.exe"
     Bonjour allows applications like iTunes and Safari to advertise and discover services on the local network.  Having Bonjour running enables you to connect to hardware devices like Apple TV and software services like iTunes sharing and AirTunes. If you disable Bonjour, any network service that explicitly depends on it will fail to start.
     Apple Inc.
     1.0.6.2
     c:\program files (x86)\bonjour\mdnsresponder.exe
     11/10/2008 6:48 PM
   GameConsoleService
     "C:\Program Files (x86)\eMachines Games\eMachines Game Console\GameConsoleService.exe"
     GameConsole management services
     WildTangent, Inc.
     3.0.4537.0
     c:\program files (x86)\emachines games\emachines game console\gameconsoleservice.exe
     5/22/2009 12:47 PM
   Greg_Service
     C:\Program Files (x86)\eMachines\Registration\GregHSRW.exe
     Global Registration Service
     Acer Incorporated
     1.0.2001.0
     c:\program files (x86)\emachines\registration\greghsrw.exe
     6/19/1992 5:22 PM
   gupdate
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc
     Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
     Google Inc.
     1.2.183.9
     c:\program files (x86)\google\update\googleupdate.exe
     10/13/2009 6:04 PM
   gupdatem
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc
     Keeps your Google software up to date. If this service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This service uninstalls itself when there is no Google software using it.
     Google Inc.
     1.2.183.9
     c:\program files (x86)\google\update\googleupdate.exe
     10/13/2009 6:04 PM
   gusvc
     "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe"
     Google Updater keeps your Google software up to date. If Google Updater Service is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work.
     Google
     2.4.2617.4952
     c:\program files (x86)\google\common\google updater\googleupdaterservice.exe
     3/2/2012 4:13 PM
   HitmanProScheduler
     C:\Program Files\HitmanPro\hmpsched.exe
     HitmanPro Scheduler controls scheduled scans
     SurfRight B.V.
     3.7.0.5
     c:\program files\hitmanpro\hmpsched.exe
     10/29/2013 10:11 AM
   LiveUpdateSvc
     C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
     LiveUpdate
     IObit
     2.0.0.755
     c:\program files (x86)\iobit\liveupdate\liveupdate.exe
     12/1/2013 9:54 PM
   MozillaMaintenance
     "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe"
     The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled.
     Mozilla Foundation
     26.0.0.5087
     c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe
     12/5/2013 12:09 PM
   Nero BackItUp Scheduler 4.0
     C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
     Nero BackItUp Scheduler 4.0 is responsible to control all jobs created using Nero BackItUp. These jobs can create backups of selected files/folders/partitions or complete hard disk to hard disk, network drive, disc or FTP.
     Nero AG
     4.2.3.100
     c:\program files (x86)\common files\nero\nero backitup 4\nbservice.exe
     8/19/2009 9:07 AM
   npggsvc
     C:\Windows\system32\GameMon.des -service
     nProtect GameGuard Service
     INCA Internet Co., Ltd.
     2010.1.15.1
     c:\windows\syswow64\gamemon.des
     1/15/2010 1:39 AM
   NvNetworkService
     "C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe"
     NVIDIA Network Service
     NVIDIA Corporation
     1.0.0.1
     c:\program files (x86)\nvidia corporation\netservice\nvnetworkservice.exe
     12/6/2013 10:09 AM
   NvStreamSvc
     "C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe"
     Service for SHIELD Streaming
     NVIDIA Corporation
     1.6.85.0
     c:\program files\nvidia corporation\nvstreamsrv\nvstreamsvc.exe
     12/9/2013 9:19 AM
   NVSvc
     "C:\Windows\system32\nvvsvc.exe"
     Provides system and desktop level support to the NVIDIA display driver
     NVIDIA Corporation
     8.17.13.3221
     c:\windows\system32\nvvsvc.exe
     12/19/2013 1:38 PM
   SkypeUpdate
     "C:\Program Files (x86)\Skype\Updater\Updater.exe"
     Enables the detection, download and installation of updates for Skype.
     Skype Technologies
     6.8.1.61523
     c:\program files (x86)\skype\updater\updater.exe
     9/5/2013 4:31 AM
   Stereo Service
     "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
     Provides system support for NVIDIA Stereoscopic 3D driver
     NVIDIA Corporation
     7.17.13.3221
     c:\program files (x86)\nvidia corporation\3d vision\nvscpapisvr.exe
     12/19/2013 1:05 PM
   Updater Service
     C:\Program Files\eMachines\eMachines Updater\UpdaterService.exe
     Acer Update Service
     Acer
     1.0.0.6
     c:\program files\emachines\emachines updater\updaterservice.exe
     7/3/2009 5:44 AM

HKLM\System\CurrentControlSet\Services
   adp94xx
     \SystemRoot\system32\DRIVERS\adp94xx.sys
     Adaptec Windows SAS/SATA Storport Driver
     Adaptec, Inc.
     1.6.6.4
     c:\windows\system32\drivers\adp94xx.sys
     12/5/2008 6:54 PM
   adpahci
     \SystemRoot\system32\DRIVERS\adpahci.sys
     Adaptec Windows SATA Storport Driver
     Adaptec, Inc.
     1.6.6.1
     c:\windows\system32\drivers\adpahci.sys
     5/1/2007 12:30 PM
   adpu320
     \SystemRoot\system32\DRIVERS\adpu320.sys
     Adaptec StorPort Ultra320 SCSI Driver (X64)
     Adaptec, Inc.
     7.2.0.0
     c:\windows\system32\drivers\adpu320.sys
     2/27/2007 7:04 PM
   aliide
     \SystemRoot\system32\drivers\aliide.sys
     ALi mini IDE Driver
     Acer Laboratories Inc.
     1.2.0.0
     c:\windows\system32\drivers\aliide.sys
     7/13/2009 6:19 PM
   amdsata
     \SystemRoot\system32\drivers\amdsata.sys
     AHCI 1.2 Device Driver
     Advanced Micro Devices
     1.1.2.5
     c:\windows\system32\drivers\amdsata.sys
     3/18/2010 7:45 PM
   amdsbs
     \SystemRoot\system32\DRIVERS\amdsbs.sys
     AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform
     AMD Technologies Inc.
     3.6.1540.127
     c:\windows\system32\drivers\amdsbs.sys
     3/20/2009 1:36 PM
   amdxata
     system32\drivers\amdxata.sys
     Storage Filter Driver
     Advanced Micro Devices
     1.1.2.5
     c:\windows\system32\drivers\amdxata.sys
     3/19/2010 11:18 AM
   arc
     \SystemRoot\system32\DRIVERS\arc.sys
     Adaptec RAID Storport Driver
     Adaptec, Inc.
     5.2.0.10384
     c:\windows\system32\drivers\arc.sys
     5/24/2007 4:27 PM
   arcsas
     \SystemRoot\system32\DRIVERS\arcsas.sys
     Adaptec SAS RAID WS03 Driver
     Adaptec, Inc.
     5.2.0.16119
     c:\windows\system32\drivers\arcsas.sys
     1/14/2009 2:27 PM
   b06bdrv
     \SystemRoot\system32\DRIVERS\bxvbda.sys
     Broadcom NetXtreme II GigE VBD
     Broadcom Corporation
     4.8.2.0
     c:\windows\system32\drivers\bxvbda.sys
     2/13/2009 5:18 PM
   b57nd60a
     system32\DRIVERS\b57nd60a.sys
     Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver.
     Broadcom Corporation
     10.100.4.0
     c:\windows\system32\drivers\b57nd60a.sys
     4/26/2009 6:14 AM
   bdfsfltr
     \??\C:\Windows\system32\Drivers\bdfsfltr.sys
     BdFsFltr File System Minifilter Driver
     BitDefender
     0.4.386.5560
     c:\windows\system32\drivers\bdfsfltr.sys
     3/23/2011 8:52 AM
   BrFiltLo
     \SystemRoot\system32\DRIVERS\BrFiltLo.sys
     Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver
     Brother Industries, Ltd.
     1.10.0.2
     c:\windows\system32\drivers\brfiltlo.sys
     8/6/2006 8:51 PM
   BrFiltUp
     \SystemRoot\system32\DRIVERS\BrFiltUp.sys
     Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver
     Brother Industries, Ltd.
     1.4.0.1
     c:\windows\system32\drivers\brfiltup.sys
     8/6/2006 8:51 PM
   Brserid
     \SystemRoot\System32\Drivers\Brserid.sys
     Brotehr Serial I/F Driver (WDM)
     Brother Industries Ltd.
     1.0.1.6
     c:\windows\system32\drivers\brserid.sys
     8/6/2006 8:51 PM
   BrSerWdm
     \SystemRoot\System32\Drivers\BrSerWdm.sys
     Brother Serial driver (WDM version)
     Brother Industries Ltd.
     1.0.0.20
     c:\windows\system32\drivers\brserwdm.sys
     8/6/2006 8:51 PM
   BrUsbMdm
     \SystemRoot\System32\Drivers\BrUsbMdm.sys
     Brother USB MDM Driver
     Brother Industries Ltd.
     1.0.0.12
     c:\windows\system32\drivers\brusbmdm.sys
     8/6/2006 8:51 PM
   BrUsbSer
     \SystemRoot\System32\Drivers\BrUsbSer.sys
     Brother USB Serial Driver
     Brother Industries Ltd.
     1.0.1.3
     c:\windows\system32\drivers\brusbser.sys
     8/9/2006 7:11 AM
   cmdide
     \SystemRoot\system32\drivers\cmdide.sys
     CMD PCI IDE Bus Driver
     CMD Technology, Inc.
     2.0.7.0
     c:\windows\system32\drivers\cmdide.sys
     7/13/2009 6:19 PM
   EagleX64
     \??\C:\Windows\system32\drivers\EagleX64.sys
     File not found: C:\Windows\system32\drivers\EagleX64.sys
     
   ebdrv
     \SystemRoot\system32\DRIVERS\evbda.sys
     Broadcom NetXtreme II 10 GigE VBD
     Broadcom Corporation
     4.8.13.0
     c:\windows\system32\drivers\evbda.sys
     12/31/2008 11:29 AM
   elxstor
     \SystemRoot\system32\DRIVERS\elxstor.sys
     Storport Miniport Driver for LightPulse HBAs
     Emulex
     7.2.10.211
     c:\windows\system32\drivers\elxstor.sys
     2/3/2009 5:52 PM
   FLASHSYS
     \??\C:\Program Files (x86)\MSI\Live Update 4\LU4\FLASHSYS64.sys
     c:\program files (x86)\msi\live update 4\lu4\flashsys64.sys
     2/15/2008 3:00 AM
   hcw85cir
     \SystemRoot\system32\drivers\hcw85cir.sys
     Hauppauge WinTV 885 Consumer IR Driver for eHome
     Hauppauge Computer Works, Inc.
     1.31.27127.0
     c:\windows\system32\drivers\hcw85cir.sys
     5/11/2009 3:26 AM
   HpSAMD
     \SystemRoot\system32\drivers\HpSAMD.sys
     Smart Array SAS/SATA Controller Media Driver
     Hewlett-Packard Company
     6.12.6.64
     c:\windows\system32\drivers\hpsamd.sys
     4/20/2010 1:32 PM
   iaStorV
     \SystemRoot\system32\drivers\iaStorV.sys
     Intel Matrix Storage Manager driver - x64
     Intel Corporation
     8.6.2.1014
     c:\windows\system32\drivers\iastorv.sys
     6/10/2010 7:46 PM
   iirsp
     \SystemRoot\system32\DRIVERS\iirsp.sys
     Intel/ICP Raid Storport Driver
     Intel Corp./ICP vortex GmbH
     5.4.22.0
     c:\windows\system32\drivers\iirsp.sys
     12/13/2005 4:47 PM
   IntcAzAudAddService
     system32\drivers\RTKVHD64.sys
     Realtek® High Definition Audio Function Driver
     Realtek Semiconductor Corp.
     6.0.1.5898
     c:\windows\system32\drivers\rtkvhd64.sys
     7/20/2009 5:52 AM
   LSI_FC
     \SystemRoot\system32\DRIVERS\lsi_fc.sys
     LSI Fusion-MPT FC Driver (StorPort)
     LSI Corporation
     1.28.3.52
     c:\windows\system32\drivers\lsi_fc.sys
     12/9/2008 5:46 PM
   LSI_SAS
     \SystemRoot\system32\DRIVERS\lsi_sas.sys
     LSI Fusion-MPT SAS Driver (StorPort)
     LSI Corporation
     1.28.3.52
     c:\windows\system32\drivers\lsi_sas.sys
     5/18/2009 7:20 PM
   LSI_SAS2
     \SystemRoot\system32\DRIVERS\lsi_sas2.sys
     LSI SAS Gen2 Driver (StorPort)
     LSI Corporation
     2.0.2.71
     c:\windows\system32\drivers\lsi_sas2.sys
     5/18/2009 7:31 PM
   LSI_SCSI
     \SystemRoot\system32\DRIVERS\lsi_scsi.sys
     LSI Fusion-MPT SCSI Driver (StorPort)
     LSI Corporation
     1.28.3.67
     c:\windows\system32\drivers\lsi_scsi.sys
     4/16/2009 5:13 PM
   ManyCam
     system32\DRIVERS\mcvidrv_x64.sys
     ManyCam Virtual Webcam
     ManyCam LLC
     3.1.0.0
     c:\windows\system32\drivers\mcvidrv_x64.sys
     6/28/2012 12:29 AM
   mcaudrv_simple
     system32\drivers\mcaudrv_x64.sys
     ManyCam Virtual Microphone
     ManyCam LLC
     3.1.0.0
     c:\windows\system32\drivers\mcaudrv_x64.sys
     6/26/2012 10:33 AM
   megasas
     \SystemRoot\system32\DRIVERS\megasas.sys
     MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64
     LSI Corporation
     4.5.1.64
     c:\windows\system32\drivers\megasas.sys
     5/18/2009 8:09 PM
   MegaSR
     \SystemRoot\system32\DRIVERS\MegaSR.sys
     LSI MegaRAID Software RAID Driver
     LSI Corporation, Inc.
     13.5.409.2009
     c:\windows\system32\drivers\megasr.sys
     5/18/2009 8:25 PM
   netr28ux
     system32\DRIVERS\netr28ux.sys
     Ralink 802.11n Wireless Adapter Driver
     Ralink Technology Corp.
     3.1.8.0
     c:\windows\system32\drivers\netr28ux.sys
     12/28/2010 6:53 AM
   nfrd960
     \SystemRoot\system32\DRIVERS\nfrd960.sys
     IBM ServeRAID Controller Driver
     IBM Corporation
     7.10.0.0
     c:\windows\system32\drivers\nfrd960.sys
     6/6/2006 4:11 PM
   NPPTNT2
     \??\C:\Windows\system32\npptNT2.sys
     File not found: C:\Windows\system32\npptNT2.sys
     
   NVENETFD
     system32\DRIVERS\nvm62x64.sys
     NVIDIA MCP Networking Function Driver.
     NVIDIA Corporation
     1.0.1.210
     c:\windows\system32\drivers\nvm62x64.sys
     10/17/2008 4:01 PM
   NVHDA
     system32\drivers\nvhda64v.sys
     NVIDIA HDMI Audio Driver
     NVIDIA Corporation
     1.3.30.1
     c:\windows\system32\drivers\nvhda64v.sys
     11/28/2013 8:38 AM
   nvlddmkm
     system32\DRIVERS\nvlddmkm.sys
     NVIDIA Windows Kernel Mode Driver, Version 332.21
     NVIDIA Corporation
     9.18.13.3221
     c:\windows\system32\drivers\nvlddmkm.sys
     12/19/2013 12:02 PM
   NVNET
     system32\DRIVERS\nvmf6264.sys
     NVIDIA MCP Networking Function Driver.
     NVIDIA Corporation
     7.3.1.7306
     c:\windows\system32\drivers\nvmf6264.sys
     4/30/2009 2:45 PM
   nvraid
     \SystemRoot\system32\drivers\nvraid.sys
     NVIDIAr nForce RAID Driver
     NVIDIA Corporation
     10.6.0.18
     c:\windows\system32\drivers\nvraid.sys
     3/19/2010 3:59 PM
   nvstor
     \SystemRoot\system32\drivers\nvstor.sys
     NVIDIAr nForce Sata Performance Driver
     NVIDIA Corporation
     10.6.0.18
     c:\windows\system32\drivers\nvstor.sys
     3/19/2010 3:45 PM
   nvstor64
     system32\DRIVERS\nvstor64.sys
     NVIDIAr nForce Sata Performance Driver
     NVIDIA Corporation
     11.1.0.23
     c:\windows\system32\drivers\nvstor64.sys
     4/29/2009 8:57 PM
   nvvad_WaveExtensible
     system32\drivers\nvvad64v.sys
     NVIDIA Virtual Audio Driver
     NVIDIA Corporation
     1.2.19.0
     c:\windows\system32\drivers\nvvad64v.sys
     12/4/2013 6:10 PM
   ql2300
     \SystemRoot\system32\DRIVERS\ql2300.sys
     QLogic Fibre Channel Stor Miniport Driver
     QLogic Corporation
     9.1.8.6
     c:\windows\system32\drivers\ql2300.sys
     1/22/2009 6:05 PM
   ql40xx
     \SystemRoot\system32\DRIVERS\ql40xx.sys
     QLogic iSCSI Storport Miniport Driver
     QLogic Corporation
     2.1.3.20
     c:\windows\system32\drivers\ql40xx.sys
     5/18/2009 8:18 PM
   rt61x64
     system32\DRIVERS\netr6164.sys
     Ralink 802.11 Wireless Adapter Driver
     Ralink Technology, Corp.
     3.0.9.0
     c:\windows\system32\drivers\netr6164.sys
     4/7/2010 7:07 AM
   secdrv
     secdrv
     Macrovision SECURITY Driver
     Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.
     4.3.86.0
     c:\windows\system32\drivers\secdrv.sys
     9/13/2006 8:18 AM
   SiSRaid2
     \SystemRoot\system32\DRIVERS\SiSRaid2.sys
     SiS RAID Stor Miniport Driver
     Silicon Integrated Systems Corp.
     5.1.1039.2600
     c:\windows\system32\drivers\sisraid2.sys
     9/24/2008 1:28 PM
   SiSRaid4
     \SystemRoot\system32\DRIVERS\sisraid4.sys
     SiS AHCI Stor-Miniport Driver
     Silicon Integrated Systems
     5.1.1039.3600
     c:\windows\system32\drivers\sisraid4.sys
     10/1/2008 4:56 PM
   SmartDefragDriver
     System32\Drivers\SmartDefragDriver.sys
     File driver of SmartDefrag
     c:\windows\system32\drivers\smartdefragdriver.sys
     11/26/2010 4:29 AM
   stexstor
     \SystemRoot\system32\DRIVERS\stexstor.sys
     Promise  SuperTrak EX Series Driver for Windows
     Promise Technology
     5.0.1.1
     c:\windows\system32\drivers\stexstor.sys
     2/17/2009 6:03 PM
   Trufos
     system32\DRIVERS\TRUFOS.sys
     BdFsFltr File System Minifilter Driver
     BitDefender S.R.L.
     2.3.446.12457
     c:\windows\system32\drivers\trufos.sys
     10/19/2011 4:10 AM
   viaide
     \SystemRoot\system32\drivers\viaide.sys
     VIA Generic PCI IDE Bus Driver
     VIA Technologies, Inc.
     6.0.6000.170
     c:\windows\system32\drivers\viaide.sys
     7/13/2009 6:19 PM
   vsmraid
     \SystemRoot\system32\DRIVERS\vsmraid.sys
     VIA RAID DRIVER FOR AMD-X86-64
     VIA Technologies Inc.,Ltd
     6.0.6000.6210
     c:\windows\system32\drivers\vsmraid.sys
     1/30/2009 8:18 PM
   X6va003
     X6va003
     File not found: C:\Windows\System32\Drivers\X6va003.sys
     

HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors
   KODAK EASYSHARE 5000 Series All-in-One Printer
     EKIJ5000MON.dll
     Language Monitor for KODAK AiO Printer (64-Bit AMD Athlon/Opteron Build)
     Eastman Kodak Company
     5.4.6.3
     c:\windows\system32\ekij5000mon.dll
     9/2/2010 7:31 AM
   KODAK EASYSHARE All-in-One Printer
     EKIJ5000MON.dll
     Language Monitor for KODAK AiO Printer (64-Bit AMD Athlon/Opteron Build)
     Eastman Kodak Company
     5.4.6.3
     c:\windows\system32\ekij5000mon.dll
     9/2/2010 7:31 AM

HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders
   EgyexzoyVexz.dll
     EgyexzoyVexz.dll
     File not found: EgyexzoyVexz.dll
     

HKLM\System\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries64
   mdnsNSP
     C:\Program Files\Bonjour\mdnsNSP.dll
     Bonjour Namespace Provider
     Apple Inc.
     1.0.6.2
     c:\program files\bonjour\mdnsnsp.dll
     11/11/2008 3:00 AM

HKLM\System\CurrentControlSet\Control\Terminal Server\Wds\rdpwd\StartupPrograms
   rdpclip
     rdpclip
     File not found: rdpclip
     

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
   RtHDVCpl
     C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
     HD Audio Control Panel
     Realtek Semiconductor
     1.0.0.386
     c:\program files\realtek\audio\hda\ravcpl64.exe
     7/20/2009 4:33 AM
   EKIJ5000StatusMonitor
     C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
     Status Monitor for KODAK AiO Printer (64-Bit AMD Athlon/Opteron Build)
     Eastman Kodak Company
     5.4.6.3
     c:\windows\system32\spool\drivers\x64\3\ekij5000mui.exe
     9/2/2010 7:37 AM
   Nvtmru
     "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
     NVIDIA NvTmru Application
     NVIDIA Corporation
     9.3.21.0
     c:\program files (x86)\nvidia corporation\nvidia update core\nvtmru.exe
     11/8/2013 2:21 AM
   ShadowPlay
     C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
     NVIDIA Capture Server Proxy
     NVIDIA Corporation
     10.11.15.0
     c:\windows\system32\nvspcap64.dll
     12/9/2013 9:01 PM
   NvBackend
     "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
     NVIDIA GeForce Experience Backend
     NVIDIA Corporation
     10.11.15.0
     c:\program files (x86)\nvidia corporation\update core\nvbackend.exe
     12/9/2013 9:07 PM

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
   googletalk
     C:\Program Files (x86)\Google\Google Talk\googletalk.exe /autostart
     Google Talk
     Google
     1.0.0.104
     c:\program files (x86)\google\google talk\googletalk.exe
     1/1/2007 4:20 PM
   Adobe Reader Speed Launcher
     "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
     Adobe Acrobat SpeedLauncher
     Adobe Systems Incorporated
     9.5.5.316
     c:\program files (x86)\adobe\reader 9.0\reader\reader_sl.exe
     5/8/2013 4:19 PM
   Adobe ARM
     "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
     Adobe Reader and Acrobat Manager
     Adobe Systems Incorporated
     1.7.4.0
     c:\program files (x86)\common files\adobe\arm\1.0\adobearm.exe
     4/4/2013 4:05 PM
   SunJavaUpdateSched
     "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
     Java Update Scheduler
     Oracle Corporation
     2.1.9.8
     c:\program files (x86)\common files\java\java update\jusched.exe
     7/2/2013 11:16 AM

HKLM\SOFTWARE\Classes\Protocols\Handler
   skype-ie-addon-data
     HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}
     Skype Click to Call for Internet Explorer
     Skype Technologies S.A.
     6.9.0.12585
     c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll
     5/14/2013 8:18 AM

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
   TP-LINK Wireless Configuration Utility.lnk
     C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk
     c:\program files (x86)\tp-link\tp-link wireless configuration utility\twcu.exe
     1/10/2013 6:09 AM

C:\Users\Richard Suarez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
   Trillian.lnk
     C:\Users\Richard Suarez\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Trillian.lnk
     Trillian
     Cerulean Studios
     5.4.0.13
     c:\program files (x86)\trillian\trillian.exe
     10/21/2013 10:16 AM

HKLM\SOFTWARE\Wow6432Node\Microsoft\Active Setup\Installed Components
   Google Chrome
     "C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
     Google Chrome
     Google Inc.
     32.0.1700.76
     c:\program files (x86)\google\chrome\application\32.0.1700.76\installer\chrmstp.exe
     1/11/2014 3:21 AM

HKCU\Software\Microsoft\Windows\CurrentVersion\Run
   WLAN Optimizer
     C:\Downloads\WLAN Optimizer\WLAN Optimizer.exe
     WLAN Optimizer
     none
     9.8.7.0
     c:\downloads\wlan optimizer\wlan optimizer.exe
     8/7/2009 11:38 AM
   Skype
     "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
     Skype
     Skype Technologies S.A.
     6.11.0.102
     c:\program files (x86)\skype\phone\skype.exe
     11/14/2013 11:33 AM
   Google Update
     "C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe" /c
     Google Installer
     Google Inc.
     1.3.21.103
     c:\users\richard suarez\appdata\local\google\update\googleupdate.exe
     2/15/2012 9:43 PM
   Akamai NetSession Interface
     "C:\Users\Richard Suarez\AppData\Local\Akamai\netsession_win.exe"
     Akamai NetSession Client
     Akamai Technologies, Inc.
     1.8.9.2
     c:\users\richard suarez\appdata\local\akamai\netsession_win.exe
     6/4/2013 7:47 PM
   Advanced SystemCare Ultimate
     "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASCTray.exe" /Auto
     Advanced SystemCare Ultimate Tray
     IObit
     7.5.0.239
     c:\program files (x86)\iobit\advanced systemcare ultimate 7\asctray.exe
     12/2/2013 1:17 AM

Task Scheduler
   \ASC7U_SkipUac_Richard Suarez
     "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe" /SkipUac
     Advanced SystemCare Ultimate
     IObit
     7.0.1.600
     c:\program files (x86)\iobit\advanced systemcare ultimate 7\asc.exe
     12/16/2013 3:11 AM
   \ASC7_PerformanceMonitor
     "C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\Monitor.exe"
     Advanced SystemCare Ultimate Monitor
     IObit
     7.0.0.359
     c:\program files (x86)\iobit\advanced systemcare ultimate 7\monitor.exe
     11/28/2013 6:42 AM
   \Clean System Memory
     "C:\Windows\syswow64\CleanMem.exe"
     CleanMem By PcWinTech.com
     PcWinTech.com
     2.1.0.1
     c:\windows\syswow64\cleanmem.exe
     4/29/2011 11:51 AM
   \COMODO Updater
     "C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe"
     File not found: C:\Program Files\COMODO\COMODO System-Cleaner\Updater.exe
     
   \GoogleUpdateTaskMachineCore
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c
     Google Installer
     Google Inc.
     1.2.183.9
     c:\program files (x86)\google\update\googleupdate.exe
     10/13/2009 6:04 PM
   \GoogleUpdateTaskMachineUA
     "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
     Google Installer
     Google Inc.
     1.2.183.9
     c:\program files (x86)\google\update\googleupdate.exe
     10/13/2009 6:04 PM
   \GoogleUpdateTaskUserS-1-5-21-385045414-941568273-1611141777-1000Core
     "C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe" /c
     Google Installer
     Google Inc.
     1.3.21.103
     c:\users\richard suarez\appdata\local\google\update\googleupdate.exe
     2/15/2012 9:43 PM
   \GoogleUpdateTaskUserS-1-5-21-385045414-941568273-1611141777-1000UA
     "C:\Users\Richard Suarez\AppData\Local\Google\Update\GoogleUpdate.exe" /ua /installsource scheduler
     Google Installer
     Google Inc.
     1.3.21.103
     c:\users\richard suarez\appdata\local\google\update\googleupdate.exe
     2/15/2012 9:43 PM
   \RegInOut Scheduled Scan - Richard Suarez
     "C:\Program Files (x86)\RegInOut\RegInOut.exe" SCHEDULE
     File not found: C:\Program Files (x86)\RegInOut\RegInOut.exe
     
   \SmartDefragUpdate
     "C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe" /autorun
     SmartDefrag Updater
     IObit
     2.0.0.154
     c:\program files (x86)\iobit\smart defrag 2\autoupdate.exe
     8/26/2012 10:09 PM
   \SmartDefrag_Schedule
     "C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe" /SCHEDULE
     Smart Defrag v2
     IObit
     2.9.0.1225
     c:\program files (x86)\iobit\smart defrag 2\smartdefrag.exe
     9/13/2013 5:09 AM
   \{71106EB5-4DD5-4B65-B3AE-DA7A28E30FF1}
     "C:\Program Files (x86)\Skype\\Phone\Skype.exe"
     Skype
     Skype Technologies S.A.
     6.11.0.102
     c:\program files (x86)\skype\phone\skype.exe
     11/14/2013 11:33 AM
   \{D7A31E70-53F9-4B24-93A9-8425AA16BE36}
     "C:\Program Files (x86)\Skype\Phone\Skype.exe"
     Skype
     Skype Technologies S.A.
     6.11.0.102
     c:\program files (x86)\skype\phone\skype.exe
     11/14/2013 11:33 AM
   \Microsoft\Windows\NetTrace\GatherNetworkInfo
     "%windir%\system32\gatherNetworkInfo.vbs"
     c:\windows\system32\gathernetworkinfo.vbs
     6/10/2009 3:36 PM

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
   Adobe PDF Link Helper
     HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
     Adobe PDF Helper for Internet Explorer
     Adobe Systems Incorporated
     9.5.5.316
     c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
     5/8/2013 4:58 AM
   Java Plug-In SSV Helper
     HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
     Java Platform SE binary
     Oracle Corporation
     10.45.2.18
     c:\program files (x86)\java\jre7\bin\ssv.dll
     10/8/2013 9:43 AM
   Google Toolbar Helper
     HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}
     Google Toolbar
     Google Inc.
     7.5.4805.320
     c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
     12/4/2013 10:47 PM
   Advanced SystemCare Browser Protection
     HKCR\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
     Advanced SystemCare 7  ASCPlugin_Protection
     IObit
     7.0.0.0
     c:\program files (x86)\iobit\surfing protection\browerprotect\ascplugin_protection.dll
     11/13/2013 8:36 PM
   Java Plug-In 2 SSV Helper
     HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}
     Java Platform SE binary
     Oracle Corporation
     10.45.2.18
     c:\program files (x86)\java\jre7\bin\jp2ssv.dll
     10/8/2013 9:43 AM

HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects
   Adobe PDF Link Helper
     HKCR\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
     Adobe PDF Helper for Internet Explorer
     Adobe Systems Incorporated
     9.5.5.316
     c:\program files (x86)\common files\adobe\acrobat\activex\acroiehelpershim.dll
     5/8/2013 4:58 AM
   Java Plug-In SSV Helper
     HKCR\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
     Java Platform SE binary
     Oracle Corporation
     10.45.2.18
     c:\program files (x86)\java\jre7\bin\ssv.dll
     10/8/2013 9:43 AM
   Google Toolbar Helper
     HKCR\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7}
     Google Toolbar
     Google Inc.
     7.5.4805.320
     c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
     12/4/2013 10:47 PM
   Advanced SystemCare Browser Protection
     HKCR\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
     Advanced SystemCare 7  ASCPlugin_Protection
     IObit
     7.0.0.0
     c:\program files (x86)\iobit\surfing protection\browerprotect\ascplugin_protection.dll
     11/13/2013 8:36 PM
   Java Plug-In 2 SSV Helper
     HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}
     Java Platform SE binary
     Oracle Corporation
     10.45.2.18
     c:\program files (x86)\java\jre7\bin\jp2ssv.dll
     10/8/2013 9:43 AM

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers
   Advanced SystemCare
     HKCR\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
     ASCExtMenu Module
     IObit
     7.0.5.5
     c:\program files (x86)\iobit\advanced systemcare ultimate 7\ascextmenu_64.dll
     11/25/2013 9:56 PM
   Notepad++64
     HKCR\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593}
     ShellHandler for Notepad++ (64 bit)
     0.1.0.0
     c:\program files (x86)\notepad++\nppshell_01.dll
     10/14/2009 6:20 PM
   UnLockerMenu
     HKCR\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538}
     IObitUnlockerExtension
     IObit
     1.2.0.2
     c:\program files (x86)\iobit\iobit uninstaller\uninstallmenuright64.dll
     10/22/2013 1:48 AM

HKLM\Software\Wow6432Node\Classes\*\ShellEx\ContextMenuHandlers
   7-Zip
     HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000}
     7-Zip Shell Extension
     Igor Pavlov
     4.65.0.0
     c:\program files (x86)\7-zip\7-zip.dll
     2/3/2009 2:09 AM
   GSplitShell
     HKCR\CLSID\{B46C1E0F-F61D-4B19-BC55-B68D8BB3CAFE}
     GSplit Context Menu Shell Extension
     G.D.G. Software, www.gdgsoft.com
     1.5.1.0
     c:\program files (x86)\common files\gsplit\gspshell.dll
     12/3/2008 5:16 AM

HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers
   Advanced SystemCare
     HKCR\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
     ASCExtMenu Module
     IObit
     7.0.5.5
     c:\program files (x86)\iobit\advanced systemcare ultimate 7\ascextmenu_64.dll
     11/25/2013 9:56 PM

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers
   GB3ContextMenu
     HKCR\CLSID\{3A488FE8-9916-4F36-BDFF-3DED559142E5}
     Game Booster v3 Context Menu
     IObit
     3.0.0.259
     c:\program files (x86)\iobit\game booster\gbv3contextmenu.dll
     9/19/2011 10:11 PM
   MBAMShlExt
     HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.70.0.0
     c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll
     2/28/2013 3:39 PM

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers
   Advanced SystemCare
     HKCR\CLSID\{2803063F-4B8D-4dc6-8874-D1802487FE2D}
     ASCExtMenu Module
     IObit
     7.0.5.5
     c:\program files (x86)\iobit\advanced systemcare ultimate 7\ascextmenu_64.dll
     11/25/2013 9:56 PM
   UnLockerMenu
     HKCR\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538}
     IObitUnlockerExtension
     IObit
     1.2.0.2
     c:\program files (x86)\iobit\iobit uninstaller\uninstallmenuright64.dll
     10/22/2013 1:48 AM

HKLM\Software\Wow6432Node\Classes\Directory\ShellEx\ContextMenuHandlers
   7-Zip
     HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000}
     7-Zip Shell Extension
     Igor Pavlov
     4.65.0.0
     c:\program files (x86)\7-zip\7-zip.dll
     2/3/2009 2:09 AM

HKLM\Software\Wow6432Node\Classes\Directory\Shellex\DragDropHandlers
   7-Zip
     HKCR\CLSID\{23170F69-40C1-278A-1000-000100020000}
     7-Zip Shell Extension
     Igor Pavlov
     4.65.0.0
     c:\program files (x86)\7-zip\7-zip.dll
     2/3/2009 2:09 AM

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers
   NvCplDesktopContext
     HKCR\CLSID\{3D1975AF-48C6-4f8e-A182-BE0E08FA86A9}
     NVIDIA Display Shell Extension
     NVIDIA Corporation
     1.2.0.1
     c:\windows\system32\nvshext.dll
     12/19/2013 1:38 PM

HKLM\Software\Wow6432Node\Classes\Folder\Shellex\ColumnHandlers
   PDF Shell Extension
     HKCR\CLSID\{F9DB5320-233E-11D1-9F84-707F02C10627}
     PDF Shell Extension
     Adobe Systems, Inc.
     9.5.5.316
     c:\program files (x86)\common files\adobe\acrobat\activex\pdfshell.dll
     5/8/2013 5:17 AM

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers
   MBAMShlExt
     HKCR\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3}
     Malwarebytes Anti-Malware
     Malwarebytes Corporation
     1.70.0.0
     c:\program files (x86)\malwarebytes' anti-malware\mbamext.dll
     2/28/2013 3:39 PM
   UnLockerMenu
     HKCR\CLSID\{A6FF0E3A-8437-482C-8E04-4F9E15C57538}
     IObitUnlockerExtension
     IObit
     1.2.0.2
     c:\program files (x86)\iobit\iobit uninstaller\uninstallmenuright64.dll
     10/22/2013 1:48 AM

HKLM\Software\Microsoft\Internet Explorer\Toolbar
   Google Toolbar
     HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
     Google Toolbar
     Google Inc.
     7.5.4805.320
     c:\program files (x86)\google\google toolbar\googletoolbar_64.dll
     12/4/2013 10:35 PM

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar
   Google Toolbar
     HKCR\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F}
     Google Toolbar
     Google Inc.
     7.5.4805.320
     c:\program files (x86)\google\google toolbar\googletoolbar_32.dll
     12/4/2013 10:47 PM

HKLM\Software\Microsoft\Internet Explorer\Extensions
   Skype Click to Call
     C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
     Skype Click to Call for Internet Explorer
     Skype Technologies S.A.
     6.9.0.12585
     c:\program files (x86)\skype\toolbars\internet explorer x64\skypeieplugin.dll
     5/14/2013 8:18 AM

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Extensions
   Skype Click to Call
     C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
     Skype Click to Call for Internet Explorer
     Skype Technologies S.A.
     6.9.0.12585
     c:\program files (x86)\skype\toolbars\internet explorer\skypeieplugin.dll
     5/14/2013 8:25 AM

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     C:\Windows\System32\l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.401
     c:\windows\system32\l3codeca.acm
     7/13/2009 8:28 PM
   VIDC.XFR1
     xfcodec64.dll
     Xfire Video Codec
     1.0.0.45853
     c:\windows\system32\xfcodec64.dll
     10/23/2012 10:25 PM
   VIDC.RTV1
     rtvcvfw64.dll
     c:\windows\system32\rtvcvfw64.dll
     9/28/2012 2:45 PM

HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Drivers32
   msacm.l3acm
     C:\Windows\SysWOW64\l3codeca.acm
     MPEG Layer-3 Audio Codec for MSACM
     Fraunhofer Institut Integrierte Schaltungen IIS
     1.9.0.401
     c:\windows\syswow64\l3codeca.acm
     7/13/2009 8:06 PM
   vidc.cvid
     iccvid.dll
     Cinepakr Codec
     Radius Inc.
     1.10.0.13
     c:\windows\syswow64\iccvid.dll
     11/20/2010 6:59 AM
   VIDC.RTV1
     rtvcvfw32.dll
     c:\windows\syswow64\rtvcvfw32.dll
     9/28/2012 2:45 PM
 

Link to post
Share on other sites

Okay what's with this site saying I'm posting to quickly!

 

Last

 

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Richard Suarez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\65M1WR9Y will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Richard Suarez\AppData\Local\Mozilla\Firefox\Profiles\jdxmqo7a.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=19 folders=4 66620789 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Richard Suarez\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\RICHAR~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Richard Suarez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\65M1WR9Y" not found
"C:\Users\Richard Suarez\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\HPDNDAVK\nudes11.hegre-art.com"  not found

==== EOF on Sat 01/18/2014 at  6:36:18.46 ======================
 

Link to post
Share on other sites

Before running Zoek make sure all Browsers are closed and Security is turned OFF. Check at the following link: http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Run Zoek one more time (accept UAC) The following window will open:


Zoekb.jpg


Copy and paste the following script from the code box and paste into the field.


autoclean;firefoxlook;FFdefaults;Chromelook;CHRdefaults;


Select the "Run Script" tab. The following window will open:



Zoekc.jpg



Please be patient and do not use the PC when the scan is in progress.

When complete you maybe asked to re-boot your PC, if so please do

Zoekf.jpg

 

Post the produced log in your next reply…..

 

Next,

 

Run Malwarebytes,  Open > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Full scan

Make sure that everything is checked, and click Remove Selected on any found items.

Post the produced log in your next reply, let me know if any remaining issues or concerns

 

Kevin

Link to post
Share on other sites

Here is the Log. Will be running Malwarebytes next.

 

Zoek.exe v5.0.0.0 Updated 18-Januari-2014
Tool run by Richard Suarez on Sat 01/18/2014 at  9:02:36.57.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Downloads\Zoek\zoek.exe [scan all users] [script inserted]

==== Older Logs ======================

C:\zoek-results2014-01-18-113618.log    82938 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-385045414-941568273-1611141777-1000\Software\Microsoft\Internet Explorer\SearchScopes\{88F94B64-C7C5-49AD-A112-8484291462AD} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Richard Suarez\AppData\Roaming\Mozilla\Firefox\Profiles\jdxmqo7a.default\prefs.js:
user_pref("browser.startup.homepage", "http://search.yahoo.com/?type=714647&fr=spigot-yhp-ff");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=714647&p=");

Added to C:\Users\Richard Suarez\AppData\Roaming\Mozilla\Firefox\Profiles\jdxmqo7a.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Richard Suarez\AppData\Roaming\Mozilla\Firefox\Profiles\jdxmqo7a.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20140118_0909_.backup

==== Deleting Files \ Folders ======================

C:\ProgramData\ProductData deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Richard Suarez\AppData\Roaming\Mozilla\Firefox\Profiles\jdxmqo7a.default
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\ascsurfingprotection@iobit.com
- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
- Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Download Statusbar - %ProfilePath%\extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Richard Suarez\AppData\Roaming\Mozilla\Firefox\Profiles\jdxmqo7a.default
C36444D7301A8C881FC7296B092609C7    - C:\Users\Richard Suarez\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll -    Google Update
EE8D96E7899D12FC3AA5DB2034C0853C    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_152.dll -    Shockwave Flash
68BCBB241EF254BC5100D9E6C06ECC71    - C:\Users\Richard Suarez\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll -    Google Talk Plugin Video Accelerator
99FE6AFE80EB7FE3EEB75DC504A326A3    - C:\Users\Richard Suarez\AppData\Roaming\Mozilla\plugins\npo1d.dll -    Google Talk Plugin Video Renderer
AF42019A3B0EDBFA6878F75B9377A792    - C:\Users\Richard Suarez\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -    Google Talk Plugin
C899B98999270821EDFFA56044DE2377    - C:\Users\Richard Suarez\AppData\Roaming\raidcall\plugins\nprcplugin.dll -    Raidcall plugin
D02ED3C972BBF10890CA2A586F2C0762    - C:\Users\Richard Suarez\AppData\LocalLow\Sony Online Entertainment\npsoe.dll -    SOE Web Installer
79BB0C72FD89D855561838E895EDCFFE    - C:\Users\Richard Suarez\AppData\LocalLow\Sony Online Entertainment\npsoeact.dll -    SOE Web Installer


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[05/14/2013 12:27 PM]
nfengeggddojhakldhlpjdlddgkkjkdd - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePlugin.crx[10/12/2013 01:04 PM]

Google Docs - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Skype for Chromium - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Advanced SystemCare Surfing Protection - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Google Wallet - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.yahoo.com/?type=714647&fr=spigot-yhp-ie"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{88F94B64-C7C5-49AD-A112-8484291462AD}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACEW_enUS406"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{88F94B64-C7C5-49AD-A112-8484291462AD} Yahoo  Url="http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=714647&p={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Richard Suarez\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Richard Suarez\AppData\Local\Mozilla\Firefox\Profiles\jdxmqo7a.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Richard Suarez\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=20 folders=4 66647836 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Richard Suarez\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\RICHAR~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Sat 01/18/2014 at  9:16:05.85 ======================
 

Link to post
Share on other sites

Here is the Malwarebytes Log it didn't find anything. Except saying one of my game patcher files is a trojan which it isn't. Still having the same problem.

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.01.15.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16750
Richard Suarez :: TIA [administrator]

1/18/2014 9:23:11 AM
mbam-log-2014-01-18 (09-23-11).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 619449
Time elapsed: 3 hour(s), 10 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Perfect World Vendetta\patcher\patcher.exe (Trojan.USteal) -> Quarantined and deleted successfully.

(end)
 

Link to post
Share on other sites

If spiggot has returned even after Zoek has reset homepages for Chrome and Firefox maybe best option is to manually do resets

 

Firefox  -  https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems

 

Chrome - https://support.google.com/chrome/answer/3296214?hl=en

 

Does that get rid of spiggot issue?

Link to post
Share on other sites

Found the last problem, it was my Advanced System Care Ultimate. It has home page protection, had to turn all of them off and then replace the Yahoo/Spigot default with Google then apply then turn back on the protections. It seems to be gone completely now. I have opened all 3 of the browsers and no Spigot :)

Link to post
Share on other sites

Excellent, just what we like to hear. What is system status now, any remaining issues or concerns. If none we clean up as follows:

 

Download "Delfix by Xplode" and save it to your desktop.

 

Double Click to start the program. If you are using Vista or higher, please right-click and choose run as administrator

 

Make Sure the following items are checked:

 


  •    
  • Remove disinfection tools

 

Now click on "Run" and wait patiently until the tool has completed.

 

The tool will create a log when it has completed. We don't need you to post this.

 

Also navigate to and delete C:\zoek_backup folder (if present)

 

Thank you,

 

Kevin....

Link to post
Share on other sites

  • Staff

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.