Jump to content

Recommended Posts

I need help!  I am on my son's computer and its a MESS.  I found many many many malware files of which I deleted except for the registry files. Just not sure if they are safe to delete.  Here is the log.  Thanks in advance!!!

 

 
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.20.04
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16521
Aidan :: AIDAN-PC [administrator]
 
3/20/2014 5:05:16 PM
log 2.txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 218788
Time elapsed: 4 minute(s), 33 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 105
HKCR\AppID\{A2773ED4-83BD-488A-A186-73590706C916} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> No action taken.
HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta.A) -> No action taken.
HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta.A) -> No action taken.
HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\esrv.deltaESrvc (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{2C141B4C-B5BA-4E89-BE73-F71ED4A208CF} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\mixidj.mixidjappCore.1 (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\mixidj.mixidjappCore (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> No action taken.
HKCR\IESmartBar.BHO (PUP.Optional.QuickShare.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0} (PUP.Optional.QuickShare.A) -> No action taken.
HKCR\CLSID\{44ed99e2-16a6-4b89-80d6-5b21cf42e78b} (PUP.Optional.Radsteroids.A) -> No action taken.
HKCR\TypeLib\{781ca792-9b6e-400b-b36f-15c097d2ca54} (PUP.Optional.Radsteroids.A) -> No action taken.
HKCR\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85} (PUP.Optional.Radsteroids.A) -> No action taken.
HKCR\DynConIE.DynConIEObject.1 (PUP.Optional.Radsteroids.A) -> No action taken.
HKCR\DynConIE.DynConIEObject (PUP.Optional.Radsteroids.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.Radsteroids.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.Radsteroids.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B} (PUP.Optional.Radsteroids.A) -> No action taken.
HKCR\CLSID\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\mixidj.mixidjHlpr.1 (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\mixidj.mixidjHlpr (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D6A9BBF-402C-4301-B1EF-28D04F71D761} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\CLSID\{7D0EE142-0642-4FDD-AF73-7399C04E1041} (PUP.Optional.Delta.A) -> No action taken.
HKCR\esrv.mixidjESrvc.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\esrv.mixidjESrvc (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3} (PUP.Optional.WebCake.A) -> No action taken.
HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\delta.deltaHlpr (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{C3F978C3-0594-4397-B8E6-3F9D9BE6A7B9} (PUP.Optional.Delta.A) -> No action taken.
HKCR\escort.escortIEPane.1 (PUP.Optional.Delta.A) -> No action taken.
HKCR\escort.escortIEPane (PUP.Optional.Delta.A) -> No action taken.
HKCR\CLSID\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\mixidj.mixidjdskBnd.1 (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\mixidj.mixidjdskBnd (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCR\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> No action taken.
HKCR\TypeLib\{B12920CF-BE13-4C09-890D-1B6EFFFE2FBE} (PUP.Optional.WeCare.A) -> No action taken.
HKCR\Interface\{F773BB94-6C19-4643-A570-0E429103D1C3} (PUP.Optional.WeCare.A) -> No action taken.
HKCR\IEHelperv250.WeCareReminder.1 (PUP.Optional.WeCare.A) -> No action taken.
HKCR\IEHelperv250.WeCareReminder (PUP.Optional.WeCare.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} (PUP.Optional.WeCare.A) -> No action taken.
HKCR\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} (PUP.Optional.DynConIE.A) -> No action taken.
HKCR\CLSID\{F9221CC8-22DF-4CEF-B8ED-BA87F1F09878} (PUP.Optional.Delta.A) -> No action taken.
HKCR\m (PUP.Optional.Delta.A) -> No action taken.
HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> No action taken.
HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> No action taken.
HKCR\Typelib\{8BA772A8-AC4F-4954-9B5E-433CA6DC506F} (PUP.Optional.Delta.A) -> No action taken.
HKCR\Interface\{108F5878-71F9-4B5C-9EC0-58CEC29E8124} (PUP.Optional.Delta.A) -> No action taken.
HKCR\Typelib\{DCABB943-792E-44C4-9029-ECBEE6265AF9} (PUP.Optional.OutBrowse) -> No action taken.
HKCR\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534} (PUP.Optional.OutBrowse) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A105B30B-D103-4781-B18C-E8DF93B6EBD0} (PUP.Optional.MixiDJ.A) -> No action taken.
HKCR\WebCakeIEClient.Api (PUP.Optional.WebCake.A) -> No action taken.
HKCR\WebCakeIEClient.Api.1 (PUP.Optional.WebCake.A) -> No action taken.
HKCR\WebCakeIEClient.Layers (PUP.Optional.WebCake.A) -> No action taken.
HKCR\WebCakeIEClient.Layers.1 (PUP.Optional.WebCake.A) -> No action taken.
HKCR\AppID\WebCakeIEClient.DLL (PUP.Optional.WebCake.A) -> No action taken.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\SOFTWARE\GorillaPrice (PUP.Optional.GorillaPrice.A) -> No action taken.
HKCU\SOFTWARE\SmartbarBackup (PUP.Optional.SmartBar) -> No action taken.
HKCU\SOFTWARE\SmartbarLog (PUP.Optional.SmartBar) -> No action taken.
HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta.A) -> No action taken.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> No action taken.
HKCU\Software\AppDataLow\Software\GorillaPrice (PUP.Optional.GorillaPrice.A) -> No action taken.
HKCU\Software\AppDataLow\Software\MixiDJ_V48 (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> No action taken.
HKCU\Software\Conduit\ValueApps (PUP.Optional.ValueApps.A) -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> No action taken.
HKCU\SOFTWARE\SEARCHPROTECTINT (PUP.Optional.SearchProtect.A) -> No action taken.
HKCU\Software\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> No action taken.
HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> No action taken.
HKLM\SOFTWARE\MixiDJ_V48 (PUP.Optional.MixiDJ.A) -> No action taken.
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
HKLM\SOFTWARE\Classes\AppID\DynConIE.DLL (PUP.Optional.DynConIE.A) -> No action taken.
HKLM\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\boipimhfjpakfgckhbljjengakjhkcbp (PUP.Optional.Babylon.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh (PUP.Optional.WebCake.A) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb (PUP.Optional.MultiIE) -> No action taken.
HKLM\SOFTWARE\Google\Chrome\Extensions\kpepfkjapeclaafmhoelccknpfedainn (PUP.Optional.MixiDJToolbar.A) -> No action taken.
HKLM\SOFTWARE\mixidj\mixidj (PUP.Optional.MixiDJ.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\WatGorp (PUP.Optional.GorillaPrice) -> No action taken.
HKLM\Software\InstallIQ (PUP.Optional.InstallBrain.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5a7ee71d-d6f2-420d-b213-a2170dfe2d70} (PUP.Optional.MixiDJ.A) -> No action taken.
HKCR\CLSID\{5a7ee71d-d6f2-420d-b213-a2170dfe2d70} (PUP.Optional.MixiDJ.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{5A7EE71D-D6F2-420D-B213-A2170DFE2D70} (PUP.Optional.MixiDJ.A) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5A7EE71D-D6F2-420D-B213-A2170DFE2D70} (PUP.Optional.MixiDJ.A) -> No action taken.
 
Registry Values Detected: 15
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: Delta Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> Data: MixiDJ Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CA9B9C89-4662-4ADC-9C23-A452BECD5D19} (PUP.Optional.MixiDJToolbar.A) -> Data:  -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data:  -> No action taken.
HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta.A) -> Data:  -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data:  -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|GorillaPrice (PUP.Optional.GorillaPrice) -> Data: "C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe" -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BackgroundContainer (PUP.Optional.Conduit) -> Data: "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Aidan\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun -> No action taken.
HKCU\Software\Delta\delta|lastB (PUP.Optional.Delta.A) -> Data: http://search.babylon.com/?affID=122354&babsrc=HP_ss_din2g&mntrId=008EE006E683AB58 -> No action taken.
HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Browser Infrastructure Helper (PUP.Optional.SmartBar.A) -> Data: C:\Users\Aidan\AppData\Local\Smartbar\Application\QuickShare.exe startup -> No action taken.
HKCU\Software\SearchProtectINT|Install (PUP.Optional.SearchProtect.A) -> Data: 1 -> No action taken.
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: 1_di_au_g_s_us_win7_ch_0_0000-0000 -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{5A7EE71D-D6F2-420D-B213-A2170DFE2D70} (PUP.Optional.MixiDJ.A) -> Data: MixiDJ V48 Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{5A7EE71D-D6F2-420D-B213-A2170DFE2D70} (PUP.Optional.MixiDJ.A) -> Data:  -> No action taken.
 
Registry Data Items Detected: 5
 
Folders Detected: 1
C:\Users\Aidan\AppData\Local\Smartbar (PUP.Optional.SmartBar.A) -> No action taken.
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

Hi Marius!  Thank you so much for your reply!  I followed your directions and here is the log files.    The TDSSKiller didn't come up with any malicious objects.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Aidan (administrator) on AIDAN-PC on 20-03-2014 18:26:20
Running from C:\Users\Aidan\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link for 32-Bit version:
Download link for 64-Bit Version:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnWMI.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Aidan\Downloads\FRST64 (1).exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2785064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [AmIcoSinglun64] - C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [synAsusAcpi] - C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [97064 2011-05-05] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2277480 2011-08-16] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-18] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [sonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [318080 2011-12-22] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-18] (ASUS)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-05-09] (AVAST Software)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ApnUpdater] - "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [CanonSolutionMenuEx] - C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
HKLM-x32\...\Run: [iJNetworkScannerSelectorEX] - C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
HKLM-x32\...\Run: [GorillaPrice] - "C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe"
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - "C:\Users\Aidan\Downloads\hamachi-2-ui.exe" --auto-start
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3181337361-2832405674-1167566727-1000\...\Run: [skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3181337361-2832405674-1167566727-1000\...\Run: [GorillaPrice] - "C:\Program Files (x86)\GorillaPrice\GorillaPrice.exe"
HKU\S-1-5-21-3181337361-2832405674-1167566727-1000\...\Run: [Open Download Manager] - C:\Program Files (x86)\OpenDownloaderManager\odm.exe -autorun
HKU\S-1-5-21-3181337361-2832405674-1167566727-1000\...\Run: [backgroundContainer] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Aidan\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <===== ATTENTION
HKU\S-1-5-21-3181337361-2832405674-1167566727-1000\...\Run: [browserSafeguard] - "C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe"
HKU\S-1-5-21-3181337361-2832405674-1167566727-1000\...\Run: [browser Infrastructure Helper] - C:\Users\Aidan\AppData\Local\Smartbar\Application\QuickShare.exe startup
HKU\S-1-5-21-3181337361-2832405674-1167566727-1000\...\Run: [sUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-06] (SUPERAntiSpyware)
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
Startup: C:\Users\Aidan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = 
URLSearchHook: HKLM-x32 - MixiDJ V48 Toolbar - {5a7ee71d-d6f2-420d-b213-a2170dfe2d70} - C:\Program Files (x86)\MixiDJ_V48\prxtbMixi.dll No File
SearchScopes: HKLM-x32 - DefaultScope {C814C390-E0F3-4B60-9575-C98CE5AF7EDE} URL = 
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
BHO: avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120217234729.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Tube Dimmer - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\TubeDimmer\IE\common.dll No File
BHO-x32: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll No File
BHO-x32: MixiDJ V48 Toolbar - {5a7ee71d-d6f2-420d-b213-a2170dfe2d70} - C:\Program Files (x86)\MixiDJ_V48\prxtbMixi.dll No File
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120217234729.dll No File
BHO-x32: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: WeCareReminder Class - {D824F0DE-3D60-4F57-9EB1-66033ECD8ABB} - C:\ProgramData\WeCareReminder\IEHelperv2.5.0.dll No File
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll No File
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - MixiDJ V48 Toolbar - {5a7ee71d-d6f2-420d-b213-a2170dfe2d70} - C:\Program Files (x86)\MixiDJ_V48\prxtbMixi.dll No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter-x32: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} -  No File
 
Chrome: 
=======
CHR Extension: (Ask Toolbar) - C:\Users\Aidan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo [2013-12-15]
CHR Extension: (Yahoo! Toolbar for Chrome) - C:\Users\Aidan\AppData\Local\Google\Chrome\User Data\Default\Extensions\eihhgekonheiliaidomffpplfhecmkag [2013-12-15]
CHR Extension: (MixiDJ V48) - C:\Users\Aidan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdohfoobcodjjkpmogkjifipaocmihom [2013-12-15]
CHR Extension: (Google Wallet) - C:\Users\Aidan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-08]
CHR HKCU\...\Chrome\Extension: [kdohfoobcodjjkpmogkjifipaocmihom] - C:\Users\Aidan\AppData\Local\CRE\kdohfoobcodjjkpmogkjifipaocmihom.crx [2013-11-14]
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Aidan\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [2012-12-10]
CHR HKLM-x32\...\Chrome\Extension: [boipimhfjpakfgckhbljjengakjhkcbp] - C:\Users\Aidan\AppData\Roaming\BabSolution\CR\mixiDj.crx [2012-12-10]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Aidan\AppData\Roaming\BabSolution\CR\Delta.crx [2012-12-10]
CHR HKLM-x32\...\Chrome\Extension: [fjoijdanhaiflhibkljeklcghcmmfffh] - C:\Program Files (x86)\WebCake\WebCakeLayers.crx [2012-12-10]
CHR HKLM-x32\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\TubeDimmer\Chrome\common.crx [2012-12-10]
CHR HKLM-x32\...\Chrome\Extension: [kdohfoobcodjjkpmogkjifipaocmihom] - C:\Users\Aidan\AppData\Local\CRE\kdohfoobcodjjkpmogkjifipaocmihom.crx [2013-11-14]
CHR HKLM-x32\...\Chrome\Extension: [kpepfkjapeclaafmhoelccknpfedainn] - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx [2013-11-14]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2013-11-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 AFBAgent; C:\Windows\SysWOW64\FBAgent.exe [0 2014-02-05] ()
R2 ASUS InstantOn; C:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exe [277120 2012-02-16] (ASUS)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-05-09] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-05-09] (AVAST Software)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [38440 2013-09-19] (Just Develop It)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [335168 2013-04-25] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 Spooler; C:\Windows\SysWOW64\spoolsv.exe [0 2014-02-05] ()
S2 Hamachi2Svc; C:\Users\Aidan\Downloads\hamachi-2.exe -s [X]
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]
S2 WatGorp; C:\ProgramData\GorillaPrice\WatGorp.exe -service [X]
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-05-09] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-05-09] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-05-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-05-09] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12368 2012-09-21] (ALWIL Software)
R0 aswNdis2; C:\Windows\System32\Drivers\aswNdis2.sys [270824 2013-05-09] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-05-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-05-09] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-06-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-06-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [189936 2013-06-30] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 igaiveka; \??\C:\Windows\system32\drivers\igaiveka.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-20 18:26 - 2014-03-20 18:26 - 00021281 _____ () C:\Users\Aidan\Downloads\FRST.txt
2014-03-20 18:25 - 2014-03-20 18:26 - 00000000 ____D () C:\FRST
2014-03-20 18:25 - 2014-03-20 18:25 - 02157056 _____ (Farbar) C:\Users\Aidan\Downloads\FRST64 (1).exe
2014-03-20 18:24 - 2014-03-20 18:24 - 01145856 _____ (Farbar) C:\Users\Aidan\Downloads\FRST.exe
2014-03-20 18:23 - 2014-03-20 18:23 - 02157056 _____ (Farbar) C:\Users\Aidan\Downloads\FRST64.exe
2014-03-20 14:30 - 2014-03-20 14:30 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-03-20 14:30 - 2014-03-20 14:30 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\SUPERAntiSpyware.com
2014-03-20 14:30 - 2014-03-20 14:30 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-20 14:30 - 2014-03-20 14:30 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-03-20 14:29 - 2014-03-20 14:29 - 18386552 _____ (SUPERAntiSpyware) C:\Users\Aidan\Downloads\SUPERAntiSpyware.exe
2014-03-20 14:28 - 2014-03-20 14:28 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\LavasoftStatistics
2014-03-20 14:26 - 2014-03-20 14:26 - 01727624 _____ () C:\Users\Aidan\Downloads\Adaware_Installer.exe
2014-03-20 14:26 - 2014-03-20 14:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-20 14:14 - 2014-03-20 14:14 - 05154304 _____ () C:\Users\Aidan\Downloads\WindowsDefender.msi
2014-03-20 14:08 - 2014-03-20 14:08 - 26437344 _____ (Microsoft Corporation) C:\Users\Aidan\Downloads\Windows-KB890830-x64-V5.10.exe
2014-03-20 14:00 - 2014-03-20 14:00 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-20 14:00 - 2014-03-20 14:00 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\Malwarebytes
2014-03-20 13:59 - 2014-03-20 13:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Aidan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-20 13:37 - 2014-03-20 13:37 - 00000000 _____ () C:\Windows\SysWOW64\wuauclt.exe
2014-03-20 13:34 - 2014-03-20 13:34 - 00000010 _____ () C:\Users\Aidan\AppData\Local\sponge.last.runtime.cache
2014-03-20 13:24 - 2014-03-20 13:24 - 02049128 _____ (Trend Micro Inc.) C:\Users\Aidan\Downloads\HousecallLauncher.exe
2014-03-20 13:24 - 2014-03-20 13:24 - 02049128 _____ (Trend Micro Inc.) C:\Users\Aidan\Downloads\HousecallLauncher (1).exe
2014-03-20 13:18 - 2014-03-20 13:18 - 10096216 _____ () C:\Users\Aidan\Downloads\slmx-win-1_4_1-ea23_2.exe
2014-03-20 13:15 - 2014-03-20 13:16 - 60337752 _____ () C:\Users\Aidan\Downloads\eppx-win-4_1_6-en.exe
2014-03-20 13:13 - 2014-03-20 13:13 - 15900248 _____ () C:\Users\Aidan\Downloads\ewpx-win-1_4_1-ea23 (3).exe
2014-03-20 13:11 - 2014-03-20 13:11 - 09649736 _____ () C:\Users\Aidan\Downloads\qm__-win-2_3_0-ea31_2.exe
2014-03-20 13:10 - 2014-03-20 13:22 - 00000000 ____D () C:\Program Files\Canon
2014-03-20 13:10 - 2014-03-20 13:10 - 00001806 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-03-20 13:09 - 2014-03-20 13:09 - 05529160 _____ () C:\Users\Aidan\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-03-20 13:09 - 2014-03-20 13:09 - 00000000 ____D () C:\ProgramData\MyPrinter_1
2014-03-20 13:00 - 2014-03-20 13:00 - 15900248 _____ () C:\Users\Aidan\Downloads\ewpx-win-1_4_1-ea23 (1).exe
2014-03-20 12:57 - 2014-03-20 14:53 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-03-20 12:56 - 2014-03-20 12:57 - 15900248 _____ () C:\Users\Aidan\Downloads\ewpx-win-1_4_1-ea23.exe
2014-03-19 22:15 - 2014-03-19 22:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-19 22:13 - 2014-03-19 22:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-19 22:12 - 2014-03-19 22:12 - 00000000 __RHD () C:\MSOCache
2014-03-19 22:08 - 2014-03-19 22:08 - 00587776 _____ (e-academy Inc.) C:\Users\Aidan\Downloads\Microsoft_Office_Professional_Plus_2010w-SP1_32bit_(English) (2).exe
2014-03-19 22:00 - 2014-03-19 22:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-19 22:00 - 2014-03-19 22:00 - 00000000 ____D () C:\Users\Aidan\AppData\Local\Microsoft Help
2014-03-19 21:47 - 2014-03-19 21:55 - 00000000 ____D () C:\Program%20Files
2014-03-19 21:46 - 2014-03-19 21:46 - 00587776 _____ (e-academy Inc.) C:\Users\Aidan\Downloads\Microsoft_Office_Professional_Plus_2010w-SP1_32bit_(English) (1).exe
2014-03-19 21:44 - 2014-03-19 21:44 - 00587776 _____ (e-academy Inc.) C:\Users\Aidan\Downloads\Microsoft_Office_Professional_Plus_2010w-SP1_32bit_(English).exe
2014-03-19 21:20 - 2014-03-20 16:46 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\SoftGrid Client
2014-03-15 20:58 - 2014-03-15 20:58 - 00000000 _____ () C:\Windows\SysWOW64\shoB5.tmp
2014-03-14 21:47 - 2014-03-14 21:47 - 00000000 ____D () C:\Users\Aidan\Desktop\Save I am playing On
2014-03-11 15:27 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-11 15:27 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-11 15:27 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-11 15:27 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-11 15:27 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-11 15:27 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-11 15:27 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-11 15:27 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-11 15:27 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-11 15:27 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-11 15:27 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-11 15:27 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-11 15:27 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-11 15:27 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-11 15:27 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-11 15:27 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-11 15:27 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-11 15:27 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-11 15:27 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-11 15:27 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-11 15:27 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-11 15:27 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-11 15:27 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-11 15:27 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-11 15:27 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-11 15:27 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-11 15:27 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-11 15:27 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-11 15:27 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-11 15:27 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-11 15:27 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-11 15:27 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-11 15:27 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-11 15:27 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-11 15:27 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-11 15:27 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-11 15:27 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-11 15:27 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-11 15:27 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-11 15:27 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-11 15:27 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-11 15:27 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-11 15:27 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-11 15:27 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-11 15:27 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-11 15:27 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-11 15:27 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-11 15:27 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-09 13:28 - 2011-01-26 23:37 - 00451072 _____ (Microsoft Corporation) C:\Users\Aidan\Desktop\EEScreen.exe
2014-03-09 11:47 - 2014-03-14 21:50 - 00000000 ____D () C:\Users\Aidan\Downloads\AgrarianSkiesHQ
2014-03-08 19:21 - 2014-03-08 19:21 - 00000000 ____D () C:\Users\Aidan\AppData\Local\IsolatedStorage
2014-03-08 18:02 - 2014-03-08 18:02 - 00000000 ____D () C:\Users\Aidan\Documents\Expression
2014-03-04 16:27 - 2014-03-04 16:28 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-03-04 16:25 - 2014-03-04 16:25 - 25279344 _____ (Microsoft Corporation) C:\Users\Aidan\Downloads\Encoder_en.exe
2014-03-04 16:17 - 2014-03-04 16:17 - 00000000 ____D () C:\Users\Aidan\Documents\Custom Production Presets 8.0
2014-03-03 17:53 - 2014-03-03 17:53 - 00000000 ____D () C:\Users\Aidan\AppData\Local\CrashDumps
2014-03-03 16:12 - 2014-03-03 16:12 - 02269863 _____ () C:\Users\Aidan\Downloads\forge-1.6.4-9.11.1.965-installer.jar
2014-03-03 15:55 - 2014-03-03 15:55 - 02206698 _____ () C:\Users\Aidan\Downloads\minecraftforge-installer-1.6.4-9.11.0.883.jar
2014-03-03 15:47 - 2014-03-03 15:50 - 211632982 _____ () C:\Users\Aidan\Desktop\Pixelmon 3.0.2.zip
2014-03-01 21:29 - 2014-03-01 21:29 - 00000000 ____D () C:\Users\Aidan\Documents\Elder Scrolls Online
2014-03-01 21:29 - 2014-03-01 21:29 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-03-01 12:28 - 2014-03-01 12:29 - 00762005 _____ () C:\Users\Aidan\Desktop\extrautils-1.0.2.zip
2014-03-01 11:28 - 2014-03-01 11:28 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\WinRAR
2014-03-01 11:22 - 2014-03-01 11:28 - 00421042 _____ () C:\Users\Aidan\Downloads\OptiFine_1.6.4_HD_U_C6.jar
2014-03-01 10:36 - 2014-03-01 10:36 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\Macromedia
2014-03-01 10:25 - 2014-03-20 16:47 - 00400962 _____ () C:\Windows\PFRO.log
2014-03-01 10:25 - 2014-03-20 16:47 - 00002968 _____ () C:\Windows\setupact.log
2014-03-01 10:25 - 2014-03-01 10:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-28 21:23 - 2014-03-20 16:50 - 00000387 _____ () C:\Users\Aidan\AppData\Roaming\sp_data.sys
2014-02-28 21:12 - 2014-02-28 21:14 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-02-28 21:12 - 2014-02-28 21:12 - 55903624 _____ ( ) C:\Users\Aidan\Downloads\Install_ESO_Beta.exe
2014-02-28 21:12 - 2014-02-28 21:12 - 00001405 _____ () C:\Users\Aidan\Desktop\The Elder Scrolls Online Beta.lnk
2014-02-28 20:30 - 2014-02-28 20:30 - 00000000 _____ () C:\Windows\SysWOW64\sho840B.tmp
2014-02-28 20:16 - 2014-02-28 20:16 - 00000000 ____D () C:\Windows\5303CFB5D63544F0A94B9611E81F07C4.TMP
2014-02-28 19:52 - 2014-02-28 19:52 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-28 19:52 - 2014-02-28 19:52 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-28 19:52 - 2014-02-28 19:52 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-21 18:07 - 2014-03-03 20:21 - 00000000 ____D () C:\Users\Aidan\Desktop\At Launcher
 
==================== One Month Modified Files and Folders =======
 
2014-03-20 18:26 - 2014-03-20 18:26 - 00021281 _____ () C:\Users\Aidan\Downloads\FRST.txt
2014-03-20 18:26 - 2014-03-20 18:25 - 00000000 ____D () C:\FRST
2014-03-20 18:26 - 2013-01-30 23:06 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\Skype
2014-03-20 18:25 - 2014-03-20 18:25 - 02157056 _____ (Farbar) C:\Users\Aidan\Downloads\FRST64 (1).exe
2014-03-20 18:24 - 2014-03-20 18:24 - 01145856 _____ (Farbar) C:\Users\Aidan\Downloads\FRST.exe
2014-03-20 18:23 - 2014-03-20 18:23 - 02157056 _____ (Farbar) C:\Users\Aidan\Downloads\FRST64.exe
2014-03-20 17:29 - 2012-02-18 03:37 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-20 16:57 - 2014-02-14 21:06 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\Dropbox
2014-03-20 16:57 - 2012-12-26 01:09 - 00000000 ___RD () C:\Users\Aidan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-20 16:55 - 2009-07-14 00:45 - 00023040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-20 16:55 - 2009-07-14 00:45 - 00023040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-20 16:51 - 2013-11-09 15:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-20 16:51 - 2012-06-08 22:04 - 01120256 _____ () C:\Windows\WindowsUpdate.log
2014-03-20 16:50 - 2014-02-28 21:23 - 00000387 _____ () C:\Users\Aidan\AppData\Roaming\sp_data.sys
2014-03-20 16:50 - 2012-06-08 22:13 - 00002454 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-03-20 16:50 - 2012-06-08 22:13 - 00001655 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-20 16:49 - 2014-02-14 21:07 - 00000000 ___RD () C:\Users\Aidan\Dropbox
2014-03-20 16:48 - 2012-12-26 01:07 - 00000000 ___HD () C:\ASUS.DAT
2014-03-20 16:48 - 2012-02-18 03:37 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-20 16:47 - 2014-03-01 10:25 - 00400962 _____ () C:\Windows\PFRO.log
2014-03-20 16:47 - 2014-03-01 10:25 - 00002968 _____ () C:\Windows\setupact.log
2014-03-20 16:47 - 2013-11-16 23:20 - 00000000 ____D () C:\Users\Aidan\AppData\Local\Smartbar
2014-03-20 16:47 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-20 16:47 - 2009-07-14 00:45 - 00268376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-20 16:46 - 2014-03-19 21:20 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\SoftGrid Client
2014-03-20 16:45 - 2013-11-16 23:23 - 00000000 ____D () C:\ProgramData\Systweak
2014-03-20 16:45 - 2013-11-16 23:21 - 00000000 ____D () C:\ProgramData\Conduit
2014-03-20 15:08 - 2013-12-02 22:35 - 00000000 ____D () C:\ProgramData\Updater
2014-03-20 14:53 - 2014-03-20 12:57 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-03-20 14:30 - 2014-03-20 14:30 - 00001810 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2014-03-20 14:30 - 2014-03-20 14:30 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\SUPERAntiSpyware.com
2014-03-20 14:30 - 2014-03-20 14:30 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2014-03-20 14:30 - 2014-03-20 14:30 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-03-20 14:29 - 2014-03-20 14:29 - 18386552 _____ (SUPERAntiSpyware) C:\Users\Aidan\Downloads\SUPERAntiSpyware.exe
2014-03-20 14:28 - 2014-03-20 14:28 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\LavasoftStatistics
2014-03-20 14:26 - 2014-03-20 14:26 - 01727624 _____ () C:\Users\Aidan\Downloads\Adaware_Installer.exe
2014-03-20 14:26 - 2014-03-20 14:26 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-03-20 14:14 - 2014-03-20 14:14 - 05154304 _____ () C:\Users\Aidan\Downloads\WindowsDefender.msi
2014-03-20 14:08 - 2014-03-20 14:08 - 26437344 _____ (Microsoft Corporation) C:\Users\Aidan\Downloads\Windows-KB890830-x64-V5.10.exe
2014-03-20 14:00 - 2014-03-20 14:00 - 00001115 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-20 14:00 - 2014-03-20 14:00 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\Malwarebytes
2014-03-20 14:00 - 2013-06-21 03:21 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-20 13:59 - 2014-03-20 13:59 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Aidan\Downloads\mbam-setup-1.75.0.1300.exe
2014-03-20 13:48 - 2014-02-05 10:53 - 00754110 _____ () C:\Users\Aidan\AppData\Local\census.cache
2014-03-20 13:48 - 2014-02-05 10:53 - 00100747 _____ () C:\Users\Aidan\AppData\Local\ars.cache
2014-03-20 13:37 - 2014-03-20 13:37 - 00000000 _____ () C:\Windows\SysWOW64\wuauclt.exe
2014-03-20 13:34 - 2014-03-20 13:34 - 00000010 _____ () C:\Users\Aidan\AppData\Local\sponge.last.runtime.cache
2014-03-20 13:24 - 2014-03-20 13:24 - 02049128 _____ (Trend Micro Inc.) C:\Users\Aidan\Downloads\HousecallLauncher.exe
2014-03-20 13:24 - 2014-03-20 13:24 - 02049128 _____ (Trend Micro Inc.) C:\Users\Aidan\Downloads\HousecallLauncher (1).exe
2014-03-20 13:22 - 2014-03-20 13:10 - 00000000 ____D () C:\Program Files\Canon
2014-03-20 13:18 - 2014-03-20 13:18 - 10096216 _____ () C:\Users\Aidan\Downloads\slmx-win-1_4_1-ea23_2.exe
2014-03-20 13:17 - 2009-07-14 01:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-03-20 13:16 - 2014-03-20 13:15 - 60337752 _____ () C:\Users\Aidan\Downloads\eppx-win-4_1_6-en.exe
2014-03-20 13:13 - 2014-03-20 13:13 - 15900248 _____ () C:\Users\Aidan\Downloads\ewpx-win-1_4_1-ea23 (3).exe
2014-03-20 13:12 - 2012-12-26 01:07 - 00058496 _____ () C:\Users\Aidan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-20 13:11 - 2014-03-20 13:11 - 09649736 _____ () C:\Users\Aidan\Downloads\qm__-win-2_3_0-ea31_2.exe
2014-03-20 13:11 - 2013-01-01 15:52 - 00000000 ____D () C:\ProgramData\CanonIJWSpt
2014-03-20 13:10 - 2014-03-20 13:10 - 00001806 _____ () C:\Users\Public\Desktop\Canon My Printer.lnk
2014-03-20 13:09 - 2014-03-20 13:09 - 05529160 _____ () C:\Users\Aidan\Downloads\mypr-win-3_2_0-ea11_2.exe
2014-03-20 13:09 - 2014-03-20 13:09 - 00000000 ____D () C:\ProgramData\MyPrinter_1
2014-03-20 13:02 - 2013-12-20 21:34 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-03-20 13:00 - 2014-03-20 13:00 - 15900248 _____ () C:\Users\Aidan\Downloads\ewpx-win-1_4_1-ea23 (1).exe
2014-03-20 12:57 - 2014-03-20 12:56 - 15900248 _____ () C:\Users\Aidan\Downloads\ewpx-win-1_4_1-ea23.exe
2014-03-19 22:21 - 2014-03-19 22:00 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-19 22:21 - 2012-02-18 03:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-03-19 22:21 - 2012-02-18 03:29 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-19 22:21 - 2009-07-14 03:45 - 00000000 ____D () C:\Windows\ShellNew
2014-03-19 22:21 - 2009-07-14 01:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-03-19 22:15 - 2014-03-19 22:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-03-19 22:15 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-19 22:14 - 2009-07-13 22:34 - 00000510 _____ () C:\Windows\win.ini
2014-03-19 22:13 - 2014-03-19 22:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-03-19 22:12 - 2014-03-19 22:12 - 00000000 __RHD () C:\MSOCache
2014-03-19 22:08 - 2014-03-19 22:08 - 00587776 _____ (e-academy Inc.) C:\Users\Aidan\Downloads\Microsoft_Office_Professional_Plus_2010w-SP1_32bit_(English) (2).exe
2014-03-19 22:00 - 2014-03-19 22:00 - 00000000 ____D () C:\Users\Aidan\AppData\Local\Microsoft Help
2014-03-19 21:55 - 2014-03-19 21:47 - 00000000 ____D () C:\Program%20Files
2014-03-19 21:46 - 2014-03-19 21:46 - 00587776 _____ (e-academy Inc.) C:\Users\Aidan\Downloads\Microsoft_Office_Professional_Plus_2010w-SP1_32bit_(English) (1).exe
2014-03-19 21:44 - 2014-03-19 21:44 - 00587776 _____ (e-academy Inc.) C:\Users\Aidan\Downloads\Microsoft_Office_Professional_Plus_2010w-SP1_32bit_(English).exe
2014-03-19 16:50 - 2014-02-17 18:30 - 00000000 ____D () C:\Users\Aidan\Downloads\authlib
2014-03-17 17:47 - 2012-12-26 02:06 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-16 15:37 - 2014-01-13 18:59 - 00000000 ____D () C:\Users\Aidan\Downloads\Direwolf20_1_6_4
2014-03-15 20:59 - 2013-03-15 16:30 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-15 20:59 - 2013-03-15 16:30 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-15 20:58 - 2014-03-15 20:58 - 00000000 _____ () C:\Windows\SysWOW64\shoB5.tmp
2014-03-15 17:06 - 2013-06-17 16:29 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\.minecraft
2014-03-14 21:50 - 2014-03-09 11:47 - 00000000 ____D () C:\Users\Aidan\Downloads\AgrarianSkiesHQ
2014-03-14 21:47 - 2014-03-14 21:47 - 00000000 ____D () C:\Users\Aidan\Desktop\Save I am playing On
2014-03-13 20:54 - 2009-07-14 01:13 - 00783424 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-10 17:45 - 2013-11-08 08:09 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\TS3Client
2014-03-09 20:43 - 2014-01-11 20:15 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\ftblauncher
2014-03-09 20:43 - 2014-01-10 21:49 - 02126350 _____ () C:\Users\Aidan\Desktop\launcher^FTB_Launcher.exe
2014-03-09 19:13 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-03-08 19:21 - 2014-03-08 19:21 - 00000000 ____D () C:\Users\Aidan\AppData\Local\IsolatedStorage
2014-03-08 18:02 - 2014-03-08 18:02 - 00000000 ____D () C:\Users\Aidan\Documents\Expression
2014-03-06 17:39 - 2013-01-30 23:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 17:39 - 2013-01-30 23:06 - 00000000 ____D () C:\ProgramData\Skype
2014-03-04 16:28 - 2014-03-04 16:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft Expression
2014-03-04 16:25 - 2014-03-04 16:25 - 25279344 _____ (Microsoft Corporation) C:\Users\Aidan\Downloads\Encoder_en.exe
2014-03-04 16:17 - 2014-03-04 16:17 - 00000000 ____D () C:\Users\Aidan\Documents\Custom Production Presets 8.0
2014-03-03 20:21 - 2014-02-21 18:07 - 00000000 ____D () C:\Users\Aidan\Desktop\At Launcher
2014-03-03 17:53 - 2014-03-03 17:53 - 00000000 ____D () C:\Users\Aidan\AppData\Local\CrashDumps
2014-03-03 16:12 - 2014-03-03 16:12 - 02269863 _____ () C:\Users\Aidan\Downloads\forge-1.6.4-9.11.1.965-installer.jar
2014-03-03 15:55 - 2014-03-03 15:55 - 02206698 _____ () C:\Users\Aidan\Downloads\minecraftforge-installer-1.6.4-9.11.0.883.jar
2014-03-03 15:50 - 2014-03-03 15:47 - 211632982 _____ () C:\Users\Aidan\Desktop\Pixelmon 3.0.2.zip
2014-03-02 14:05 - 2013-02-23 21:22 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-02 10:37 - 2014-02-15 22:14 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\Open Download Manager
2014-03-01 21:29 - 2014-03-01 21:29 - 00000000 ____D () C:\Users\Aidan\Documents\Elder Scrolls Online
2014-03-01 21:29 - 2014-03-01 21:29 - 00000000 ____D () C:\ProgramData\Elder Scrolls Online
2014-03-01 12:29 - 2014-03-01 12:28 - 00762005 _____ () C:\Users\Aidan\Desktop\extrautils-1.0.2.zip
2014-03-01 11:28 - 2014-03-01 11:28 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\WinRAR
2014-03-01 11:28 - 2014-03-01 11:22 - 00421042 _____ () C:\Users\Aidan\Downloads\OptiFine_1.6.4_HD_U_C6.jar
2014-03-01 10:36 - 2014-03-01 10:36 - 00000000 ____D () C:\Users\Aidan\AppData\Roaming\Macromedia
2014-03-01 10:25 - 2014-03-01 10:25 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-01 02:05 - 2014-03-11 15:27 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-11 15:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-11 15:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-11 15:27 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-11 15:27 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-11 15:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-11 15:27 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-11 15:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-11 15:27 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-11 15:27 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-11 15:27 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-11 15:27 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-11 15:27 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-11 15:27 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-11 15:27 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-11 15:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-11 15:27 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-11 15:27 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-11 15:27 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-11 15:27 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-11 15:27 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-11 15:27 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-11 15:27 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-11 15:27 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-11 15:27 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-11 15:27 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-11 15:27 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-11 15:27 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-11 15:27 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-11 15:27 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-11 15:27 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-11 15:27 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-11 15:27 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-11 15:27 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-11 15:27 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-11 15:27 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-11 15:27 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-11 15:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-11 15:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-11 15:27 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 21:14 - 2014-02-28 21:12 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-02-28 21:12 - 2014-02-28 21:12 - 55903624 _____ ( ) C:\Users\Aidan\Downloads\Install_ESO_Beta.exe
2014-02-28 21:12 - 2014-02-28 21:12 - 00001405 _____ () C:\Users\Aidan\Desktop\The Elder Scrolls Online Beta.lnk
2014-02-28 20:30 - 2014-02-28 20:30 - 00000000 _____ () C:\Windows\SysWOW64\sho840B.tmp
2014-02-28 20:16 - 2014-02-28 20:16 - 00000000 ____D () C:\Windows\5303CFB5D63544F0A94B9611E81F07C4.TMP
2014-02-28 19:57 - 2013-11-16 23:04 - 00000000 ____D () C:\Users\Aidan\AppData\Local\LogMeIn Hamachi
2014-02-28 19:56 - 2014-01-02 19:31 - 00000000 ____D () C:\Windows\Minidump
2014-02-28 19:56 - 2009-07-29 02:03 - 00000000 ____D () C:\Windows\Panther
2014-02-28 19:52 - 2014-02-28 19:52 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-02-28 19:52 - 2014-02-28 19:52 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-02-28 19:52 - 2014-02-28 19:52 - 00000000 ____D () C:\Program Files\CCleaner
2014-02-27 21:45 - 2012-02-18 03:36 - 00776038 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-19 17:24 - 2012-02-18 03:37 - 00003908 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-19 17:24 - 2012-02-18 03:37 - 00003656 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
 
Files to move or delete:
====================
C:\Users\Aidan\ServerStart.bat
 
 
Some content of TEMP:
====================
C:\Users\Aidan\AppData\Local\Temp\0_slfmpx.dll
C:\Users\Aidan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjcv1uk.dll
C:\Users\Aidan\AppData\Local\Temp\setup.exe
C:\Users\Aidan\AppData\Local\Temp\setup{412049A1-23CA-4EFC-95CB-7D3F888FCC32}.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-20 08:34
 
==================== End Of Log ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Aidan at 2014-03-20 18:27:01
Running from C:\Users\Aidan\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Internet Security (Disabled - Out of date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Internet Security (Disabled - Out of date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Disabled - Out of date) {A751AC20-3B48-5237-898A-78C4436BB78D}
FW: avast! Internet Security (Disabled) {131692B0-0864-D491-4E21-3A3A1D8BBB47}
 
==================== Installed Programs ======================
 
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.85.3 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.12150 - Systweak Software) <==== ATTENTION
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Ask Toolbar (HKLM-x32\...\{86D4B82A-ABED-442A-BE86-96357B70F4FE}) (Version: 1.15.14.0 - Ask.com) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.4.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.23 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.29 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.7 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.2.1 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0041 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
ASUS_Screensaver (HKLM-x32\...\ASUS_Screensaver) (Version:  - )
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0015 - ASUS)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
BrowserSafeguard with RocketTab (HKLM-x32\...\Browsersafeguard) (Version:  - Browsersafeguard) <==== ATTENTION
CamStudio version 2.6b (HKLM-x32\...\{2793F5A3-509A-4CB6-B014-1E0E0794351A}_is1) (Version: 2.6b - Download Freely, LLC)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version:  - )
Canon MX430 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX430_series) (Version:  - )
Canon MX430 series On-screen Manual (HKLM-x32\...\Canon MX430 series On-screen Manual) (Version:  - )
Canon MX430 series User Registration (HKLM-x32\...\Canon MX430 series User Registration) (Version:  - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.0 - Canon Inc.)
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version:  - )
Canon Speed Dial Utility (HKLM-x32\...\Speed Dial Utility) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.2) (Version: 5.0.0.2 - Coupons.com Incorporated) <==== ATTENTION
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Media Suite (x32 Version: 8.0.2926 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1126 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DragonNest (HKLM-x32\...\DragonNest) (Version:  - )
Expert PDF 7 Reader (HKLM-x32\...\{FC279721-37A6-4777-AFD8-7A56681EBA14}) (Version: 7.0.1370.0 - Avanquest software)
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.57 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
InstantOn for NB (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 2.2.0 - ASUS)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.0 - IObit)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KNCTR (HKLM-x32\...\Itibiti_is1) (Version:  - Itibiti Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.130 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.130 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
MapleStory (HKLM-x32\...\Steam App 216150) (Version:  - Nexon)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.3205.0) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (x32 Version: 4.0.3205.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MixiDJ chrome Toolbar (HKLM-x32\...\MixiDJ chrome Toolbar) (Version:  - MixiDJ) <==== ATTENTION
MixiDJ Toolbar  (HKLM-x32\...\mixidj) (Version: 1.8.18.8 - mixidj) <==== ATTENTION
MixiDJ V48 Toolbar for IE (HKLM-x32\...\IECT3298584) (Version: 6.17.2.8 - MixiDJ V48) <==== ATTENTION
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open Downloader Manager (HKLM-x32\...\OpenDownloaderManager) (Version:  - )
QuickShare (HKLM-x32\...\{11D4FAA0-A577-4FA8-B24E-D24283D861D1}) (Version: 11.24.60.15709 - Linkury Inc.) <==== ATTENTION
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink)
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 3.6 - Razer USA Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6454 - Realtek Semiconductor Corp.)
RegClean Pro (HKLM-x32\...\RegClean Pro_is1) (Version: 6.21 - Systweak Inc) <==== ATTENTION
ROBLOX Player for Aidan (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 for Aidan (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
SavetheChildren Reminder by We-Care.com v4.1.22.4 (HKLM-x32\...\{DB9BF6DA-8030-4A21-9FF4-8856A7556FCF}) (Version: 4.1.22.4 - We-Care.com)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.0.0.4 - Synopsys )
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1018 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.6.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
Tube Dimmer (HKLM-x32\...\TubeDimmer) (Version: 2.6.49 - Creative Island Media, LLC)
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.49 - Creative Island Media, LLC) <==== ATTENTION
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 照片库 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.0 - ASUS)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
ZD Soft Screen Recorder (HKLM-x32\...\{F0A56F04-4C9B-4408-9D65-5E0700BACCEB}) (Version: 5.4.0 - ZD Soft)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)
 
==================== Restore Points  =========================
 
11-03-2014 19:22:26 Windows Update
12-03-2014 23:16:22 Windows Update
18-03-2014 21:53:59 Windows Update
19-03-2014 20:41:21 Windows Update
20-03-2014 01:59:13 Installed Microsoft Office Professional Plus 2010
20-03-2014 02:12:26 Installed Microsoft Office Professional Plus 2010
20-03-2014 18:26:33 AA11
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {07C18F21-DEB3-43BE-88C1-F34F52FB2BCC} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-12-22] (ASUSTek Computer Inc.)
Task: {11D9458C-FB82-462F-93D6-3DA2242A616B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {1C2CC541-4CA1-42DB-B9BE-B4B8A29A0B7E} - System32\Tasks\{FB887B7B-E56A-46E4-AC87-136DF9F34E1C} => C:\Users\Aidan\Downloads\MCreator.exe
Task: {478008B1-1663-4201-9963-4DD143735139} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Aidan\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
Task: {54F72862-E9A2-4F2F-A363-A9097B462BF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18] (Google Inc.)
Task: {68A5B9EA-E4D5-430E-9FCF-E50B720F50BD} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
Task: {6A71AF4F-766C-44FD-BB59-AB93668673DE} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {6DAE2D6E-9943-4F6F-81EA-F4BFF28B2E93} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {6F62AD2F-87C2-4D13-8892-BF02F6A6787A} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {76F8C142-B4BC-4C8D-A966-7F2E88D8B2D3} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {7E4ED726-93E2-4999-BDE3-FBE1A3522A32} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2013-05-07] ()
Task: {8752C6C5-8760-4EB1-A749-F41BF26C937B} - System32\Tasks\AIRecoveryRemind => C:\Program Files (x86)\ASUS\AI Recovery\AIRecoveryRemind.exe [2012-01-31] (ASUSTek Computer Inc.)
Task: {8947F181-8364-4254-B279-2CC9A41E97A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {930E10CE-66C1-4240-8B6A-1CB4BA5B2FC7} - System32\Tasks\EPUpdater => C:\Users\Aidan\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe <==== ATTENTION
Task: {A07432F8-CE0E-42B4-880F-7D8A107C9D2B} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe <==== ATTENTION
Task: {C5A9B8CC-AA6C-4808-A8F3-67038303E347} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {D17DF45F-49CE-45C8-B121-625B11E10F86} - System32\Tasks\{FF5264AA-1736-412E-B13A-353DCA414A9F} => C:\Users\Aidan\Downloads\MCreator.exe
Task: {DD8AEE93-D551-4E03-8448-EBDD05840695} - System32\Tasks\{4122ABA6-EBB1-4902-8C57-3F0DD4786A86} => C:\Users\Aidan\Downloads\MCreator.exe
Task: {E23AA8D7-87F1-42BC-9AE2-30231FEBAB24} - System32\Tasks\{04914352-CB56-4DC1-A730-EF74F3C01A6A} => C:\Users\Aidan\Downloads\MCreator.exe
Task: {EB38A42D-B1CC-4C4E-89D9-E8D6C9D30AEB} - System32\Tasks\{949A8936-AFBD-4591-B5B4-4AC617A68F0A} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.1.0.129.272&LastError=12002
Task: {EF0C17EF-0513-4A51-B890-0F4AD7BFCF15} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
Task: {F6F97F6E-9E61-4319-A664-9C94CDF5415F} - System32\Tasks\{B822B3D2-1718-460E-8624-DB721AE6C9D2} => C:\Users\Aidan\Downloads\MCreator.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-03-24 21:38 - 2010-03-24 21:38 - 08794976 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-07-14 19:11 - 2010-07-14 19:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-03-04 21:24 - 2011-05-05 08:30 - 00057640 _____ () C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
2013-09-19 18:37 - 2013-09-19 18:37 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2013-09-19 18:32 - 2013-09-19 18:32 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2013-12-25 10:10 - 2013-12-25 05:41 - 02246144 _____ () C:\Program Files\AVAST Software\Avast\defs\13122500\algo.dll
2007-07-12 14:11 - 2007-07-12 14:11 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2012-02-21 17:49 - 2012-02-21 17:49 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-11-15 23:11 - 2013-11-14 07:28 - 00702416 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libglesv2.dll
2013-11-15 23:11 - 2013-11-14 07:28 - 00099792 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\libegl.dll
2013-11-15 23:11 - 2013-11-14 07:29 - 04055504 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\pdf.dll
2013-11-15 23:11 - 2013-11-14 07:29 - 00399312 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ppGoogleNaClPluginChrome.dll
2013-11-15 23:11 - 2013-11-14 07:28 - 01619408 _____ () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.57\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== Disabled items from MSCONFIG ==============
 
MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/20/2014 04:51:31 PM) (Source: MsiInstaller) (User: Aidan-PC)
Description: Product: Ask Toolbar -- Error 2738.Could not access VBScript run time for custom action .
 
Error: (03/20/2014 04:51:23 PM) (Source: MsiInstaller) (User: Aidan-PC)
Description: Product: Ask Toolbar -- Error 2738.Could not access VBScript run time for custom action .
 
Error: (03/20/2014 04:46:29 PM) (Source: Application Error) (User: )
Description: Faulting application name: InsOnSrv.exe, version: 2.2.0.1, time stamp: 0x4f3cd121
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x7cc
Faulting application start time: 0xInsOnSrv.exe0
Faulting application path: InsOnSrv.exe1
Faulting module path: InsOnSrv.exe2
Report Id: InsOnSrv.exe3
 
Error: (03/20/2014 02:15:16 PM) (Source: MsiInstaller) (User: Aidan-PC)
Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.
 
Error: (03/20/2014 09:16:14 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (03/19/2014 10:19:30 PM) (Source: Microsoft Office 14) (User: )
Description: Microsoft WordWord failed to start correctly last time.  Starting Word in safe mode will help you correct or isolate a startup problem in order to successfully start the program.  Some functionality may be disabled in this mode.
 
Do you want to start Word in safe mode?
 
Error: (03/19/2014 10:17:52 PM) (Source: Application Virtualization Client) (User: )
Description: {hap=16:app=Microsoft Word Starter 2010 9014006604090000:tid=13B8:usr=Aidan}
The client could not launch Q:\140066.enu\Office14\WINWORDC.EXE (rc 0B004B04-00000419, last error 2).
 
Error: (03/19/2014 10:05:44 PM) (Source: Application Hang) (User: )
Description: The program EEScreen.exe version 4.0.3205.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1a5c
 
Start Time: 01cf43de023d61e6
 
Termination Time: 9
 
Application Path: C:\Program Files (x86)\Microsoft Expression\Encoder 4\EEScreen.exe
 
Report Id: cd8a9666-afd3-11e3-b796-08606e08f827
 
Error: (03/18/2014 08:09:29 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
Error: (03/18/2014 06:23:03 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005
 
 
System errors:
=============
Error: (03/20/2014 04:48:11 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: 
%%2
 
Error: (03/20/2014 04:48:11 PM) (Source: Service Control Manager) (User: )
Description: The WatGorp service failed to start due to the following error: 
%%2
 
Error: (03/20/2014 04:48:11 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (03/20/2014 04:48:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (03/20/2014 01:01:59 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%2
 
Error: (03/20/2014 08:02:36 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
 
Error: (03/19/2014 10:44:21 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%2
 
Error: (03/19/2014 09:24:20 PM) (Source: Service Control Manager) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%2
 
Error: (03/17/2014 05:46:22 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (03/15/2014 09:01:32 PM) (Source: Service Control Manager) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (03/20/2014 04:51:31 PM) (Source: MsiInstaller)(User: Aidan-PC)
Description: Product: Ask Toolbar -- Error 2738.Could not access VBScript run time for custom action .(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (03/20/2014 04:51:23 PM) (Source: MsiInstaller)(User: Aidan-PC)
Description: Product: Ask Toolbar -- Error 2738.Could not access VBScript run time for custom action .(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (03/20/2014 04:46:29 PM) (Source: Application Error)(User: )
Description: InsOnSrv.exe2.2.0.14f3cd121unknown0.0.0.000000000c0000005000000007cc01cf40b330f84b5cC:\Program Files (x86)\ASUS\InstantOn for NB\InsOnSrv.exeunknownb5e840b6-b070-11e3-b796-08606e08f827
 
Error: (03/20/2014 02:15:16 PM) (Source: MsiInstaller)(User: Aidan-PC)
Description: Product: Windows Defender -- You do not need to install this software because Windows Defender is included in Windows Vista. You can access Windows Defender from the Security section of the Windows Control Panel.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (03/20/2014 09:16:14 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (03/19/2014 10:19:30 PM) (Source: Microsoft Office 14)(User: )
Description: Microsoft WordWord failed to start correctly last time.  Starting Word in safe mode will help you correct or isolate a startup problem in order to successfully start the program.  Some functionality may be disabled in this mode.
 
Do you want to start Word in safe mode?
 
Error: (03/19/2014 10:17:52 PM) (Source: Application Virtualization Client)(User: )
Description: {hap=16:app=Microsoft Word Starter 2010 9014006604090000:tid=13B8:usr=Aidan}
Q:\140066.enu\Office14\WINWORDC.EXE0B004B04-000004192
 
Error: (03/19/2014 10:05:44 PM) (Source: Application Hang)(User: )
Description: EEScreen.exe4.0.3205.01a5c01cf43de023d61e69C:\Program Files (x86)\Microsoft Expression\Encoder 4\EEScreen.execd8a9666-afd3-11e3-b796-08606e08f827
 
Error: (03/18/2014 08:09:29 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
Error: (03/18/2014 06:23:03 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-12-27 07:39:38.302
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\SET84C8.tmp because the set of per-page image hashes could not be found on the system.
 
  Date: 2012-12-27 07:39:38.299
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\mcafee\VSCore\SET84C8.tmp because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 54%
Total physical RAM: 4000.13 MB
Available physical RAM: 1809.32 MB
Total Pagefile: 7998.43 MB
Available Pagefile: 5146.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:72.57 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:254.04 GB) NTFS
Drive e: (Feb 27 2014) (CDROM) (Total:0.69 GB) (Free:0.45 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E3102A4B)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
Link to post
Share on other sites

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

Advanced System Protector
Ask Toolbar
BrowserSafeguard with RocketTab
IObit Malware Fighter
MixiDJ chrome Toolbar
MixiDJ V48 Toolbar for IE
MixiDJ Toolbar
MyPC Backup
QuickShare
RegClean Pro
Updater
WebCake 3.00


Close the window.

 

 

 

 

when finishzed, provide new log files from FRST.

Also upload the TDSS Killer log file.

Link to post
Share on other sites

  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.