Jump to content

Malwarebytes Keeps Saying Malicious Website Blocked When No Browsers Are Open?


Recommended Posts

has my computer been hacked? Malwarebytes Anti-Malware

www.malwarebytes.org
 
 
Protection, 4/22/2014 9:42:15 AM, SYSTEM, PITZULO, Protection, Malware Protection, Starting, 
Protection, 4/22/2014 9:42:15 AM, SYSTEM, PITZULO, Protection, Malware Protection, Started, 
Protection, 4/22/2014 9:42:15 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Starting, 
Protection, 4/22/2014 9:43:38 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Started, 
Detection, 4/22/2014 9:59:02 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 46.246.111.54, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 9:59:05 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 46.246.111.54, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 10:01:20 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 213.186.115.230, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 10:01:20 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 213.186.115.230, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 10:34:00 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.7.56, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 10:34:00 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.7.56, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Update, 4/22/2014 10:39:03 AM, SYSTEM, PITZULO, Scheduler, Malware Database, 2014.4.22.1, 2014.4.22.4, 
Protection, 4/22/2014 10:39:06 AM, SYSTEM, PITZULO, Protection, Refresh, Starting, 
Protection, 4/22/2014 10:39:06 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Stopping, 
Protection, 4/22/2014 10:39:07 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Stopped, 
Protection, 4/22/2014 10:39:29 AM, SYSTEM, PITZULO, Protection, Refresh, Success, 
Protection, 4/22/2014 10:39:29 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Starting, 
Protection, 4/22/2014 10:39:31 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Started, 
Detection, 4/22/2014 10:58:39 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.106.30, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 10:58:39 AM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.106.30, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 12:36:49 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.121.59, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 12:36:49 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.121.59, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Update, 4/22/2014 12:42:21 PM, SYSTEM, PITZULO, Scheduler, Malware Database, 2014.4.22.4, 2014.4.22.5, 
Protection, 4/22/2014 12:42:21 PM, SYSTEM, PITZULO, Protection, Refresh, Starting, 
Protection, 4/22/2014 12:42:21 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Stopping, 
Protection, 4/22/2014 12:42:21 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Stopped, 
Protection, 4/22/2014 12:42:27 PM, SYSTEM, PITZULO, Protection, Refresh, Success, 
Protection, 4/22/2014 12:42:27 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Starting, 
Protection, 4/22/2014 12:42:29 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Started, 
Detection, 4/22/2014 1:05:23 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.122.200, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 1:05:23 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.122.200, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 1:05:26 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.26.72, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 1:05:26 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.26.72, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 1:32:21 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 91.188.33.99, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 1:32:21 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 91.188.33.99, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 3:14:54 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 77.78.229.98, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 3:14:54 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 77.78.229.98, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Update, 4/22/2014 4:03:49 PM, SYSTEM, PITZULO, Scheduler, Malware Database, 2014.4.22.5, 2014.4.22.6, 
Protection, 4/22/2014 4:03:50 PM, SYSTEM, PITZULO, Protection, Refresh, Starting, 
Protection, 4/22/2014 4:03:50 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Stopping, 
Protection, 4/22/2014 4:03:50 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Stopped, 
Protection, 4/22/2014 4:04:10 PM, SYSTEM, PITZULO, Protection, Refresh, Success, 
Protection, 4/22/2014 4:04:11 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Starting, 
Protection, 4/22/2014 4:04:12 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Started, 
Update, 4/22/2014 4:52:44 PM, SYSTEM, PITZULO, Scheduler, Malware Database, 2014.4.22.6, 2014.4.22.7, 
Protection, 4/22/2014 4:52:44 PM, SYSTEM, PITZULO, Protection, Refresh, Starting, 
Protection, 4/22/2014 4:52:44 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Stopping, 
Protection, 4/22/2014 4:52:45 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Stopped, 
Protection, 4/22/2014 4:52:54 PM, SYSTEM, PITZULO, Protection, Refresh, Success, 
Protection, 4/22/2014 4:52:54 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Starting, 
Protection, 4/22/2014 4:52:55 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, Started, 
Detection, 4/22/2014 5:20:56 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.7.193, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 5:20:56 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.7.193, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 5:47:14 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 79.135.148.52, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 5:47:14 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 79.135.148.52, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 6:12:18 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.97.23, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 6:12:18 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 89.28.97.23, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 6:37:14 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 185.21.216.133, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 6:37:15 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 185.21.216.133, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 6:44:24 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 85.234.168.99, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
Detection, 4/22/2014 6:44:24 PM, SYSTEM, PITZULO, Protection, Malicious Website Protection, IP, 85.234.168.99, 6881, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe, 
 
(end)
Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


 
 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt




Please attach this file to your next reply.

Link to post
Share on other sites

Did the scans tddskillerf found nothing.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by PONGOPETER826 (administrator) on PITZULO on 23-04-2014 09:09:59
Running from C:\Users\PONGOPETER826\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Soluto) C:\ProgramData\Soluto\Update\SolutoUpdateService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Soluto) c:\program files\soluto\soluto.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(GlavSoft LLC.) C:\Program Files\Soluto\SolutoRemoteService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-07-01] (IDT, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-01] (AVAST Software)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Winlogon: [userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [KodakHomeCenter] - "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
HKU\S-1-5-21-2202217186-465167670-3666795026-1001\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x26F771E5F02CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
URLSearchHook: HKLM-x32 - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No File
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=843&query={SearchTerms}&invocationType=tb50-ie-aolmailtb-chromesbox-en-us
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727
SearchScopes: HKLM-x32 - {B1AD398A-BCCC-4F7A-9C64-83B6DDC5E346} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  No File
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} -  No File
BHO-x32: No Name - {0347C33E-8762-4905-BF09-768834316C61} -  No File
BHO-x32: No Name - {3049C3E9-B461-4BC5-8870-4C09146192CA} -  No File
BHO-x32: No Name - {37483b40-c254-4a72-bda4-22ee90182c1e} -  No File
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  No File
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -  No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {37483b40-c254-4a72-bda4-22ee90182c1e} -  No File
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {352797A0-EFD0-4FA6-B229-145120EA4B8A} https://disneyblast.go.com/v3/setup/activex/DIGHardwareControl.cab
DPF: HKLM-x32 {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
DPF: HKLM-x32 {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames.com/plugins/activex/YoYo.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FF791555-FDAC-43AB-B792-389E4CC0A6E5} http://download.test.toontown.com/sv1.0.40.10.test/tt_test.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default
FF SearchEngineOrder.3: Bing
FF Homepage: www.google.com

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\etslngn2.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PONGOPETER826\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\searchplugins\swagbucks.xml
FF Extension: Click&Clean - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\clickclean@hotcleaner.com [2014-02-20]
FF Extension: WOT - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-05]
FF Extension: S3.Google Translator - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\s3google@translator.xpi [2014-02-20]
FF Extension: Swagbucks Extension - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\shopearn@prodege.com.xpi [2014-04-20]
FF Extension: Adblock Plus - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-20]
FF Extension: DownThemAll! - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-20]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-05-14]
FF HKLM-x32\...\Firefox\Extensions: [{6E19037A-12E3-4295-8915-ED48BC341614}] - C:\Program Files (x86)\PremierOpinion
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-02-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-05-14]

Chrome:
=======


CHR Extension: (DownloadAll) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajffocjdcmpgjmdfdfkdfdbkjafbkcke [2014-02-18]
CHR Extension: (Google Docs) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-18]
CHR Extension: (Google Drive) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-18]
CHR Extension: (WOT) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-04-03]
CHR Extension: (YouTube) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-18]
CHR Extension: (Adblock Plus) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-02-19]
CHR Extension: (Google Search) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-18]
CHR Extension: (Swagbucks Extension) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2014-02-18]
CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk [2014-02-18]
CHR Extension: (zelda link to the past) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfjdafjdmgncjdmloepejfcbocbgmp [2014-04-22]
CHR Extension: (Google Wallet) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-18]
CHR Extension: (Gmail) - C:\Users\PONGOPETER826\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\PONGOP~1\AppData\Local\Temp\ccex.crx [2014-02-18]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-04-01]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-02-22]
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\PONGOP~1\AppData\Local\Temp\crxDE88.tmp [2012-02-22]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-01] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-03-08] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182848 2013-11-14] (Soluto)
R3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-11-14] (GlavSoft LLC.)
R2 SolutoUpdate; C:\ProgramData\Soluto\Update\SolutoUpdateService.exe [138768 2012-08-28] (Soluto)
S2 Kodak AiO Network Discovery Service; C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [X]
S2 Kodak AiO Status Monitor Service; "C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe" [X]
S2 LightScribeService; "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-01] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-01] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 pspdisp; C:\Windows\System32\DRIVERS\pspdisp_x64.sys [4608 2011-01-18] (JJS)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S1 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U4 eabfiltr;
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 vproiah; system32\DRIVERS\vproiah.sys [X]
S3 X6va005; \??\C:\Users\PONGOP~1\AppData\Local\Temp\0054EAB.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 09:09 - 2014-04-23 09:10 - 00021839 _____ () C:\Users\PONGOPETER826\Downloads\FRST.txt
2014-04-23 09:09 - 2014-04-23 09:09 - 00000000 ____D () C:\FRST
2014-04-23 09:08 - 2014-04-21 20:25 - 02061312 _____ (Farbar) C:\Users\PONGOPETER826\Downloads\FRST64.exe
2014-04-23 08:58 - 2014-04-23 08:58 - 00000316 _____ () C:\Windows\PFRO.log
2014-04-22 20:23 - 2014-04-22 20:24 - 00262784 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-22 19:24 - 2014-04-22 19:24 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-22 19:24 - 2014-04-22 19:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-22 19:24 - 2014-04-22 19:23 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-22 19:24 - 2014-04-22 19:23 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-22 19:24 - 2014-04-22 19:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-22 19:18 - 2014-04-22 19:18 - 00921512 _____ (Oracle Corporation) C:\Users\PONGOPETER826\Downloads\chromeinstall-7u55.exe
2014-04-22 19:01 - 2014-04-22 19:01 - 00002017 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-04-22 18:58 - 2014-04-22 19:06 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-04-22 18:55 - 2014-04-22 18:55 - 93596032 _____ () C:\Users\PONGOPETER826\Downloads\netbeans-8.0-javase-windows(0).exe
2014-04-22 18:47 - 2014-04-22 18:47 - 00008536 _____ () C:\Users\PONGOPETER826\Documents\doc.txt
2014-04-22 18:23 - 2014-04-22 18:23 - 00000000 __SHD () C:\Users\PONGOPETER826\AppData\Local\EmieUserList
2014-04-22 18:23 - 2014-04-22 18:23 - 00000000 __SHD () C:\Users\PONGOPETER826\AppData\Local\EmieSiteList
2014-04-22 15:41 - 2011-03-30 14:35 - 00292184 _____ (Microsoft Corporation) C:\Users\PONGOPETER826\Downloads\dxwebsetup.exe
2014-04-22 15:40 - 2014-04-22 15:40 - 00000000 ____D () C:\Users\PONGOPETER826\Downloads\CubeDemo
2014-04-22 15:39 - 2013-07-02 09:28 - 03216358 _____ () C:\Users\PONGOPETER826\Downloads\CubeDemo.zip
2014-04-22 11:00 - 2014-04-22 11:29 - 00000000 ____D () C:\Program Files (x86)\cache
2014-04-22 10:54 - 2014-04-22 11:26 - 00000000 ____D () C:\Program Files (x86)\modpacks
2014-04-22 10:49 - 2014-04-22 11:03 - 00000000 ____D () C:\Program Files (x86)\assets
2014-04-22 10:48 - 2014-04-22 10:49 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\.technic
2014-04-22 10:37 - 2014-04-22 10:37 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\java
2014-04-22 10:36 - 2014-04-22 10:36 - 00675988 _____ () C:\Users\PONGOPETER826\Downloads\Minecraft.exe
2014-04-22 10:31 - 2009-01-22 08:40 - 02434048 _____ () C:\Users\PONGOPETER826\Downloads\msxml_001.msi
2014-04-22 10:29 - 2009-01-22 08:40 - 02434048 _____ () C:\Users\PONGOPETER826\Downloads\msxml.msi
2014-04-22 10:28 - 2014-04-05 22:03 - 02346942 _____ () C:\Users\PONGOPETER826\Downloads\TechnicLauncher.exe
2014-04-22 10:22 - 2014-04-21 19:39 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-22 10:22 - 2014-04-21 19:39 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-22 10:22 - 2014-04-21 19:39 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-22 09:41 - 2014-04-23 08:59 - 00000112 _____ () C:\Windows\setupact.log
2014-04-22 09:41 - 2014-04-22 09:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-21 21:09 - 2014-04-23 09:00 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 21:07 - 2014-04-21 21:07 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-21 21:07 - 2014-04-21 21:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-21 21:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-21 21:03 - 2014-04-04 19:43 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\PONGOPETER826\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-21 17:59 - 2014-04-21 17:59 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-04-21 17:59 - 2014-04-21 17:59 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-04-21 17:58 - 2014-03-31 23:12 - 18134016 _____ (Adobe Systems Inc.) C:\Users\PONGOPETER826\Downloads\AdobeAIRInstaller.exe
2014-04-21 17:55 - 2014-01-08 22:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-21 17:55 - 2014-01-03 18:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-20 09:15 - 2014-04-20 09:15 - 05329480 _____ (Secunia) C:\Users\PONGOPETER826\Downloads\PSISetup(0).exe
2014-04-20 09:14 - 2014-04-20 09:14 - 00000000 ___RD () C:\Users\PONGOPETER826\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-20 09:08 - 2014-04-20 09:08 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\Secunia PSI
2014-04-20 09:08 - 2014-04-20 09:08 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-20 08:57 - 2013-10-01 22:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-04-20 08:57 - 2013-10-01 22:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-20 08:57 - 2013-10-01 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-20 08:57 - 2013-10-01 21:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-04-20 08:57 - 2013-10-01 21:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-04-20 08:57 - 2013-10-01 21:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-20 08:57 - 2013-10-01 21:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-20 08:57 - 2013-10-01 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-20 08:57 - 2013-10-01 20:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-04-20 08:57 - 2013-10-01 20:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-04-20 08:57 - 2013-10-01 20:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-04-20 08:57 - 2013-10-01 20:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-04-20 08:57 - 2013-10-01 19:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-20 08:57 - 2013-10-01 19:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-20 08:57 - 2013-10-01 19:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-20 08:57 - 2013-10-01 18:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-20 08:56 - 2014-03-06 06:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-20 08:56 - 2014-03-06 05:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 08:56 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-20 08:56 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-20 08:56 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-20 08:56 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-20 08:56 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-20 08:56 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 08:56 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-20 08:56 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-20 08:56 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-20 08:56 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-20 08:56 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-20 08:56 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-20 08:56 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-20 08:56 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-20 08:56 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-20 08:56 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-20 08:56 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-20 08:56 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-20 08:56 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-20 08:56 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-20 08:56 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-20 08:56 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-20 08:56 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 08:56 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-20 08:56 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-20 08:56 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-20 08:55 - 2014-03-06 05:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-20 08:55 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-20 08:55 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-20 08:55 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-20 08:55 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-20 08:55 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-20 08:55 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-20 08:55 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-20 08:55 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-20 08:55 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-20 08:55 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-20 08:55 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-20 08:55 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-20 08:55 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-20 08:55 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-20 08:55 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-20 08:55 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-20 08:55 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-20 08:55 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-20 08:55 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-20 08:55 - 2012-08-23 10:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-04-20 08:55 - 2012-08-23 10:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-04-20 08:55 - 2012-08-23 09:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-04-20 08:55 - 2012-08-23 07:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-04-20 08:55 - 2012-08-23 06:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-04-20 08:55 - 2012-08-23 05:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-04-20 08:54 - 2014-04-20 08:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-04-20 08:51 - 2013-09-24 22:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-04-20 08:51 - 2013-09-24 21:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-04-20 08:51 - 2012-05-04 07:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-20 08:51 - 2012-05-04 05:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-18 09:35 - 2014-04-18 09:37 - 00002030 _____ () C:\Users\PONGOPETER826\Desktop\SndVol.exe.lnk
2014-04-18 09:28 - 2014-04-18 09:28 - 00003310 _____ () C:\Users\PONGOPETER826\Documents\volume.ahk
2014-04-18 09:19 - 2014-04-18 09:26 - 00000054 _____ () C:\Users\PONGOPETER826\Documents\.ahk
2014-04-18 09:11 - 2014-04-18 09:11 - 00012739 _____ () C:\Users\PONGOPETER826\Downloads\VA-2.3.zip
2014-04-18 09:09 - 2014-04-18 09:09 - 00001351 _____ () C:\Users\PONGOPETER826\Documents\AutoHotkey.ahk
2014-04-18 09:08 - 2014-04-18 09:18 - 00000000 ____D () C:\Program Files\AutoHotkey
2014-04-18 09:07 - 2014-04-18 09:07 - 02654812 _____ () C:\Users\PONGOPETER826\Downloads\AutoHotkey111403_Install.exe
2014-04-15 21:30 - 2014-04-15 21:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-15 21:27 - 2014-04-15 21:53 - 00000000 ____D () C:\Users\PONGOPETER826\Desktop\mbar
2014-04-15 21:27 - 2014-04-15 21:27 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PONGOPETER826\Downloads\mbar-1.07.0.1009.exe
2014-04-15 21:27 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 11:42 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-14 11:42 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-14 11:42 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-14 11:42 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-14 11:42 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-14 11:42 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 11:42 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 11:42 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 11:42 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 11:42 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 11:42 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 11:42 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-14 11:42 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-14 11:42 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-14 11:42 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-14 11:42 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 11:42 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 15:22 - 2014-04-08 15:22 - 00000218 _____ () C:\Users\PONGOPETER826\.recently-used.xbel
2014-04-08 15:13 - 2014-04-08 15:22 - 00000710 _____ () C:\Users\PONGOPETER826\.ufrawrc
2014-04-08 15:08 - 2014-04-08 15:08 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\gtk-2.0
2014-04-08 15:01 - 2014-04-08 15:08 - 00000000 ____D () C:\Users\PONGOPETER826\.gimp-2.8
2014-04-08 15:00 - 2014-04-08 15:00 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\gegl-0.2
2014-04-07 12:44 - 2014-04-07 12:54 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\CodeBlocks
2014-04-03 18:43 - 2014-04-03 18:43 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 18:43 - 2014-04-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 18:43 - 2014-04-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 18:40 - 2014-04-03 18:40 - 00282880 _____ (Mozilla) C:\Users\PONGOPETER826\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 09:15 - 2014-04-22 18:34 - 00000000 ____D () C:\Users\PONGOPETER826\Documents\NetBeansProjects
2014-04-03 09:14 - 2014-04-22 18:39 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\NetBeans
2014-04-03 09:14 - 2014-04-03 09:14 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\NetBeans
2014-04-03 09:00 - 2014-04-22 19:09 - 00000000 ____D () C:\Users\PONGOPETER826\.nbi
2014-04-03 09:00 - 2014-04-03 09:00 - 93596032 _____ () C:\Users\PONGOPETER826\Downloads\netbeans-8.0-javase-windows.exe
2014-04-03 08:54 - 2014-04-03 08:54 - 162675600 _____ (Oracle Corporation) C:\Users\PONGOPETER826\Downloads\jdk-8-windows-x64.exe
2014-04-03 08:51 - 2014-04-03 08:51 - 00000000 ____H () C:\Users\PONGOPETER826\Downloads\url.html_WLYSs_part0.da_
2014-04-01 13:36 - 2014-04-01 13:36 - 65846842 _____ (RailsInstaller Team ) C:\Users\PONGOPETER826\Downloads\railsinstaller-2.2.2.exe
2014-04-01 13:34 - 2014-04-01 13:34 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-01 13:33 - 2014-04-01 13:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-01 13:16 - 2014-04-01 13:18 - 15092388 _____ () C:\Users\PONGOPETER826\Downloads\ruby-2.1.1.tar.gz
2014-03-24 15:40 - 2014-03-24 15:40 - 00000000 ____D () C:\Users\PONGOPETER826\Downloads\Odin_v3.09
2014-03-24 15:37 - 2014-03-24 15:37 - 00000000 ____D () C:\Program Files\SAMSUNG

==================== One Month Modified Files and Folders =======

2014-04-23 09:10 - 2014-04-23 09:09 - 00021839 _____ () C:\Users\PONGOPETER826\Downloads\FRST.txt
2014-04-23 09:09 - 2014-04-23 09:09 - 00000000 ____D () C:\FRST
2014-04-23 09:07 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-23 09:07 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-23 09:03 - 2010-03-23 04:48 - 01116704 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 09:00 - 2014-04-21 21:09 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 09:00 - 2014-03-10 02:30 - 00000510 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-04-23 09:00 - 2014-02-18 18:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-23 08:59 - 2014-04-22 09:41 - 00000112 _____ () C:\Windows\setupact.log
2014-04-23 08:59 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 08:58 - 2014-04-23 08:58 - 00000316 _____ () C:\Windows\PFRO.log
2014-04-22 20:24 - 2014-04-22 20:23 - 00262784 _____ () C:\Windows\msxml4-KB2758694-enu.LOG
2014-04-22 20:22 - 2010-05-23 08:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-22 20:06 - 2014-03-08 21:06 - 00000526 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 08ed1a8a-0da8-45eb-9da8-484c1e5b5a3e.job
2014-04-22 19:47 - 2010-05-23 19:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-22 19:28 - 2012-07-31 09:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-22 19:24 - 2014-04-22 19:24 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-22 19:24 - 2014-04-22 19:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-22 19:23 - 2014-04-22 19:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-22 19:23 - 2014-04-22 19:24 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-22 19:23 - 2014-04-22 19:24 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-22 19:23 - 2010-12-10 08:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-22 19:18 - 2014-04-22 19:18 - 00921512 _____ (Oracle Corporation) C:\Users\PONGOPETER826\Downloads\chromeinstall-7u55.exe
2014-04-22 19:09 - 2014-04-03 09:00 - 00000000 ____D () C:\Users\PONGOPETER826\.nbi
2014-04-22 19:06 - 2014-04-22 18:58 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-04-22 19:01 - 2014-04-22 19:01 - 00002017 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-04-22 18:55 - 2014-04-22 18:55 - 93596032 _____ () C:\Users\PONGOPETER826\Downloads\netbeans-8.0-javase-windows(0).exe
2014-04-22 18:47 - 2014-04-22 18:47 - 00008536 _____ () C:\Users\PONGOPETER826\Documents\doc.txt
2014-04-22 18:42 - 2011-02-17 20:13 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AFD974C3-040B-4E22-9E1F-63538507D1D2}
2014-04-22 18:39 - 2014-04-03 09:14 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\NetBeans
2014-04-22 18:34 - 2014-04-03 09:15 - 00000000 ____D () C:\Users\PONGOPETER826\Documents\NetBeansProjects
2014-04-22 18:23 - 2014-04-22 18:23 - 00000000 __SHD () C:\Users\PONGOPETER826\AppData\Local\EmieUserList
2014-04-22 18:23 - 2014-04-22 18:23 - 00000000 __SHD () C:\Users\PONGOPETER826\AppData\Local\EmieSiteList
2014-04-22 18:00 - 2010-10-20 08:06 - 00000484 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2014-04-22 16:15 - 2009-11-06 22:51 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-04-22 15:42 - 2009-11-07 00:16 - 00000000 ____D () C:\Program Files\Java
2014-04-22 15:41 - 2011-07-26 09:29 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-04-22 15:41 - 2011-07-26 09:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-04-22 15:40 - 2014-04-22 15:40 - 00000000 ____D () C:\Users\PONGOPETER826\Downloads\CubeDemo
2014-04-22 12:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-04-22 11:29 - 2014-04-22 11:00 - 00000000 ____D () C:\Program Files (x86)\cache
2014-04-22 11:26 - 2014-04-22 10:54 - 00000000 ____D () C:\Program Files (x86)\modpacks
2014-04-22 11:03 - 2014-04-22 10:49 - 00000000 ____D () C:\Program Files (x86)\assets
2014-04-22 10:49 - 2014-04-22 10:48 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\.technic
2014-04-22 10:37 - 2014-04-22 10:37 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\java
2014-04-22 10:37 - 2011-09-09 21:34 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\.minecraft
2014-04-22 10:36 - 2014-04-22 10:36 - 00675988 _____ () C:\Users\PONGOPETER826\Downloads\Minecraft.exe
2014-04-22 10:30 - 2010-06-16 16:08 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-04-22 09:41 - 2014-04-22 09:41 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-21 21:08 - 2011-12-11 18:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-21 21:07 - 2014-04-21 21:07 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-21 21:07 - 2014-04-21 21:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-21 21:07 - 2011-12-11 18:09 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\Malwarebytes
2014-04-21 20:25 - 2014-04-23 09:08 - 02061312 _____ (Farbar) C:\Users\PONGOPETER826\Downloads\FRST64.exe
2014-04-21 19:39 - 2014-04-22 10:22 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-21 19:39 - 2014-04-22 10:22 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-21 19:39 - 2014-04-22 10:22 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-21 19:39 - 2014-02-21 12:10 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-21 19:37 - 2012-07-31 09:30 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-21 19:37 - 2012-07-31 09:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-21 19:37 - 2011-05-18 08:51 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-21 17:59 - 2014-04-21 17:59 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-04-21 17:59 - 2014-04-21 17:59 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-04-21 17:59 - 2010-05-22 08:48 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\Adobe
2014-04-21 17:59 - 2009-11-06 23:02 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-20 10:24 - 2009-07-14 01:13 - 00801092 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 09:15 - 2014-04-20 09:15 - 05329480 _____ (Secunia) C:\Users\PONGOPETER826\Downloads\PSISetup(0).exe
2014-04-20 09:14 - 2014-04-20 09:14 - 00000000 ___RD () C:\Users\PONGOPETER826\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-20 09:08 - 2014-04-20 09:08 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\Secunia PSI
2014-04-20 09:08 - 2014-04-20 09:08 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-20 09:03 - 2014-03-09 16:42 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForPONGOPETER826.job
2014-04-20 09:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-20 08:58 - 2014-03-09 16:42 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPONGOPETER826
2014-04-20 08:54 - 2014-04-20 08:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-04-18 09:37 - 2014-04-18 09:35 - 00002030 _____ () C:\Users\PONGOPETER826\Desktop\SndVol.exe.lnk
2014-04-18 09:28 - 2014-04-18 09:28 - 00003310 _____ () C:\Users\PONGOPETER826\Documents\volume.ahk
2014-04-18 09:26 - 2014-04-18 09:19 - 00000054 _____ () C:\Users\PONGOPETER826\Documents\.ahk
2014-04-18 09:18 - 2014-04-18 09:08 - 00000000 ____D () C:\Program Files\AutoHotkey
2014-04-18 09:11 - 2014-04-18 09:11 - 00012739 _____ () C:\Users\PONGOPETER826\Downloads\VA-2.3.zip
2014-04-18 09:09 - 2014-04-18 09:09 - 00001351 _____ () C:\Users\PONGOPETER826\Documents\AutoHotkey.ahk
2014-04-18 09:08 - 2009-11-06 22:28 - 00000000 ____D () C:\Windows\SHELLNEW
2014-04-18 09:07 - 2014-04-18 09:07 - 02654812 _____ () C:\Users\PONGOPETER826\Downloads\AutoHotkey111403_Install.exe
2014-04-15 21:53 - 2014-04-15 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-15 21:53 - 2014-04-15 21:27 - 00000000 ____D () C:\Users\PONGOPETER826\Desktop\mbar
2014-04-15 21:27 - 2014-04-15 21:27 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PONGOPETER826\Downloads\mbar-1.07.0.1009.exe
2014-04-14 20:17 - 2014-02-18 21:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-14 20:17 - 2009-11-06 22:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-14 20:15 - 2010-05-21 12:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 15:22 - 2014-04-08 15:22 - 00000218 _____ () C:\Users\PONGOPETER826\.recently-used.xbel
2014-04-08 15:22 - 2014-04-08 15:13 - 00000710 _____ () C:\Users\PONGOPETER826\.ufrawrc
2014-04-08 15:22 - 2011-02-02 13:21 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\gtk-2.0
2014-04-08 15:22 - 2010-05-14 11:24 - 00000000 ____D () C:\Users\PONGOPETER826
2014-04-08 15:08 - 2014-04-08 15:08 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\gtk-2.0
2014-04-08 15:08 - 2014-04-08 15:01 - 00000000 ____D () C:\Users\PONGOPETER826\.gimp-2.8
2014-04-08 15:00 - 2014-04-08 15:00 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\gegl-0.2
2014-04-07 17:34 - 2014-02-19 13:42 - 00000000 ___RD () C:\Users\PONGOPETER826\Dropbox
2014-04-07 12:54 - 2014-04-07 12:44 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\CodeBlocks
2014-04-05 22:03 - 2014-04-22 10:28 - 02346942 _____ () C:\Users\PONGOPETER826\Downloads\TechnicLauncher.exe
2014-04-04 19:43 - 2014-04-21 21:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\PONGOPETER826\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-03 18:43 - 2014-04-03 18:43 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 18:43 - 2014-04-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 18:43 - 2014-04-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 18:40 - 2014-04-03 18:40 - 00282880 _____ (Mozilla) C:\Users\PONGOPETER826\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 09:51 - 2014-04-21 21:07 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:51 - 2014-04-15 21:27 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2011-12-11 18:09 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 09:14 - 2014-04-03 09:14 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\NetBeans
2014-04-03 09:00 - 2014-04-03 09:00 - 93596032 _____ () C:\Users\PONGOPETER826\Downloads\netbeans-8.0-javase-windows.exe
2014-04-03 08:54 - 2014-04-03 08:54 - 162675600 _____ (Oracle Corporation) C:\Users\PONGOPETER826\Downloads\jdk-8-windows-x64.exe
2014-04-03 08:51 - 2014-04-03 08:51 - 00000000 ____H () C:\Users\PONGOPETER826\Downloads\url.html_WLYSs_part0.da_
2014-04-02 09:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-02 08:50 - 2010-05-23 19:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-01 14:42 - 2010-05-23 19:29 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 14:42 - 2010-05-23 19:29 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 13:36 - 2014-04-01 13:36 - 65846842 _____ (RailsInstaller Team ) C:\Users\PONGOPETER826\Downloads\railsinstaller-2.2.2.exe
2014-04-01 13:34 - 2014-04-01 13:34 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-01 13:33 - 2014-04-01 13:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-01 13:33 - 2014-02-21 11:57 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-01 13:33 - 2011-04-05 12:13 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-01 13:18 - 2014-04-01 13:16 - 15092388 _____ () C:\Users\PONGOPETER826\Downloads\ruby-2.1.1.tar.gz
2014-03-31 23:12 - 2014-04-21 17:58 - 18134016 _____ (Adobe Systems Inc.) C:\Users\PONGOPETER826\Downloads\AdobeAIRInstaller.exe
2014-03-31 09:35 - 2010-05-14 11:48 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-24 15:40 - 2014-03-24 15:40 - 00000000 ____D () C:\Users\PONGOPETER826\Downloads\Odin_v3.09
2014-03-24 15:39 - 2014-03-17 13:06 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-03-24 15:37 - 2014-03-24 15:37 - 00000000 ____D () C:\Program Files\SAMSUNG

Files to move or delete:
====================
C:\ProgramData\hash.dat


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-05-18 15:32] - [2011-02-25 02:19] - 2388992 ____A (Microsoft Corporation) C9D975C050D804AD315C7E22D7679A5D

C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 12:18

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by PONGOPETER826 at 2014-04-23 09:11:12
Running from C:\Users\PONGOPETER826\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.83 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.83 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{AD72CFB4-C2BF-424E-9DF0-C7BAD1F30A11}) (Version: 11.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.0 - Atheros)
AutoHotkey 1.1.14.03 (HKLM\...\AutoHotkey) (Version: 1.1.14.03 - Lexikos)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Decrap my Computer (HKLM-x32\...\Decrap my Computer) (Version:  - Macecraft Software)
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
Disney Toontown Online (HKLM-x32\...\Disney Toontown Online) (Version:  - Walt Disney Internet Group)
Disney Toontown Online TEST (HKLM-x32\...\Disney Toontown Online_TEST) (Version:  TEST - Walt Disney Internet Group)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Feedback Tool (HKLM-x32\...\{13A5E785-5197-4EAD-8EE3-D660271E49BC}) (Version: 1.2.0 - Microsoft Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.1.2.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Deskjet 2510 series Basic Device Software (HKLM\...\{293CC68A-32BA-4BA4-84BD-0DCF6583566F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Quick Launch Buttons (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.50.16.1 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{17B4760F-334B-475D-829F-1A3E94A6A4E6}) (Version: 1.2.3560.3170 - Hewlett-Packard)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Support Assistant (HKLM-x32\...\{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}) (Version: 6.1.12.1 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HP User Guides 0148 (HKLM-x32\...\{9D3318E1-5A9F-4A95-A7A1-7E045403AE34}) (Version: 1.01.0005 - Hewlett-Packard)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1883 - Intel Corporation)
Java 3D 1.5.1 (HKLM-x32\...\{32A9C5B3-D166-4C6D-A11E-A54473151000}) (Version: 1.5.1 - Sun Microsystems, Inc.)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217055FF}) (Version: 7.0.550 - Oracle)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180000}) (Version: 8.0.0 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
JavaFX 2.0.2 (64-bit) (HKLM\...\{1111706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
JavaFX 2.0.2 SDK (64-bit) (HKLM\...\{2222706F-666A-4037-7777-202648764D10}) (Version: 2.0.2 - Oracle Corporation)
Jewel Quest - Sleepless Star (HKLM-x32\...\{F9F6CF4F-4CA5-498C-AE20-99A0C2B60918}) (Version: 1.00.0000 - Valusoft)
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Kodak AIO Printer (Version: 7.7.2.0 - Eastman Kodak Company) Hidden
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
muvee Reveal (HKLM-x32\...\{DE626616-D7C4-4F00-7E0B-EAF26FA65749}) (Version: 7.0.43.12698 - muvee Technologies Pte Ltd)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Parallel Port Joystick (HKLM-x32\...\Parallel Port Joystick) (Version:  - )
Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version:  - TamaSoftware)
PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1026.0 - Passmark Software)
PowerDirector (x32 Version: 7.0.3311 - CyberLink Corp.) Hidden
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version:  - RealNetworks)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0011 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30104 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Manager (x32 Version: 5.5.2214 - CyberLink Corp.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2200.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
Soluto (HKLM\...\{037C627B-384E-450E-866C-95BAB3CDEA17}) (Version: 1.3.1494.0 - Soluto)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{EFE3D683-903C-4B58-AB8F-C68C69F33758}) (Version: 4.5.3.0 - Husdawg, LLC)
UFRaw 0.19.2 (HKLM-x32\...\UFRaw_is1) (Version:  - Udi Fuchs)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKLM-x32\...\UnityWebPlayer) (Version: 2.5.1f5_24931 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth  (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

==================== Restore Points  =========================

18-04-2014 13:01:31 Windows Update
20-04-2014 12:39:09 Removed Python 2.7.2 (64-bit)
20-04-2014 12:51:59 Windows Update
21-04-2014 23:37:48 Installed Java 8 Update 5 (64-bit)
21-04-2014 23:59:15 Windows Update
22-04-2014 14:29:48 Installed MSXML 4.0 SP3 Parser
22-04-2014 23:21:09 Removed Java 7 Update 55
22-04-2014 23:23:31 Installed Java 7 Update 55
23-04-2014 00:23:20 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2012-03-02 20:17 - 00000954 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1    toybox.garrysmod.com
127.0.0.1    toyboxapi.garrysmod.com


==================== Scheduled Tasks (whitelisted) =============

Task: {08158D86-20EC-49CD-B3C8-5B36B0C5D99A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {2B28EE1F-AA82-406B-BBFB-9F2E87A5DAEA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-21] (Adobe Systems Incorporated)
Task: {2F29B834-1674-44AF-98F4-B84F51488B2E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {324C4FF8-705F-4FDD-957D-1B4CBE6AF150} - System32\Tasks\Google Updater and Installer => C:\Users\PONGOPETER826\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {324FEFD5-4187-4AF2-ABF1-96C0C581BA83} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {35947DE3-F7EA-4095-822D-DAE2D0225A89} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: {3CD9862F-AC94-48B5-909C-5FDC7DAF8668} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {3ED99BC3-41DF-4D22-8A57-6890A86D2732} - System32\Tasks\RMSmartUpdate => C:\Program Files (x86)\Registry Mechanic\update.exe
Task: {49DB09A3-B799-4A80-8AB3-84D4BDEF5621} - System32\Tasks\{51B7A13C-4FC9-4F8B-A12B-4066AEB32D16} => C:\Program Files (x86)\Disney\Disney Online\ToontownOnline_TEST\ToontownLauncher.exe [2011-11-20] (Disney)
Task: {4CFBE9E7-5FB0-4D9F-AA61-6180707BA822} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {654A0E73-98C4-443C-A674-C66CBD965C51} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-09-09] (Hewlett-Packard Company)
Task: {683CFDBB-8A9A-4EB8-B383-6B20FE465D34} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-01] (AVAST Software)
Task: {7D789FEA-1459-403C-9969-8B19FF674613} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: {86403975-2850-489A-83D0-50507538B442} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-23] (Google Inc.)
Task: {8FDB6F9D-D4B2-486A-8BA4-5317BE500976} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance => C:\Program Files (x86)\TuneUp Utilities 2010\OneClick.exe
Task: {925CC8D9-8B16-46CA-9D12-3EA87EBEA8A1} - System32\Tasks\SUPERAntiSpyware Scheduled Task 7db5f7f1-8f26-4335-b017-c4d1c07f32f2 => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: {A6EFE5AD-F014-414F-AEDC-C5F7FA7B5D40} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-09-09] (Hewlett-Packard Company)
Task: {D01521E4-263E-4BCE-BC94-EEF979EBDA7A} - System32\Tasks\RealCreateProcessScheduledTask540949S-1-5-21-2202217186-465167670-3666795026-1001 => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [2012-02-22] (RealNetworks, Inc.)
Task: {DA605CDF-7AE1-4B4E-9F4E-4E770377135F} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {E4368241-219B-4911-BEC1-3595032BB975} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: {F370D62C-1407-42BB-AE35-DA390693CBF5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-05-23] (Google Inc.)
Task: {F7A1DF16-8497-4E5D-B5EA-2DA0B97FC64A} - System32\Tasks\HPCeeScheduleForPONGOPETER826 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {F82DA013-A90B-4BCE-AC1A-6BE197806530} - System32\Tasks\SUPERAntiSpyware Scheduled Task 08ed1a8a-0da8-45eb-9da8-484c1e5b5a3e => C:\Program Files\SUPERAntiSpyware\SASTask.exe
Task: {FF1BAC70-8D75-4930-885F-06B862E06528} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-12-15] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForPONGOPETER826.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 08ed1a8a-0da8-45eb-9da8-484c1e5b5a3e.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7db5f7f1-8f26-4335-b017-c4d1c07f32f2.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Loaded Modules (whitelisted) =============

2009-11-06 23:31 - 2009-07-06 15:20 - 00247152 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-02-19 11:19 - 2014-02-19 11:19 - 03672064 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGPreCompiled\a568bcbc3f03090813d1338635ee29ef\PCGPreCompiled.ni.dll
2014-02-19 11:19 - 2014-02-19 11:19 - 00267264 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\PCGAppControlPlugin#\f5bee53ddbcdc57d61ef82dbb4627072\PCGAppControlPluginLoader.ni.dll
2014-02-19 11:20 - 2014-02-19 11:20 - 00068096 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\SignalRWrapper\601a6f0e1fdf662c61c25ba3d4533771\SignalRWrapper.ni.dll
2013-11-14 15:26 - 2013-11-14 15:26 - 00090688 _____ () C:\Program Files\Soluto\PCGDllExportInspector.dll
2014-04-22 17:47 - 2014-04-22 17:47 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14042201\algo.dll
2014-04-23 09:01 - 2014-04-23 09:01 - 02215936 _____ () C:\Program Files\AVAST Software\Avast\defs\14042300\algo.dll
2014-03-08 22:09 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-03-08 22:09 - 2013-05-16 11:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-03-08 22:09 - 2013-05-16 11:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-03-08 22:09 - 2013-05-16 11:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-03-08 22:09 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-02-18 18:07 - 2014-02-18 18:07 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-04-03 18:43 - 2014-03-15 04:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:05EE8DE8
AlternateDataStreams: C:\ProgramData\Temp:09B199F1
AlternateDataStreams: C:\ProgramData\Temp:0A0A1797
AlternateDataStreams: C:\ProgramData\Temp:132714FA
AlternateDataStreams: C:\ProgramData\Temp:20240A47
AlternateDataStreams: C:\ProgramData\Temp:2193C133
AlternateDataStreams: C:\ProgramData\Temp:274DA7BC
AlternateDataStreams: C:\ProgramData\Temp:2BFC67DE
AlternateDataStreams: C:\ProgramData\Temp:331AD5E9
AlternateDataStreams: C:\ProgramData\Temp:3CA557DB
AlternateDataStreams: C:\ProgramData\Temp:404800E7
AlternateDataStreams: C:\ProgramData\Temp:4628B1B9
AlternateDataStreams: C:\ProgramData\Temp:48070A48
AlternateDataStreams: C:\ProgramData\Temp:4A0AB074
AlternateDataStreams: C:\ProgramData\Temp:522EA216
AlternateDataStreams: C:\ProgramData\Temp:579740A4
AlternateDataStreams: C:\ProgramData\Temp:5C5A503E
AlternateDataStreams: C:\ProgramData\Temp:5DDFD9FA
AlternateDataStreams: C:\ProgramData\Temp:674F96B4
AlternateDataStreams: C:\ProgramData\Temp:68C4AA66
AlternateDataStreams: C:\ProgramData\Temp:6AF6F459
AlternateDataStreams: C:\ProgramData\Temp:6C9F5E5E
AlternateDataStreams: C:\ProgramData\Temp:70DA7E92
AlternateDataStreams: C:\ProgramData\Temp:70E897B5
AlternateDataStreams: C:\ProgramData\Temp:82C71F83
AlternateDataStreams: C:\ProgramData\Temp:89C6F032
AlternateDataStreams: C:\ProgramData\Temp:91730504
AlternateDataStreams: C:\ProgramData\Temp:98F0614F
AlternateDataStreams: C:\ProgramData\Temp:9B7E8561
AlternateDataStreams: C:\ProgramData\Temp:A3750BE5
AlternateDataStreams: C:\ProgramData\Temp:A53A1041
AlternateDataStreams: C:\ProgramData\Temp:A688EF17
AlternateDataStreams: C:\ProgramData\Temp:BD5011D7
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:D38415F0
AlternateDataStreams: C:\ProgramData\Temp:D6C31E03
AlternateDataStreams: C:\ProgramData\Temp:D82A9FCF
AlternateDataStreams: C:\ProgramData\Temp:E73B14E2
AlternateDataStreams: C:\ProgramData\Temp:EC885335
AlternateDataStreams: C:\ProgramData\Temp:F3AB0B43
AlternateDataStreams: C:\ProgramData\Temp:F3F95A98

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SolutoService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PictureMover.lnk => C:\Windows\pss\PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^PONGOPETER826^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^TTWebInfo_Autostart.lnk => C:\Windows\pss\TTWebInfo_Autostart.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: FileServe Manager Task => "C:\Program Files (x86)\FileServe Manager\FSStarter.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/23/2014 08:59:06 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0

Error: (04/23/2014 08:59:06 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0

Error: (04/23/2014 08:59:06 AM) (Source: Microsoft-Windows-EapHost) (User: NT AUTHORITY)
Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0

Error: (04/22/2014 06:22:58 PM) (Source: Application Error) (User: )
Description: Faulting application name: chrome.exe, version: 34.0.1847.116, time stamp: 0x533b63bd
Faulting module name: npDownloadAll.dll_unloaded, version: 0.0.0.0, time stamp: 0x525491b2
Exception code: 0xc0000005
Fault offset: 0x64221f1b
Faulting process id: 0xce4
Faulting application start time: 0xchrome.exe0
Faulting application path: chrome.exe1
Faulting module path: chrome.exe2
Report Id: chrome.exe3

Error: (04/22/2014 04:13:27 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'

Error: (04/22/2014 03:38:33 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'

Error: (04/22/2014 03:04:06 PM) (Source: Application Hang) (User: )
Description: The program psi.exe version 3.0.0.9016 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1388

Start Time: 01cf5e5d84fe438b

Termination Time: 15

Application Path: C:\Program Files (x86)\Secunia\PSI\psi.exe

Report Id: decfb785-ca50-11e3-bf08-00027220892b

Error: (04/22/2014 03:03:15 PM) (Source: Application Hang) (User: )
Description: The program psi.exe version 3.0.0.9016 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 13c8

Start Time: 01cf5e5d4e1c8a63

Termination Time: 12

Application Path: C:\Program Files (x86)\Secunia\PSI\psi.exe

Report Id: c0b2d744-ca50-11e3-bf08-00027220892b

Error: (04/22/2014 10:21:04 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: Unexpected or missing value (name: 'PackageName', value: '') in key 'HKLM\Software\Classes\Installer\Products\D139E7FE48CDB174D86B8A3385904547\SourceList'

Error: (04/22/2014 09:57:50 AM) (Source: Application Error) (User: )
Description: Faulting application name: PSIA.exe, version: 3.0.0.9016, time stamp: 0x52a1d50f
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000005
Fault offset: 0x000332b0
Faulting process id: 0xc4
Faulting application start time: 0xPSIA.exe0
Faulting application path: PSIA.exe1
Faulting module path: PSIA.exe2
Report Id: PSIA.exe3


System errors:
=============
Error: (04/23/2014 09:01:34 AM) (Source: Service Control Manager) (User: )
Description: The Soluto service failed to start due to the following error:
%%31

Error: (04/23/2014 09:01:34 AM) (Source: Service Control Manager) (User: )
Description: The Soluto service failed to start due to the following error:
%%31

Error: (04/23/2014 09:00:46 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (04/23/2014 08:59:46 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd
Soluto

Error: (04/23/2014 08:59:14 AM) (Source: Service Control Manager) (User: )
Description: The Kodak AiO Network Discovery Service service failed to start due to the following error:
%%2

Error: (04/23/2014 08:59:08 AM) (Source: Service Control Manager) (User: )
Description: The avast! Firewall service failed to start due to the following error:
%%1053

Error: (04/23/2014 08:59:08 AM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the avast! Firewall service to connect.

Error: (04/22/2014 09:49:43 AM) (Source: Service Control Manager) (User: )
Description: The Soluto service failed to start due to the following error:
%%31

Error: (04/22/2014 09:49:43 AM) (Source: Service Control Manager) (User: )
Description: The Soluto service failed to start due to the following error:
%%31

Error: (04/22/2014 09:43:29 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswKbd
Soluto


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-02-18 15:27:59.747
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-02-18 15:27:59.513
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-29 09:06:23.424
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-29 09:06:23.190
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 08:51:47.168
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-28 08:51:46.934
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-27 09:05:50.324
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-27 09:05:50.090
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-26 09:54:56.903
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-26 09:54:56.669
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\pspdisp_x64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 

Link to post
Share on other sites

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-2.0.0.1000.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

fixlist.txt

Link to post
Share on other sites

Here is what you requested.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-04-2014
Ran by PONGOPETER826 at 2014-04-23 11:07:30 Run:1
Running from C:\Users\PONGOPETER826\Downloads\FRST64
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AlternateDataStreams: C:\ProgramData\Temp:05EE8DE8
AlternateDataStreams: C:\ProgramData\Temp:09B199F1
AlternateDataStreams: C:\ProgramData\Temp:0A0A1797
AlternateDataStreams: C:\ProgramData\Temp:132714FA
AlternateDataStreams: C:\ProgramData\Temp:20240A47
AlternateDataStreams: C:\ProgramData\Temp:2193C133
AlternateDataStreams: C:\ProgramData\Temp:274DA7BC
AlternateDataStreams: C:\ProgramData\Temp:2BFC67DE
AlternateDataStreams: C:\ProgramData\Temp:331AD5E9
AlternateDataStreams: C:\ProgramData\Temp:3CA557DB
AlternateDataStreams: C:\ProgramData\Temp:404800E7
AlternateDataStreams: C:\ProgramData\Temp:4628B1B9
AlternateDataStreams: C:\ProgramData\Temp:48070A48
AlternateDataStreams: C:\ProgramData\Temp:4A0AB074
AlternateDataStreams: C:\ProgramData\Temp:522EA216
AlternateDataStreams: C:\ProgramData\Temp:579740A4
AlternateDataStreams: C:\ProgramData\Temp:5C5A503E
AlternateDataStreams: C:\ProgramData\Temp:5DDFD9FA
AlternateDataStreams: C:\ProgramData\Temp:674F96B4
AlternateDataStreams: C:\ProgramData\Temp:68C4AA66
AlternateDataStreams: C:\ProgramData\Temp:6AF6F459
AlternateDataStreams: C:\ProgramData\Temp:6C9F5E5E
AlternateDataStreams: C:\ProgramData\Temp:70DA7E92
AlternateDataStreams: C:\ProgramData\Temp:70E897B5
AlternateDataStreams: C:\ProgramData\Temp:82C71F83
AlternateDataStreams: C:\ProgramData\Temp:89C6F032
AlternateDataStreams: C:\ProgramData\Temp:91730504
AlternateDataStreams: C:\ProgramData\Temp:98F0614F
AlternateDataStreams: C:\ProgramData\Temp:9B7E8561
AlternateDataStreams: C:\ProgramData\Temp:A3750BE5
AlternateDataStreams: C:\ProgramData\Temp:A53A1041
AlternateDataStreams: C:\ProgramData\Temp:A688EF17
AlternateDataStreams: C:\ProgramData\Temp:BD5011D7
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
AlternateDataStreams: C:\ProgramData\Temp:D38415F0
AlternateDataStreams: C:\ProgramData\Temp:D6C31E03
AlternateDataStreams: C:\ProgramData\Temp:D82A9FCF
AlternateDataStreams: C:\ProgramData\Temp:E73B14E2
AlternateDataStreams: C:\ProgramData\Temp:EC885335
AlternateDataStreams: C:\ProgramData\Temp:F3AB0B43
AlternateDataStreams: C:\ProgramData\Temp:F3F95A98
CHR HKLM-x32\...\Chrome\Extension: [mhfdcmehmjcclgopdodkjdicohagipid] - C:\Users\PONGOP~1\AppData\Local\Temp\crxDE88.tmp [2012-02-22]
CHR HKLM-x32\...\Chrome\Extension: [gclijllifhfpomppedeljakfegbcpojn] - C:\Users\PONGOP~1\AppData\Local\Temp\ccex.crx [2014-02-18]
FF HKLM-x32\...\Firefox\Extensions: [{6E19037A-12E3-4295-8915-ED48BC341614}] - C:\Program Files (x86)\PremierOpinion
Toolbar: HKLM-x32 - No Name - {37483b40-c254-4a72-bda4-22ee90182c1e} -  No File
Toolbar: HKCU - No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {88C7F2AA-F93F-432C-8F0E-B7D85967A527} -  No File
Toolbar: HKCU - No Name - {37483B40-C254-4A72-BDA4-22EE90182C1E} -  No File
URLSearchHook: HKLM-x32 - (No Name) - {37483b40-c254-4a72-bda4-22ee90182c1e} - No File
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect...edir=843&query={SearchTerms}&invocationType=tb50-ie-aolmailtb-chromesbox-en-us
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...ultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2438727
SearchScopes: HKLM-x32 - {B1AD398A-BCCC-4F7A-9C64-83B6DDC5E346} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
BHO: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  No File

S3 X6va005; \??\C:\Users\PONGOP~1\AppData\Local\Temp\0054EAB.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]

C:\ProgramData\hash.dat
C:\Program Files (x86)\PremierOpinion
*****************

C:\ProgramData\Temp => ":05EE8DE8" ADS removed successfully.
C:\ProgramData\Temp => ":09B199F1" ADS removed successfully.
C:\ProgramData\Temp => ":0A0A1797" ADS removed successfully.
C:\ProgramData\Temp => ":132714FA" ADS removed successfully.
C:\ProgramData\Temp => ":20240A47" ADS removed successfully.
C:\ProgramData\Temp => ":2193C133" ADS removed successfully.
C:\ProgramData\Temp => ":274DA7BC" ADS removed successfully.
C:\ProgramData\Temp => ":2BFC67DE" ADS removed successfully.
C:\ProgramData\Temp => ":331AD5E9" ADS removed successfully.
C:\ProgramData\Temp => ":3CA557DB" ADS removed successfully.
C:\ProgramData\Temp => ":404800E7" ADS removed successfully.
C:\ProgramData\Temp => ":4628B1B9" ADS removed successfully.
C:\ProgramData\Temp => ":48070A48" ADS removed successfully.
C:\ProgramData\Temp => ":4A0AB074" ADS removed successfully.
C:\ProgramData\Temp => ":522EA216" ADS removed successfully.
C:\ProgramData\Temp => ":579740A4" ADS removed successfully.
C:\ProgramData\Temp => ":5C5A503E" ADS removed successfully.
C:\ProgramData\Temp => ":5DDFD9FA" ADS removed successfully.
C:\ProgramData\Temp => ":674F96B4" ADS removed successfully.
C:\ProgramData\Temp => ":68C4AA66" ADS removed successfully.
C:\ProgramData\Temp => ":6AF6F459" ADS removed successfully.
C:\ProgramData\Temp => ":6C9F5E5E" ADS removed successfully.
C:\ProgramData\Temp => ":70DA7E92" ADS removed successfully.
C:\ProgramData\Temp => ":70E897B5" ADS removed successfully.
C:\ProgramData\Temp => ":82C71F83" ADS removed successfully.
C:\ProgramData\Temp => ":89C6F032" ADS removed successfully.
C:\ProgramData\Temp => ":91730504" ADS removed successfully.
C:\ProgramData\Temp => ":98F0614F" ADS removed successfully.
C:\ProgramData\Temp => ":9B7E8561" ADS removed successfully.
C:\ProgramData\Temp => ":A3750BE5" ADS removed successfully.
C:\ProgramData\Temp => ":A53A1041" ADS removed successfully.
C:\ProgramData\Temp => ":A688EF17" ADS removed successfully.
C:\ProgramData\Temp => ":BD5011D7" ADS removed successfully.
C:\ProgramData\Temp => ":D1B5B4F1" ADS removed successfully.
C:\ProgramData\Temp => ":D38415F0" ADS removed successfully.
C:\ProgramData\Temp => ":D6C31E03" ADS removed successfully.
C:\ProgramData\Temp => ":D82A9FCF" ADS removed successfully.
C:\ProgramData\Temp => ":E73B14E2" ADS removed successfully.
C:\ProgramData\Temp => ":EC885335" ADS removed successfully.
C:\ProgramData\Temp => ":F3AB0B43" ADS removed successfully.
C:\ProgramData\Temp => ":F3F95A98" ADS removed successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid => Key deleted successfully.
"C:\Users\PONGOP~1\AppData\Local\Temp\crxDE88.tmp" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gclijllifhfpomppedeljakfegbcpojn => Key deleted successfully.
"C:\Users\PONGOP~1\AppData\Local\Temp\ccex.crx" => File/Directory not found.
HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\{6E19037A-12E3-4295-8915-ED48BC341614} => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{37483b40-c254-4a72-bda4-22ee90182c1e} => Value deleted successfully.
HKCR\Wow6432Node\CLSID\{37483b40-c254-4a72-bda4-22ee90182c1e} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Value deleted successfully.
HKCR\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Value deleted successfully.
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => Value deleted successfully.
HKCR\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Value deleted successfully.
HKCR\CLSID\{88C7F2AA-F93F-432C-8F0E-B7D85967A527} => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{37483B40-C254-4A72-BDA4-22EE90182C1E} => Value deleted successfully.
HKCR\CLSID\{37483B40-C254-4A72-BDA4-22EE90182C1E} => Key deleted successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\\{37483b40-c254-4a72-bda4-22ee90182c1e} => Value deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b} => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B1AD398A-BCCC-4F7A-9C64-83B6DDC5E346} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{B1AD398A-BCCC-4F7A-9C64-83B6DDC5E346} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key deleted successfully.
HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} => Key deleted successfully.
X6va005 => Service deleted successfully.
X6va008 => Service deleted successfully.
C:\ProgramData\hash.dat => Moved successfully.
"C:\Program Files (x86)\PremierOpinion" => File/Directory not found.

==== End of Fixlog ====

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/23/2014
Scan Time: 11:23:48 AM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.23.06
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: PONGOPETER826

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 268265
Time Elapsed: 13 min, 8 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

Looks good!

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

here are the results.

# AdwCleaner v3.202 - Report created 25/04/2014 at 08:16:20
# Updated 23/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : PONGOPETER826 - PITZULO
# Running from : C:\Users\PONGOPETER826\Downloads\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Trymedia
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Folder Deleted : C:\Program Files (x86)\myfree codec
Folder Deleted : C:\Program Files (x86)\Trymedia
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\PONGOPETER826\AppData\LocalLow\NCH_EN
Folder Deleted : C:\Users\PONGOPETER826\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\PONGOPETER826\AppData\Roaming\ParetoLogic
File Deleted : C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\searchplugins\bingp.xml
File Deleted : C:\Windows\Tasks\paretologic registration3.job
File Deleted : C:\Windows\System32\Tasks\paretologic registration3
File Deleted : C:\Windows\Tasks\paretologic update version3.job
File Deleted : C:\Windows\System32\Tasks\paretologic update version3

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2790392
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2801948
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_cheat-engine_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_cheat-engine_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10E9E863-3913-40D0-903D-D46DEB18C982}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{125B7A09-B405-46FB-95FB-96CF6B72992D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F9AF7E3-3853-473F-A49B-E470A3A41501}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DADF82FD-0783-4CA9-98AA-615F657A2A9E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483B40-C254-4A72-BDA4-22EE90182C1E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{125B7A09-B405-46FB-95FB-96CF6B72992D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{688E44F2-1BAB-46A5-8E0A-C7AD13D2D5A0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{595D0165-48D2-4BED-BFE6-E479ED6984C7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\NCH_EN
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\NCH_EN
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [6020 octets] - [25/04/2014 08:12:48]
AdwCleaner[s0].txt - [5862 octets] - [25/04/2014 08:16:20]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5922 octets] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by PONGOPETER826 on Fri 04/25/2014 at  8:23:18.66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\big fish games"
Successfully deleted: [Folder] "C:\Users\PONGOPETER826\AppData\Roaming\big fish games"
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{29196B27-A3A5-46DA-83A4-E61394FF6E6C}
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{2E8E6EBD-9A3A-4DA8-9AEA-19492B63810A}
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{8AE5472E-7D3A-440C-A525-41CAC22075D4}
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{A05AD33B-DE65-43F9-BE54-C1C525DCC787}
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{A7314AE3-BEAB-4D35-9ED1-B8BF90657801}
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{CDF3D1D1-6875-4B2E-8AD6-A8BCC4F82EB6}
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{D5D3EC04-4591-455E-B49C-8BEB1589F561}
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{E36143BB-9399-43A2-B14F-B5562035FFCF}
Successfully deleted: [Empty Folder] C:\Users\PONGOPETER826\appdata\local\{F7A8F9D6-9D3D-4C6D-BF09-BF77C5EB413D}



~~~ FireFox

Emptied folder: C:\Users\PONGOPETER826\AppData\Roaming\mozilla\firefox\profiles\5wy3djdc.default\minidumps [4 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 04/25/2014 at  8:40:12.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is disabled!)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 Java 7 Update 55  
 Java 3D 1.5.1   
 Adobe Flash Player 13.0.0.182  
 Adobe Reader XI  
 Mozilla Firefox (28.0)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Spybot Teatimer.exe is disabled!
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````
 

Link to post
Share on other sites

done.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-04-2014 03
Ran by PONGOPETER826 (administrator) on PITZULO on 26-04-2014 09:55:19
Running from C:\Users\PONGOPETER826\Downloads\FRST64
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Soluto) C:\Program Files\Soluto\SolutoLauncherService.exe
(Soluto) C:\Program Files\Soluto\SolutoService.exe
(Soluto) C:\ProgramData\Soluto\Update\SolutoUpdateService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Soluto) c:\program files\soluto\soluto.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(GlavSoft LLC.) C:\Program Files\Soluto\SolutoRemoteService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-07-01] (IDT, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [sunJavaUpdateSched] => "C:\Program Files\Java\jre7\bin\jusched.exe"
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-01] (AVAST Software)
HKLM-x32\...\Run: [sDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKLM\...\Winlogon: [userinit] c:\windows\system32\userinit.exe,c:\program files\soluto\soluto.exe /userinit,
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\.DEFAULT\...\RunOnce: [KodakHomeCenter] - "C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe"
HKU\S-1-5-21-2202217186-465167670-3666795026-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2202217186-465167670-3666795026-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x26F771E5F02CCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.bing.com
SearchScopes: HKCU - {52653F33-0E86-4420-B2A3-F4D477A70367} URL = https://www.google.com/search?q={searchTerms}
BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: FileServeManager - {00000001-AB3B-4334-9DA2-EC6B2A02AFC6} -  No File
BHO-x32: No Name - {0347C33E-8762-4905-BF09-768834316C61} -  No File
BHO-x32: No Name - {3049C3E9-B461-4BC5-8870-4C09146192CA} -  No File
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name - {9030D464-4C02-4ABF-8ECC-5164760863C6} -  No File
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -  No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {1D082E71-DF20-4AAF-863B-596428C49874} http://www.worldwinner.com/games/v50/tpir/tpir.cab
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {352797A0-EFD0-4FA6-B229-145120EA4B8A} https://disneyblast.go.com/v3/setup/activex/DIGHardwareControl.cab
DPF: HKLM-x32 {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} http://www.worldwinner.com/games/shared/wwlaunch.cab
DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.22.01.0/iewwload.cab
DPF: HKLM-x32 {924B4927-D3BA-41EA-9F7E-8A89194AB3AC} http://panda-plugin.disney.go.com/plugin/win32/p3dactivex.cab
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
DPF: HKLM-x32 {C49134CC-B5EF-458C-A442-E8DFE7B4645F} http://www.yoyogames.com/plugins/activex/YoYo.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: HKLM-x32 {FF791555-FDAC-43AB-B792-389E4CC0A6E5} http://download.test.toontown.com/sv1.0.40.10.test/tt_test.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF ProfilePath: C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default
FF SearchEngineOrder.3: Bing
FF Homepage: www.google.com

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @unity3d.com/UnityPlayer - C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\etslngn2.default\extensions\{000F1EA4-5E08-4564-A29B-29076F63A37A}\plugins\npsoe.dll No File
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\PONGOPETER826\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\searchplugins\swagbucks.xml
FF Extension: Click&Clean - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\clickclean@hotcleaner.com [2014-02-20]
FF Extension: WOT - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-04-05]
FF Extension: S3.Google Translator - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\s3google@translator.xpi [2014-02-20]
FF Extension: Swagbucks Extension - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\shopearn@prodege.com.xpi [2014-04-20]
FF Extension: Adblock Plus - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-20]
FF Extension: DownThemAll! - C:\Users\PONGOPETER826\AppData\Roaming\Mozilla\Firefox\Profiles\5wy3djdc.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2014-02-20]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-05-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-02-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-18]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-05-14]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-01] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-03-08] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [583640 2010-08-05] (PC Tools)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [247152 2009-07-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 SolutoLauncherService; C:\Program Files\Soluto\SolutoLauncherService.exe [182848 2013-11-14] (Soluto)
R3 SolutoRemoteService; C:\Program Files\Soluto\SolutoRemoteService.exe [1942016 2013-11-14] (GlavSoft LLC.)
R2 SolutoUpdate; C:\ProgramData\Soluto\Update\SolutoUpdateService.exe [138768 2012-08-28] (Soluto)
S2 Kodak AiO Network Discovery Service; C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe [X]
S2 Kodak AiO Status Monitor Service; "C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe" [X]
S2 LightScribeService; "C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-01] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-01] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-01] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-01] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-01] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-01] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-01] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2009-12-18] ()
S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [25704 2012-08-13] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 pspdisp; C:\Windows\System32\DRIVERS\pspdisp_x64.sys [4608 2011-01-18] (JJS)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-02] (Realtek Semiconductor Corp.)
S1 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S1 aswKbd; \??\C:\Windows\system32\drivers\aswKbd.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
R3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
U4 eabfiltr;
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 vproiah; system32\DRIVERS\vproiah.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-26 08:29 - 2014-04-26 08:29 - 00000056 _____ () C:\Windows\setupact.log
2014-04-26 08:29 - 2014-04-26 08:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-25 09:39 - 2014-04-25 09:39 - 00013374 _____ () C:\Users\PONGOPETER826\Desktop\CCleaner.exe - Shortcut.lnk
2014-04-25 08:40 - 2014-04-25 08:40 - 00002390 _____ () C:\Users\PONGOPETER826\Desktop\JRT.txt
2014-04-25 08:23 - 2014-04-25 08:23 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 08:20 - 2014-04-06 02:36 - 01016261 _____ (Thisisu) C:\Users\PONGOPETER826\Downloads\JRT.exe
2014-04-25 08:12 - 2014-04-25 08:16 - 00000000 ____D () C:\AdwCleaner
2014-04-25 08:12 - 2014-04-25 08:12 - 01365865 _____ () C:\Users\PONGOPETER826\Downloads\adwcleaner.exe
2014-04-24 13:50 - 2014-04-24 13:50 - 00000817 _____ () C:\Users\Public\Desktop\Play Pirate101.lnk
2014-04-24 13:50 - 2014-04-24 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingsIsle Entertainment
2014-04-24 13:50 - 2014-04-24 13:50 - 00000000 ____D () C:\ProgramData\KingsIsle Entertainment
2014-04-24 13:48 - 2014-03-05 05:05 - 07394176 _____ (Acresso Software Inc.) C:\Users\PONGOPETER826\Downloads\InstallPirate101.exe
2014-04-24 13:44 - 2014-04-24 13:44 - 00000261 _____ () C:\Users\PONGOPETER826\Downloads\results.txt
2014-04-24 08:45 - 2014-04-24 08:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-24 08:45 - 2013-04-04 08:07 - 02347384 _____ (ESET) C:\Users\PONGOPETER826\Downloads\esetsmartinstaller_enu.exe
2014-04-23 11:06 - 2014-04-26 09:55 - 00000000 ____D () C:\Users\PONGOPETER826\Downloads\FRST64
2014-04-23 09:15 - 2014-04-22 01:33 - 04142142 _____ () C:\Users\PONGOPETER826\Downloads\tdsskiller.zip
2014-04-23 09:11 - 2014-04-23 09:13 - 00042052 _____ () C:\Users\PONGOPETER826\Downloads\Addition.txt
2014-04-23 09:09 - 2014-04-26 09:55 - 00000000 ____D () C:\FRST
2014-04-23 09:09 - 2014-04-23 09:12 - 00055596 _____ () C:\Users\PONGOPETER826\Downloads\FRST.txt
2014-04-22 19:24 - 2014-04-22 19:24 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-22 19:24 - 2014-04-22 19:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-22 19:24 - 2014-04-22 19:23 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-22 19:24 - 2014-04-22 19:23 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-22 19:24 - 2014-04-22 19:23 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-22 19:18 - 2014-04-22 19:18 - 00921512 _____ (Oracle Corporation) C:\Users\PONGOPETER826\Downloads\chromeinstall-7u55.exe
2014-04-22 19:01 - 2014-04-22 19:01 - 00002017 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-04-22 19:01 - 2014-04-22 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-04-22 18:58 - 2014-04-22 19:06 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-04-22 18:55 - 2014-04-22 18:55 - 93596032 _____ () C:\Users\PONGOPETER826\Downloads\netbeans-8.0-javase-windows(0).exe
2014-04-22 18:47 - 2014-04-22 18:47 - 00008536 _____ () C:\Users\PONGOPETER826\Documents\doc.txt
2014-04-22 18:23 - 2014-04-22 18:23 - 00000000 __SHD () C:\Users\PONGOPETER826\AppData\Local\EmieUserList
2014-04-22 18:23 - 2014-04-22 18:23 - 00000000 __SHD () C:\Users\PONGOPETER826\AppData\Local\EmieSiteList
2014-04-22 15:41 - 2011-03-30 14:35 - 00292184 _____ (Microsoft Corporation) C:\Users\PONGOPETER826\Downloads\dxwebsetup.exe
2014-04-22 15:40 - 2014-04-22 15:40 - 00000000 ____D () C:\Users\PONGOPETER826\Downloads\CubeDemo
2014-04-22 15:39 - 2013-07-02 09:28 - 03216358 _____ () C:\Users\PONGOPETER826\Downloads\CubeDemo.zip
2014-04-22 11:00 - 2014-04-22 11:29 - 00000000 ____D () C:\Program Files (x86)\cache
2014-04-22 10:54 - 2014-04-22 11:26 - 00000000 ____D () C:\Program Files (x86)\modpacks
2014-04-22 10:49 - 2014-04-22 11:03 - 00000000 ____D () C:\Program Files (x86)\assets
2014-04-22 10:48 - 2014-04-22 10:49 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\.technic
2014-04-22 10:37 - 2014-04-22 10:37 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\java
2014-04-22 10:36 - 2014-04-22 10:36 - 00675988 _____ () C:\Users\PONGOPETER826\Downloads\Minecraft.exe
2014-04-22 10:31 - 2009-01-22 08:40 - 02434048 _____ () C:\Users\PONGOPETER826\Downloads\msxml_001.msi
2014-04-22 10:29 - 2009-01-22 08:40 - 02434048 _____ () C:\Users\PONGOPETER826\Downloads\msxml.msi
2014-04-22 10:28 - 2014-04-05 22:03 - 02346942 _____ () C:\Users\PONGOPETER826\Downloads\TechnicLauncher.exe
2014-04-22 10:22 - 2014-04-21 19:39 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-22 10:22 - 2014-04-21 19:39 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-22 10:22 - 2014-04-21 19:39 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-21 21:09 - 2014-04-26 09:45 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-21 21:07 - 2014-04-21 21:07 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-21 21:07 - 2014-04-21 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-21 21:07 - 2014-04-21 21:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-21 21:07 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-21 21:03 - 2014-04-04 19:43 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\PONGOPETER826\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-21 18:44 - 2014-04-21 18:44 - 04162400 _____ (Kaspersky Lab ZAO) C:\Users\PONGOPETER826\Desktop\TDSSKiller.exe
2014-04-21 17:59 - 2014-04-21 17:59 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-04-21 17:59 - 2014-04-21 17:59 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-04-21 17:58 - 2014-03-31 23:12 - 18134016 _____ (Adobe Systems Inc.) C:\Users\PONGOPETER826\Downloads\AdobeAIRInstaller.exe
2014-04-21 17:55 - 2014-01-08 22:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-21 17:55 - 2014-01-03 18:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-20 09:15 - 2014-04-20 09:15 - 05329480 _____ (Secunia) C:\Users\PONGOPETER826\Downloads\PSISetup(0).exe
2014-04-20 09:14 - 2014-04-20 09:14 - 00000000 ___RD () C:\Users\PONGOPETER826\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-20 09:08 - 2014-04-20 09:08 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\Secunia PSI
2014-04-20 09:08 - 2014-04-20 09:08 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-20 08:57 - 2013-10-01 22:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-04-20 08:57 - 2013-10-01 22:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-04-20 08:57 - 2013-10-01 22:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-04-20 08:57 - 2013-10-01 21:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-04-20 08:57 - 2013-10-01 21:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-04-20 08:57 - 2013-10-01 21:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-04-20 08:57 - 2013-10-01 21:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-04-20 08:57 - 2013-10-01 20:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-04-20 08:57 - 2013-10-01 20:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-04-20 08:57 - 2013-10-01 20:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-04-20 08:57 - 2013-10-01 20:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-04-20 08:57 - 2013-10-01 20:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-04-20 08:57 - 2013-10-01 19:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-04-20 08:57 - 2013-10-01 19:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-04-20 08:57 - 2013-10-01 19:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-04-20 08:57 - 2013-10-01 18:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-04-20 08:56 - 2014-03-06 06:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-20 08:56 - 2014-03-06 05:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 08:56 - 2014-03-06 05:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-20 08:56 - 2014-03-06 04:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-20 08:56 - 2014-03-06 04:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-20 08:56 - 2014-03-06 04:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-20 08:56 - 2014-03-06 04:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-20 08:56 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 08:56 - 2014-03-06 04:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-20 08:56 - 2014-03-06 04:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-20 08:56 - 2014-03-06 04:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-20 08:56 - 2014-03-06 04:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-20 08:56 - 2014-03-06 04:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-20 08:56 - 2014-03-06 04:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-20 08:56 - 2014-03-06 04:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-20 08:56 - 2014-03-06 03:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-20 08:56 - 2014-03-06 03:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-20 08:56 - 2014-03-06 03:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-20 08:56 - 2014-03-06 03:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-20 08:56 - 2014-03-06 03:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-20 08:56 - 2014-03-06 03:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-20 08:56 - 2014-03-06 03:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-20 08:56 - 2014-03-06 03:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-20 08:56 - 2014-03-06 03:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-20 08:56 - 2014-03-06 03:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 08:56 - 2014-03-06 03:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-20 08:56 - 2014-03-06 03:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-20 08:56 - 2014-03-06 02:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-20 08:55 - 2014-03-06 05:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-20 08:55 - 2014-03-06 04:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-20 08:55 - 2014-03-06 04:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-20 08:55 - 2014-03-06 04:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-20 08:55 - 2014-03-06 04:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-20 08:55 - 2014-03-06 04:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-20 08:55 - 2014-03-06 04:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-20 08:55 - 2014-03-06 03:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-20 08:55 - 2014-03-06 03:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-20 08:55 - 2014-03-06 03:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-20 08:55 - 2014-03-06 03:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-20 08:55 - 2014-03-06 02:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-20 08:55 - 2014-03-06 02:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-20 08:55 - 2014-03-06 02:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-20 08:55 - 2014-03-06 02:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-20 08:55 - 2014-03-06 01:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-20 08:55 - 2014-03-06 01:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-20 08:55 - 2014-03-06 01:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-20 08:55 - 2014-03-06 01:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-20 08:55 - 2014-03-06 01:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-20 08:55 - 2012-08-23 10:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-04-20 08:55 - 2012-08-23 10:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-04-20 08:55 - 2012-08-23 09:24 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-04-20 08:55 - 2012-08-23 07:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-04-20 08:55 - 2012-08-23 06:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-04-20 08:55 - 2012-08-23 05:51 - 03174912 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-04-20 08:54 - 2014-04-20 08:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-04-20 08:51 - 2013-09-24 22:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-04-20 08:51 - 2013-09-24 21:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-04-20 08:51 - 2012-05-04 07:00 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-04-20 08:51 - 2012-05-04 05:59 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-04-19 19:25 - 2014-04-22 09:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-18 09:35 - 2014-04-18 09:37 - 00002030 _____ () C:\Users\PONGOPETER826\Desktop\SndVol.exe.lnk
2014-04-18 09:28 - 2014-04-18 09:28 - 00003310 _____ () C:\Users\PONGOPETER826\Documents\volume.ahk
2014-04-18 09:19 - 2014-04-18 09:26 - 00000054 _____ () C:\Users\PONGOPETER826\Documents\.ahk
2014-04-18 09:11 - 2014-04-18 09:11 - 00012739 _____ () C:\Users\PONGOPETER826\Downloads\VA-2.3.zip
2014-04-18 09:09 - 2014-04-18 09:09 - 00001351 _____ () C:\Users\PONGOPETER826\Documents\AutoHotkey.ahk
2014-04-18 09:08 - 2014-04-23 15:39 - 00000000 ____D () C:\Program Files\AutoHotkey
2014-04-18 09:07 - 2014-04-18 09:07 - 02654812 _____ () C:\Users\PONGOPETER826\Downloads\AutoHotkey111403_Install.exe
2014-04-15 21:30 - 2014-04-15 21:53 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-15 21:27 - 2014-04-15 21:53 - 00000000 ____D () C:\Users\PONGOPETER826\Desktop\mbar
2014-04-15 21:27 - 2014-04-15 21:27 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PONGOPETER826\Downloads\mbar-1.07.0.1009.exe
2014-04-15 21:27 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-14 11:42 - 2014-03-04 05:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-14 11:42 - 2014-03-04 05:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-14 11:42 - 2014-03-04 05:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-14 11:42 - 2014-03-04 05:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-14 11:42 - 2014-03-04 05:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-14 11:42 - 2014-03-04 05:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 11:42 - 2014-03-04 05:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 11:42 - 2014-03-04 05:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 11:42 - 2014-03-04 05:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 11:42 - 2014-03-04 04:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 11:42 - 2014-03-04 04:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 11:42 - 2014-02-03 22:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-14 11:42 - 2014-02-03 22:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-14 11:42 - 2014-02-03 22:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-14 11:42 - 2014-02-03 22:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-14 11:42 - 2014-02-03 22:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 11:42 - 2014-01-23 22:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 15:22 - 2014-04-08 15:22 - 00000218 _____ () C:\Users\PONGOPETER826\.recently-used.xbel
2014-04-08 15:13 - 2014-04-08 15:22 - 00000710 _____ () C:\Users\PONGOPETER826\.ufrawrc
2014-04-08 15:08 - 2014-04-08 15:08 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\gtk-2.0
2014-04-08 15:01 - 2014-04-23 15:44 - 00000000 ____D () C:\Users\PONGOPETER826\.gimp-2.8
2014-04-08 15:00 - 2014-04-08 15:00 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\gegl-0.2
2014-04-07 12:44 - 2014-04-07 12:54 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\CodeBlocks
2014-04-07 12:42 - 2014-04-14 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-04-03 18:43 - 2014-04-23 16:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 18:43 - 2014-04-03 18:43 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-03 18:43 - 2014-04-03 18:43 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 18:43 - 2014-04-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 18:40 - 2014-04-03 18:40 - 00282880 _____ (Mozilla) C:\Users\PONGOPETER826\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 09:15 - 2014-04-22 18:34 - 00000000 ____D () C:\Users\PONGOPETER826\Documents\NetBeansProjects
2014-04-03 09:14 - 2014-04-22 18:39 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\NetBeans
2014-04-03 09:14 - 2014-04-03 09:14 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\NetBeans
2014-04-03 09:00 - 2014-04-22 19:09 - 00000000 ____D () C:\Users\PONGOPETER826\.nbi
2014-04-03 09:00 - 2014-04-03 09:00 - 93596032 _____ () C:\Users\PONGOPETER826\Downloads\netbeans-8.0-javase-windows.exe
2014-04-03 08:54 - 2014-04-03 08:54 - 162675600 _____ (Oracle Corporation) C:\Users\PONGOPETER826\Downloads\jdk-8-windows-x64.exe
2014-04-03 08:51 - 2014-04-03 08:51 - 00000000 ____H () C:\Users\PONGOPETER826\Downloads\url.html_WLYSs_part0.da_
2014-04-01 13:36 - 2014-04-01 13:36 - 65846842 _____ (RailsInstaller Team ) C:\Users\PONGOPETER826\Downloads\railsinstaller-2.2.2.exe
2014-04-01 13:34 - 2014-04-01 13:34 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-01 13:33 - 2014-04-01 13:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-01 13:16 - 2014-04-01 13:18 - 15092388 _____ () C:\Users\PONGOPETER826\Downloads\ruby-2.1.1.tar.gz

==================== One Month Modified Files and Folders =======

2014-04-26 09:55 - 2014-04-23 11:06 - 00000000 ____D () C:\Users\PONGOPETER826\Downloads\FRST64
2014-04-26 09:55 - 2014-04-23 09:09 - 00000000 ____D () C:\FRST
2014-04-26 09:47 - 2010-05-23 19:29 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-26 09:45 - 2014-04-21 21:09 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-26 09:28 - 2012-07-31 09:30 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-26 08:37 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-26 08:37 - 2009-07-14 00:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-26 08:33 - 2014-03-10 02:30 - 00000510 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-04-26 08:29 - 2014-04-26 08:29 - 00000056 _____ () C:\Windows\setupact.log
2014-04-26 08:29 - 2014-04-26 08:29 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-26 08:29 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-25 18:51 - 2010-03-23 04:48 - 01246885 _____ () C:\Windows\WindowsUpdate.log
2014-04-25 12:06 - 2014-03-08 21:06 - 00000526 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 08ed1a8a-0da8-45eb-9da8-484c1e5b5a3e.job
2014-04-25 09:39 - 2014-04-25 09:39 - 00013374 _____ () C:\Users\PONGOPETER826\Desktop\CCleaner.exe - Shortcut.lnk
2014-04-25 08:40 - 2014-04-25 08:40 - 00002390 _____ () C:\Users\PONGOPETER826\Desktop\JRT.txt
2014-04-25 08:23 - 2014-04-25 08:23 - 00000000 ____D () C:\Windows\ERUNT
2014-04-25 08:16 - 2014-04-25 08:12 - 00000000 ____D () C:\AdwCleaner
2014-04-25 08:12 - 2014-04-25 08:12 - 01365865 _____ () C:\Users\PONGOPETER826\Downloads\adwcleaner.exe
2014-04-25 08:11 - 2014-02-18 18:07 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-24 20:05 - 2011-02-17 20:13 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{AFD974C3-040B-4E22-9E1F-63538507D1D2}
2014-04-24 13:50 - 2014-04-24 13:50 - 00000817 _____ () C:\Users\Public\Desktop\Play Pirate101.lnk
2014-04-24 13:50 - 2014-04-24 13:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingsIsle Entertainment
2014-04-24 13:50 - 2014-04-24 13:50 - 00000000 ____D () C:\ProgramData\KingsIsle Entertainment
2014-04-24 13:50 - 2009-11-06 21:31 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-24 13:44 - 2014-04-24 13:44 - 00000261 _____ () C:\Users\PONGOPETER826\Downloads\results.txt
2014-04-24 08:58 - 2014-03-09 16:42 - 00003234 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForPONGOPETER826
2014-04-24 08:58 - 2014-03-09 16:42 - 00000364 _____ () C:\Windows\Tasks\HPCeeScheduleForPONGOPETER826.job
2014-04-24 08:45 - 2014-04-24 08:45 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-04-23 16:25 - 2014-04-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-23 15:44 - 2014-04-08 15:01 - 00000000 ____D () C:\Users\PONGOPETER826\.gimp-2.8
2014-04-23 15:39 - 2014-04-18 09:08 - 00000000 ____D () C:\Program Files\AutoHotkey
2014-04-23 15:39 - 2009-11-06 22:28 - 00000000 ____D () C:\Windows\SHELLNEW
2014-04-23 15:31 - 2010-05-23 13:10 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\Google
2014-04-23 15:31 - 2010-05-23 08:55 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-23 09:13 - 2014-04-23 09:11 - 00042052 _____ () C:\Users\PONGOPETER826\Downloads\Addition.txt
2014-04-23 09:12 - 2014-04-23 09:09 - 00055596 _____ () C:\Users\PONGOPETER826\Downloads\FRST.txt
2014-04-22 19:24 - 2014-04-22 19:24 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-22 19:24 - 2014-04-22 19:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-22 19:23 - 2014-04-22 19:24 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-22 19:23 - 2014-04-22 19:24 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-22 19:23 - 2014-04-22 19:24 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-22 19:23 - 2010-12-10 08:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-22 19:18 - 2014-04-22 19:18 - 00921512 _____ (Oracle Corporation) C:\Users\PONGOPETER826\Downloads\chromeinstall-7u55.exe
2014-04-22 19:09 - 2014-04-03 09:00 - 00000000 ____D () C:\Users\PONGOPETER826\.nbi
2014-04-22 19:06 - 2014-04-22 18:58 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-04-22 19:01 - 2014-04-22 19:01 - 00002017 _____ () C:\Users\Public\Desktop\NetBeans IDE 8.0.lnk
2014-04-22 19:01 - 2014-04-22 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetBeans
2014-04-22 18:55 - 2014-04-22 18:55 - 93596032 _____ () C:\Users\PONGOPETER826\Downloads\netbeans-8.0-javase-windows(0).exe
2014-04-22 18:47 - 2014-04-22 18:47 - 00008536 _____ () C:\Users\PONGOPETER826\Documents\doc.txt
2014-04-22 18:39 - 2014-04-03 09:14 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\NetBeans
2014-04-22 18:34 - 2014-04-03 09:15 - 00000000 ____D () C:\Users\PONGOPETER826\Documents\NetBeansProjects
2014-04-22 18:23 - 2014-04-22 18:23 - 00000000 __SHD () C:\Users\PONGOPETER826\AppData\Local\EmieUserList
2014-04-22 18:23 - 2014-04-22 18:23 - 00000000 __SHD () C:\Users\PONGOPETER826\AppData\Local\EmieSiteList
2014-04-22 18:22 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-04-22 16:15 - 2009-11-06 22:51 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-04-22 15:42 - 2009-11-07 00:16 - 00000000 ____D () C:\Program Files\Java
2014-04-22 15:41 - 2011-07-26 09:29 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-04-22 15:41 - 2011-07-26 09:29 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-04-22 15:40 - 2014-04-22 15:40 - 00000000 ____D () C:\Users\PONGOPETER826\Downloads\CubeDemo
2014-04-22 12:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-04-22 11:29 - 2014-04-22 11:00 - 00000000 ____D () C:\Program Files (x86)\cache
2014-04-22 11:26 - 2014-04-22 10:54 - 00000000 ____D () C:\Program Files (x86)\modpacks
2014-04-22 11:03 - 2014-04-22 10:49 - 00000000 ____D () C:\Program Files (x86)\assets
2014-04-22 10:49 - 2014-04-22 10:48 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\.technic
2014-04-22 10:37 - 2014-04-22 10:37 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\java
2014-04-22 10:37 - 2011-09-09 21:34 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\.minecraft
2014-04-22 10:36 - 2014-04-22 10:36 - 00675988 _____ () C:\Users\PONGOPETER826\Downloads\Minecraft.exe
2014-04-22 10:30 - 2010-06-16 16:08 - 00000000 ____D () C:\Program Files (x86)\MSXML 4.0
2014-04-22 09:53 - 2014-04-19 19:25 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 01:33 - 2014-04-23 09:15 - 04142142 _____ () C:\Users\PONGOPETER826\Downloads\tdsskiller.zip
2014-04-21 21:31 - 2011-12-11 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-04-21 21:08 - 2011-12-11 18:09 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-21 21:07 - 2014-04-21 21:07 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-21 21:07 - 2014-04-21 21:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-21 21:07 - 2014-04-21 21:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-21 21:07 - 2011-12-11 18:09 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\Malwarebytes
2014-04-21 19:39 - 2014-04-22 10:22 - 00313256 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-21 19:39 - 2014-04-22 10:22 - 00191400 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-21 19:39 - 2014-04-22 10:22 - 00190888 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-21 19:39 - 2014-02-21 12:10 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-04-21 19:37 - 2012-07-31 09:30 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-21 19:37 - 2012-07-31 09:30 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-21 19:37 - 2011-05-18 08:51 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-21 18:44 - 2014-04-21 18:44 - 04162400 _____ (Kaspersky Lab ZAO) C:\Users\PONGOPETER826\Desktop\TDSSKiller.exe
2014-04-21 17:59 - 2014-04-21 17:59 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-04-21 17:59 - 2014-04-21 17:59 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-04-21 17:59 - 2010-05-22 08:48 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\Adobe
2014-04-21 17:59 - 2009-11-06 23:02 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-20 10:24 - 2009-07-14 01:13 - 00801092 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 09:15 - 2014-04-20 09:15 - 05329480 _____ (Secunia) C:\Users\PONGOPETER826\Downloads\PSISetup(0).exe
2014-04-20 09:14 - 2014-04-20 09:14 - 00000000 ___RD () C:\Users\PONGOPETER826\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-20 09:08 - 2014-04-20 09:08 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\Secunia PSI
2014-04-20 09:08 - 2014-04-20 09:08 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-04-20 09:04 - 2009-07-13 23:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-20 09:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-20 08:54 - 2014-04-20 08:54 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2014-04-18 09:37 - 2014-04-18 09:35 - 00002030 _____ () C:\Users\PONGOPETER826\Desktop\SndVol.exe.lnk
2014-04-18 09:28 - 2014-04-18 09:28 - 00003310 _____ () C:\Users\PONGOPETER826\Documents\volume.ahk
2014-04-18 09:26 - 2014-04-18 09:19 - 00000054 _____ () C:\Users\PONGOPETER826\Documents\.ahk
2014-04-18 09:11 - 2014-04-18 09:11 - 00012739 _____ () C:\Users\PONGOPETER826\Downloads\VA-2.3.zip
2014-04-18 09:09 - 2014-04-18 09:09 - 00001351 _____ () C:\Users\PONGOPETER826\Documents\AutoHotkey.ahk
2014-04-18 09:07 - 2014-04-18 09:07 - 02654812 _____ () C:\Users\PONGOPETER826\Downloads\AutoHotkey111403_Install.exe
2014-04-15 21:53 - 2014-04-15 21:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-15 21:53 - 2014-04-15 21:27 - 00000000 ____D () C:\Users\PONGOPETER826\Desktop\mbar
2014-04-15 21:27 - 2014-04-15 21:27 - 12589848 _____ (Malwarebytes Corp.) C:\Users\PONGOPETER826\Downloads\mbar-1.07.0.1009.exe
2014-04-14 20:17 - 2014-02-18 21:08 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-14 20:17 - 2009-11-06 22:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-14 20:15 - 2010-05-21 12:35 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-14 09:00 - 2014-04-07 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CodeBlocks
2014-04-08 15:22 - 2014-04-08 15:22 - 00000218 _____ () C:\Users\PONGOPETER826\.recently-used.xbel
2014-04-08 15:22 - 2014-04-08 15:13 - 00000710 _____ () C:\Users\PONGOPETER826\.ufrawrc
2014-04-08 15:22 - 2011-02-02 13:21 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\gtk-2.0
2014-04-08 15:22 - 2010-05-14 11:24 - 00000000 ____D () C:\Users\PONGOPETER826
2014-04-08 15:08 - 2014-04-08 15:08 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\gtk-2.0
2014-04-08 15:00 - 2014-04-08 15:00 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\gegl-0.2
2014-04-07 17:34 - 2014-02-19 13:42 - 00000000 ___RD () C:\Users\PONGOPETER826\Dropbox
2014-04-07 12:54 - 2014-04-07 12:44 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Roaming\CodeBlocks
2014-04-06 02:36 - 2014-04-25 08:20 - 01016261 _____ (Thisisu) C:\Users\PONGOPETER826\Downloads\JRT.exe
2014-04-05 22:03 - 2014-04-22 10:28 - 02346942 _____ () C:\Users\PONGOPETER826\Downloads\TechnicLauncher.exe
2014-04-04 19:43 - 2014-04-21 21:03 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\PONGOPETER826\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-03 18:43 - 2014-04-03 18:43 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-03 18:43 - 2014-04-03 18:43 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 18:43 - 2014-04-03 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 18:40 - 2014-04-03 18:40 - 00282880 _____ (Mozilla) C:\Users\PONGOPETER826\Downloads\Firefox Setup Stub 28.0.exe
2014-04-03 09:51 - 2014-04-21 21:07 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:51 - 2014-04-15 21:27 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2011-12-11 18:09 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 09:14 - 2014-04-03 09:14 - 00000000 ____D () C:\Users\PONGOPETER826\AppData\Local\NetBeans
2014-04-03 09:00 - 2014-04-03 09:00 - 93596032 _____ () C:\Users\PONGOPETER826\Downloads\netbeans-8.0-javase-windows.exe
2014-04-03 08:54 - 2014-04-03 08:54 - 162675600 _____ (Oracle Corporation) C:\Users\PONGOPETER826\Downloads\jdk-8-windows-x64.exe
2014-04-03 08:51 - 2014-04-03 08:51 - 00000000 ____H () C:\Users\PONGOPETER826\Downloads\url.html_WLYSs_part0.da_
2014-04-02 09:07 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-02 08:50 - 2010-05-23 19:29 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-01 14:42 - 2010-05-23 19:29 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-01 14:42 - 2010-05-23 19:29 - 00003644 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-01 13:36 - 2014-04-01 13:36 - 65846842 _____ (RailsInstaller Team ) C:\Users\PONGOPETER826\Downloads\railsinstaller-2.2.2.exe
2014-04-01 13:34 - 2014-04-01 13:34 - 00001966 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-01 13:33 - 2014-04-01 13:33 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-01 13:33 - 2014-02-21 11:57 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-01 13:33 - 2014-02-21 11:57 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-01 13:33 - 2011-04-05 12:13 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-01 13:18 - 2014-04-01 13:16 - 15092388 _____ () C:\Users\PONGOPETER826\Downloads\ruby-2.1.1.tar.gz
2014-03-31 23:12 - 2014-04-21 17:58 - 18134016 _____ (Adobe Systems Inc.) C:\Users\PONGOPETER826\Downloads\AdobeAIRInstaller.exe
2014-03-31 09:35 - 2010-05-14 11:48 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\PONGOPETER826\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe
[2012-05-18 15:32] - [2011-02-25 02:19] - 2388992 ____A (Microsoft Corporation) C9D975C050D804AD315C7E22D7679A5D

C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-19 12:18

==================== End Of Log ============================

Link to post
Share on other sites

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe



When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Link to post
Share on other sites

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

Wizard101
Splashtop Software Updater
Splashtop Streamer
Pirate101


Close the window.

 

 

Tell me if you´re still being directed to this site...

Link to post
Share on other sites

  • 2 weeks later...

starting and stopping the protection client is a normal log entry and can be found in every protection log of Malwarebytes.

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

Your system is clean now! :)

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.





Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.


    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.