my uncle's laptop is OMG HELP!

kalistomo2 · June 4, 2014

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014

Ran by Shendelzare Silkwood (administrator) on POOP-POOP on 04-06-2014 23:26:16

Running from C:\Users\Shendelzare Silkwood\Downloads

Platform: Microsoft Windows 7 Home Basic Service Pack 1 (X86) OS Language: English(US)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

() C:\Program Files\WinArchiver\WAService.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe

(Apple Computer, Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\System32\ChgService.exe

(Google Inc.) C:\Program Files\Google\Update\1.3.24.7\GoogleCrashHandler.exe

() C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\ouc.exe

() C:\ProgramData\DatacardService\HWDeviceService.exe

(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe

() C:\ProgramData\Smart Bro\OnlineUpdate\ouc.exe

(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPRO\TemproSvc.exe

(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe

(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe

(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Malwarebytes Corp.) C:\Users\Shendelzare Silkwood\Downloads\mbar-1.07.0.1009.exe

(Microsoft Corporation) C:\Windows\System32\cmd.exe

(Malwarebytes Corporation) C:\Users\Shendelzare Silkwood\Desktop\mbar\mbar.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2010-07-28] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe [1493608 2010-07-28] (Realtek Semiconductor)

HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [22840 2009-11-11] (TOSHIBA Corporation)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-05] (Adobe Systems Incorporated)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [sunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM\...\Run: [ToshibaServiceStation] => C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295736 2011-02-11] (TOSHIBA Corporation)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)

HKU\.DEFAULT\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\topi.exe [4581280 2010-03-03] (TOSHIBA)

HKU\S-1-5-21-1569652100-3304354286-3704929050-1075\...\Run: [TOSHIBA Online Product Information] => C:\Program Files\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe [4581280 2010-03-03] (TOSHIBA)

IFEO\bitguard.exe: [Debugger] tasklist.exe

IFEO\bprotect.exe: [Debugger] tasklist.exe

IFEO\bpsvc.exe: [Debugger] tasklist.exe

IFEO\browserdefender.exe: [Debugger] tasklist.exe

IFEO\browserprotect.exe: [Debugger] tasklist.exe

IFEO\browsersafeguard.exe: [Debugger] tasklist.exe

IFEO\dprotectsvc.exe: [Debugger] tasklist.exe

IFEO\jumpflip: [Debugger] tasklist.exe

IFEO\protectedsearch.exe: [Debugger] tasklist.exe

IFEO\searchinstaller.exe: [Debugger] tasklist.exe

IFEO\searchprotection.exe: [Debugger] tasklist.exe

IFEO\searchprotector.exe: [Debugger] tasklist.exe

IFEO\searchsettings.exe: [Debugger] tasklist.exe

IFEO\searchsettings64.exe: [Debugger] tasklist.exe

IFEO\snapdo.exe: [Debugger] tasklist.exe

IFEO\stinst32.exe: [Debugger] tasklist.exe

IFEO\stinst64.exe: [Debugger] tasklist.exe

IFEO\umbrella.exe: [Debugger] tasklist.exe

IFEO\utiljumpflip.exe: [Debugger] tasklist.exe

IFEO\volaro: [Debugger] tasklist.exe

IFEO\vonteera: [Debugger] tasklist.exe

IFEO\websteroids.exe: [Debugger] tasklist.exe

IFEO\websteroidsservice.exe: [Debugger] tasklist.exe

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

Startup: C:\Users\Shendelzare Silkwood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

ShortcutTarget: TRDCReminder.lnk -> C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)

HKLM\...\AppCertDlls: [x64] -> c:\program files\browser tab search by ask\safetynut\x64\safetycrt.dll

==================== Internet (Whitelisted) ====================

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2488} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=210&systemid=488&v=a12834-343&apn_uid=1412512428024520&apn_dtid=TCH001&o=APN11459&apn_ptnrs=AG1&q={searchTerms}

BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [94208] (Apple Computer, Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml

FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-05-31]

FF Extension: Kaspersky URL Advisor - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-05-31]

Chrome:

=======

CHR Extension: (Docs) - C:\Users\Shendelzare Silkwood\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-04]

CHR Extension: (Google Drive) - C:\Users\Shendelzare Silkwood\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-04]

CHR Extension: (YouTube) - C:\Users\Shendelzare Silkwood\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-04]

CHR Extension: (McAfee Security Scan+) - C:\Users\Shendelzare Silkwood\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-06-04]

CHR Extension: (Google Search) - C:\Users\Shendelzare Silkwood\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-04]

CHR Extension: (Google Wallet) - C:\Users\Shendelzare Silkwood\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-06-04]

CHR Extension: (Gmail) - C:\Users\Shendelzare Silkwood\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-04]

========================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [119056 2013-05-24] (SUPERAntiSpyware.com)

R2 cfWiMAXService; C:\Program Files\TOSHIBA\ConfigFree\CFIWmxSvcs.exe [185712 2010-01-28] (TOSHIBA CORPORATION)

R2 Change Modem Device Service; C:\Windows\System32\ChgService.exe [135168 2013-05-22] ()

R2 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [46448 2009-03-10] (TOSHIBA CORPORATION)

S2 Globe Tattoo Broadband. RunOuc; C:\Program Files\Globe Tattoo Broadband\UpdateDog\ouc.exe [218624 2013-10-30] ()

R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [271712 2011-03-14] ()

R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)

S4 NAUpdate; c:\Program Files\Nero\Update\NASvc.exe [503080 2010-05-04] (Nero AG)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)

S2 Smart Bro. RunOuc; C:\Program Files\Smart Bro\UpdateDog\ouc.exe [246112 2014-02-06] ()

R2 TemproMonitoringService; C:\Program Files\Toshiba TEMPRO\TemproSvc.exe [124368 2010-05-11] (Toshiba Europe GmbH)

R3 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [54136 2011-02-11] (TOSHIBA Corporation)

S3 TOSHIBA HDD SSD Alert Service; C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [111960 2010-02-05] (TOSHIBA Corporation)

R2 WinArchiver Service; C:\Program Files\WinArchiver\WAService.exe [202264 2013-11-10] ()

==================== Drivers (Whitelisted) ====================

R3 CeKbFilter; C:\Windows\System32\DRIVERS\CeKbFilter.sys [17520 2011-04-07] (Compal Electronics, INC.)

S3 cmntnet; C:\Windows\System32\DRIVERS\cmntnet.sys [120320 2013-05-22] (Wireless Data Device)

S3 cmnuusbser; C:\Windows\System32\DRIVERS\cmnuusbser.sys [107520 2013-05-22] (Wireless Device)

R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [36208 2009-07-31] (COMPAL ELECTRONIC INC.)

R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [75480 2014-06-04] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [107224 2014-06-04] (Malwarebytes Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)

R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

S3 usbUDisc; C:\Windows\System32\DRIVERS\USBDrv.sys [13824 2013-04-27] (Scott)

R0 waemu; C:\Windows\System32\Drivers\waemu.sys [122032 2013-11-10] (Power Software Ltd)

S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]

S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]

S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]

S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit

C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit

C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit

C:\Windows\system32\drivers\afd.sys F81BB7E487EDCEAB630A7EE66CF23913

C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\djsvs.sys ==> MD5 is legit

C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdagp.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\atikmdag.sys 2B8468E003FD033F4FAA5CC54022C8ED

C:\Windows\System32\DRIVERS\atikmpag.sys 97CCEFC4E7EA7C910B54509262343D6B

C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit

C:\Windows\system32\drivers\amdsata.sys D320BF87125326F996D4904FE24300FC

C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit

C:\Windows\System32\drivers\amdxata.sys 46387FB17B086D16DEA267D5BE23A2F2

C:\Windows\system32\drivers\appid.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit

C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\bxvbdx.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\b57nd60x.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\bcmwl6.sys CDA161020BF75B12728AE394196AD991

C:\Windows\system32\Drivers\Beep.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit

C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit

C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\CeKbFilter.sys AECD6E980834D784DEA44456B2DC5164

C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit

C:\Windows\System32\CLFS.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\cmntnet.sys 60B5AEE418C8F1D9B7B6E93722E9438D

C:\Windows\System32\DRIVERS\cmnuusbser.sys 20978803E0F1C4386967A91795C27C13

C:\Windows\System32\Drivers\cng.sys 85449EEBE8F8EBD6481EFBF0F352B4EB

C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit

C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit

C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit

C:\Windows\System32\drivers\discache.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit

C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit

C:\Windows\System32\drivers\dxgkrnl.sys 71BC35067CABC02C9453AEAA42B2E43E

C:\Windows\system32\DRIVERS\evbdx.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit

C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ewusbwwan.sys 58C54CF72D1B8518A14695B46CA26C90

C:\Windows\System32\DRIVERS\ew_hwusbdev.sys 57C171EA22F0A7F068FCB0CAEDD1E8E7

C:\Windows\system32\Drivers\exfat.sys ==> MD5 is legit

C:\Windows\system32\Drivers\fastfat.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit

C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit

C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legitB

C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit

C:\Windows\system32\Drivers\Fs_Rec.sys 7DAE5EBCC80E45D3253F4923DC424D05

C:\Windows\System32\DRIVERS\fvevol.sys E306A24D9694C724FA2491278BF50FDB

C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit

C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit

C:\Windows\system32\drivers\HdAudio.sys A5EF29D5315111C80A5C1ABAD14C8972

C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\HECI.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit

C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit

C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ew_jubusenum.sys F44461E66F1B7DD267957FE9BAA63ED0

C:\Windows\System32\DRIVERS\ewusbmdm.sys B50E1D8627354BA8E4DF83470F1272C8

C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit

C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\iaStor.sys 39F7C9AEEE865FE8E98CF3EDD2B4BB4A

C:\Windows\system32\drivers\iaStorV.sys 5CD5F9A5444E6CDCB0AC89BD62D8B76E

C:\Windows\System32\DRIVERS\igdkmd32.sys DB7413CF09D74231720F78737DCF4188

C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\Impcd.sys E3C36AC5AE87EC970AE8EA2A93D59AE1

C:\Windows\System32\drivers\RTKVHDA.sys AEE99ECF06CD1CEA95816CCB5BF73EC8

C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit

C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit

C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit

C:\Windows\system32\drivers\msiscsi.sys EB34CE31FABD4DC4343FD2AD16D2CAF9

C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit

C:\Windows\System32\Drivers\ksecdd.sys 4120DA10AA42A9996F4575DB9E3E6E6E

C:\Windows\System32\Drivers\ksecpkg.sys D3964885F0A11ACF51DA3AAA776973B2

C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\LPCFilter.sys 6ADAB14D7AD12B35BDC665B35278099B

C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit

C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit

C:\Windows\system32\drivers\mbamchameleon.sys 3B4C137E2CA87CF773204653A80B5BE9

C:\Windows\system32\drivers\MBAMSwissArmy.sys 024ACCA2F972EE094EB0F4289F2FA893

C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit

C:\Windows\System32\drivers\modem.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit

C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\MpFilter.sys 8072A7BB35D92CC621AC2605EEF79BC4

C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit

C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit

C:\Windows\system32\drivers\mrxdav.sys 21F4B24ACFC79A483515BD986DD9043F

C:\Windows\System32\DRIVERS\mrxsmb.sys 5D16C921E3671636C0EBA3BBAAC5FD25

C:\Windows\System32\DRIVERS\mrxsmb10.sys 6D17A4791ACA19328C685D256349FEFC

C:\Windows\System32\DRIVERS\mrxsmb20.sys B81F204D146000BE76651A50670A5E9E

C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit

C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit

C:\Windows\system32\Drivers\Msfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit

C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit

C:\Windows\system32\Drivers\MsRPC.sys ==> MD5 is legit

C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit

C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit

C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit

C:\Windows\System32\drivers\ndis.sys 8C9C922D71F1CD4DEF73F186416B7896

C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit

C:\Windows\system32\Drivers\NDProxy.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\NisDrvWFP.sys FCBC2F48430EB0D7150A6521C0B84ACA

C:\Windows\system32\Drivers\Npfs.sys ==> MD5 is legit

C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit

C:\Windows\system32\Drivers\Ntfs.sys C8DFF8D07755A66C7A4A738930F0FEAC

C:\Windows\system32\Drivers\Null.sys ==> MD5 is legit

C:\Windows\system32\drivers\nvraid.sys B3E25EE28883877076E0E1FF877D02E0

C:\Windows\system32\drivers\nvstor.sys 4380E59A170D88C4F1022EFF6719A8A4

C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit

C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit

C:\Windows\System32\drivers\partmgr.sys 3F34A1B4C5F6475F320C275E63AFCE9B

C:\Windows\system32\DRIVERS\parvdm.sys ==> MD5 is legit

C:\Windows\System32\drivers\pci.sys ==> MD5 is legit

C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit

C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit

C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\pgeffect.sys 1B5011DD8D57F53AED31FF0F7D635802

C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit

C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit

C:\Windows\System32\drivers\rdpvideominiport.sys 65375DF758CA1872AB7EBBBA457FD5E6

C:\Windows\system32\Drivers\RDPWD.sys F031683E6D1FEA157ABB2FF260B51E61

C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit

C:\Windows\System32\Drivers\RtsUStor.sys B87F999E05DD9C0312C83A8752E8E66B

C:\Windows\System32\DRIVERS\Rt86win7.sys 5283B9A27FF230F2FF70D92451FF409A

C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS 39763504067962108505BFF25F024345

C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS 77B9FC20084B48408AD3E87570EB4A85

C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit

C:\Windows\system32\Drivers\secdrv.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit

C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\Sftfslh.sys EC5C79BD81F0C55DF53F4818D4F1C2C8

C:\Windows\System32\DRIVERS\Sftplaylh.sys A224670FB892A205E4D99E06C0B85C7C

C:\Windows\System32\DRIVERS\Sftredirlh.sys 9D354D425FB55CDF0EDC7F67FBC5B04E

C:\Windows\System32\DRIVERS\Sftvollh.sys F369D6B89AA610174A4E90C8513B7C7A

C:\Windows\system32\drivers\sisagp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit

C:\Windows\system32\Drivers\spldr.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\srv.sys E4C2764065D66EA1D2D3EBC28FE99C46

C:\Windows\System32\DRIVERS\srv2.sys 03F0545BD8D4C77FA0AE1CEEDFCC71AB

C:\Windows\System32\DRIVERS\srvnet.sys BE6BD660CAA6F291AE06A718A4FA8ABC

C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit

C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\SynTP.sys 9A28F1C47CE0C8BBC02AAF5941AB44CD

C:\Windows\System32\drivers\tcpip.sys CA59F7C570AF70BC174F477CFE2D9EE3

C:\Windows\System32\DRIVERS\tcpip.sys CA59F7C570AF70BC174F477CFE2D9EE3

C:\Windows\System32\drivers\tcpipreg.sys 3EEBD3BD93DA46A26E89893C7AB2FF3B

C:\Windows\System32\DRIVERS\tdcmdpst.sys 4084EA00D50C858D6F9038F86AE2E2D0

C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit

C:\Windows\System32\drivers\tdtcp.sys 2C2C5AFE7EE4F620D69C23C0617651A8

C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit

C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\tosporte.sys 90AFA1A4451BBBEE87C9F18A665D8121

C:\Windows\System32\DRIVERS\tosrfbd.sys AF1DC60EBA521F3622CB15D24560A492

C:\Windows\System32\Drivers\tosrfbnp.sys 75CD3C238A0FFC66C4581C3870C09314

C:\Windows\System32\Drivers\tosrfcom.sys C6C055179EF44BC047C1FA806750BBD9

C:\Windows\System32\DRIVERS\tosrfec.sys 8A555DCF3DDAD3965DA11550491408F8

C:\Windows\System32\DRIVERS\Tosrfhid.sys F3E8762163EE87F3AC95537584CF5B4F

C:\Windows\System32\DRIVERS\tosrfnds.sys B2A1A6538245FD69578224BBF2FD4677

C:\Windows\System32\drivers\tosrfsnd.sys 3DE5CBB4F8EB64563CE08E8EC7458D03

C:\Windows\System32\DRIVERS\tosrfusb.sys 97B7C9650FC47DF001180B97134211CE

C:\Windows\System32\DRIVERS\tos_sps32.sys 969377943FE7284609BABBAB4E06B93C

C:\Windows\System32\DRIVERS\tssecsrv.sys B37B08F2E5EEB1A37E448E09BACE1101

C:\Windows\System32\drivers\tsusbflt.sys C6A5FBD4977305E1FA23E02C042DB463

C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\TVALZ_O.SYS FC24015B4052600C324C43E3A79C0664

C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit

C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit

C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit

C:\Windows\system32\drivers\usbaudio.sys A1977C315BF5691DA99235AA4A6907AF

C:\Windows\System32\DRIVERS\usbccgp.sys 0803FBA9FE829D61AE26EC0BCC910C46

C:\Windows\system32\drivers\usbcir.sys 2352AB5F9F8F097BF9D41D5A4718A041

C:\Windows\system32\drivers\usbehci.sys D40855F89B69305140BBD7E9A3BA2DA6

C:\Windows\System32\DRIVERS\usbhub.sys EDF2DF71C4F1E13A6AC75F5224DE655A

C:\Windows\system32\drivers\usbohci.sys 9828C8D14CC2676421778F0DE638CF97

C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\usbscan.sys FC6B21DB4B5B398AB93DBE59CBF11036

C:\Windows\System32\DRIVERS\USBSTOR.SYS F991AB9CC6B908DB552166768176896A

C:\Windows\System32\DRIVERS\USBDrv.sys FC43C9C666A1F5F288091BF2140ADA59

C:\Windows\system32\drivers\usbuhci.sys 800AABFD625EEFF899F7E5496BDE37AB

C:\Windows\System32\Drivers\usbvideo.sys DE014425522610BEDCA3821BB8C0F1D5

C:\Windows\System32\DRIVERS\usb8023x.sys AF77716205C97E902E6C5B78DECE2CCA

C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit

C:\Windows\System32\drivers\vga.sys ==> MD5 is legit

C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit

C:\Windows\system32\drivers\viaagp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\viac7.sys ==> MD5 is legit

C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit

C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit

C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit

C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\vwififlt.sys 7090D3436EEB4E7DA3373090A23448F7

C:\Windows\System32\DRIVERS\vwifimp.sys A3F04CBEA6C2A10E6CB01F8B47611882

C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit

C:\Windows\System32\Drivers\waemu.sys 6DEBDF87A1D690F45947621B58E6BC08

C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit

C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit

C:\Windows\System32\drivers\Wdf01000.sys 25944D2CC49E0A6C581D02A74B7D6645

C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit

C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit

C:\Windows\System32\DRIVERS\WinUSB.sys A67E5F9A400F3BD1BE3D80613B45F708

C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit

C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit

C:\Windows\System32\drivers\WudfPf.sys 06E6F32C8D0A3F66D956F57B43A2E070

C:\Windows\System32\DRIVERS\WUDFRd.sys 867C301E8B790040AE9CF6486E8041DF

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-06-04 23:22 - 2014-06-04 23:22 - 00000041 _____ () C:\Users\Shendelzare Silkwood\Downloads\fixlist.txt

2014-06-04 23:21 - 2014-06-04 23:21 - 00052472 _____ () C:\Users\Shendelzare Silkwood\Downloads\Addition (1).txt

2014-06-04 22:40 - 2014-06-04 22:44 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-06-04 22:40 - 2014-06-04 22:40 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-04 22:40 - 2014-06-04 22:40 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-04 22:21 - 2014-06-04 22:21 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-04 22:20 - 2014-06-04 22:21 - 00000000 ____D () C:\Users\Shendelzare Silkwood\Desktop\mbar

2014-06-04 22:08 - 2014-06-04 22:20 - 00023412 _____ () C:\Users\Shendelzare Silkwood\Downloads\Result.txt

2014-06-04 21:42 - 2014-06-04 22:07 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Shendelzare Silkwood\Downloads\mbar-1.07.0.1009.exe

2014-06-04 21:42 - 2014-06-04 21:47 - 00982016 _____ (Farbar) C:\Users\Shendelzare Silkwood\Downloads\MiniToolBox.exe

2014-06-04 21:26 - 2014-06-04 21:26 - 00092803 _____ () C:\Users\Shendelzare Silkwood\Downloads\Shortcut.txt

2014-06-04 21:25 - 2014-06-04 21:26 - 00043601 _____ () C:\Users\Shendelzare Silkwood\Downloads\Addition.txt

2014-06-04 21:24 - 2014-06-04 23:26 - 00034316 _____ () C:\Users\Shendelzare Silkwood\Downloads\FRST.txt

2014-06-04 21:24 - 2014-06-04 23:26 - 00000000 ____D () C:\FRST

2014-06-04 21:22 - 2014-06-04 21:24 - 01059840 _____ (Farbar) C:\Users\Shendelzare Silkwood\Downloads\FRST.exe

2014-06-04 21:12 - 2014-06-04 21:12 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Roaming\Toshiba

2014-06-04 20:36 - 2014-06-04 21:09 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Roaming\CDisplayEx

2014-06-04 20:36 - 2014-06-04 20:36 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\TOSHIBA

2014-06-04 20:35 - 2014-06-04 20:35 - 00110048 _____ () C:\Users\Shendelzare Silkwood\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-04 20:35 - 2014-06-04 20:35 - 00001384 _____ () C:\Users\Shendelzare Silkwood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-06-04 20:35 - 2014-06-04 20:35 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Roaming\Adobe

2014-06-04 20:35 - 2014-06-04 20:35 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\VirtualStore

2014-06-04 20:35 - 2014-06-04 20:35 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\Google

2014-06-04 20:34 - 2014-06-04 23:26 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\Temp

2014-06-04 20:34 - 2014-06-04 20:35 - 00000000 ____D () C:\Users\Shendelzare Silkwood

2014-06-04 20:34 - 2014-06-04 20:34 - 00000020 ___SH () C:\Users\Shendelzare Silkwood\ntuser.ini

2014-06-04 20:34 - 2013-09-19 23:39 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\Microsoft Help

2014-06-04 20:34 - 2010-11-15 22:15 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Roaming\Macromedia

2014-06-04 20:34 - 2009-07-14 12:42 - 00000000 ___RD () C:\Users\Shendelzare Silkwood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-06-04 20:34 - 2009-07-14 12:37 - 00000000 ___RD () C:\Users\Shendelzare Silkwood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-06-01 22:28 - 2014-06-01 22:28 - 00000000 __SHD () C:\Users\Zenaida\AppData\Local\EmieUserList

2014-06-01 22:28 - 2014-06-01 22:28 - 00000000 __SHD () C:\Users\Zenaida\AppData\Local\EmieSiteList

2014-06-01 05:50 - 2014-06-01 05:50 - 00002084 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-06-01 05:50 - 2014-06-01 05:50 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-06-01 05:47 - 2014-06-01 05:47 - 00000000 ____D () C:\4f16ec9ef99384ec0d411c2307b780ab

2014-06-01 01:54 - 2014-06-01 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

2014-06-01 01:54 - 2014-06-01 01:54 - 00000000 ____D () C:\Program Files\McAfee Security Scan

2014-06-01 00:34 - 2014-06-01 00:34 - 00000221 _____ () C:\Windows\wininit.ini

2014-06-01 00:20 - 2014-06-01 00:21 - 11241816 _____ (Microsoft Corporation) C:\Users\Zenaida\Downloads\mseinstall.exe

2014-05-31 23:29 - 2014-05-31 23:29 - 00000000 ___HD () C:\Windows\PIF

2014-05-31 21:33 - 2014-05-31 21:35 - 26908896 _____ (Microsoft Corporation) C:\Users\Zenaida\Downloads\Windows-KB890830-V5.12.exe

2014-05-31 17:34 - 2014-06-01 23:51 - 00001916 _____ () C:\Users\Zenaida\Desktop\order.txt

2014-05-31 03:33 - 2014-05-31 03:34 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-05-30 21:29 - 2014-05-30 21:29 - 00005816 _____ () C:\Users\Zenaida\Desktop\first.txt

2014-05-30 03:40 - 2014-05-30 03:40 - 00406242 _____ () C:\Users\Zenaida\Desktop\sinker.htm

2014-05-30 03:40 - 2014-05-30 03:40 - 00000000 ____D () C:\Users\Zenaida\Desktop\sinker_files

2014-05-14 12:21 - 2014-05-14 12:21 - 00000000 __SHD () C:\found.000

2014-05-14 10:44 - 2014-05-09 15:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-14 10:44 - 2014-05-09 15:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-14 10:40 - 2014-05-06 11:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-14 10:40 - 2014-05-06 11:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-14 10:40 - 2014-05-06 10:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-14 10:04 - 2014-05-14 10:04 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-05-14 10:04 - 2014-04-12 10:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-14 10:04 - 2014-04-12 10:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-14 10:04 - 2014-04-12 10:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-14 10:04 - 2014-04-12 10:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-14 10:04 - 2014-04-12 10:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-14 10:04 - 2014-04-12 10:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-14 10:04 - 2014-04-12 10:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-14 10:04 - 2014-03-04 17:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2014-05-14 10:04 - 2014-03-04 17:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-14 10:04 - 2014-03-04 17:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-14 10:04 - 2014-03-04 17:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-14 10:04 - 2014-03-04 17:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-14 07:34 - 2014-03-25 10:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-08 13:50 - 2014-05-08 13:56 - 02503720 _____ () C:\Users\Zenaida\Downloads\Ragnarok_Online_Downloader (1).exe

2014-05-08 11:49 - 2014-05-08 11:54 - 02503720 _____ () C:\Users\Zenaida\Downloads\Ragnarok_Online_Downloader.exe

==================== One Month Modified Files and Folders =======

2014-06-04 23:27 - 2013-04-27 17:44 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-04 23:26 - 2014-06-04 21:24 - 00034316 _____ () C:\Users\Shendelzare Silkwood\Downloads\FRST.txt

2014-06-04 23:26 - 2014-06-04 21:24 - 00000000 ____D () C:\FRST

2014-06-04 23:26 - 2014-06-04 20:34 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\Temp

2014-06-04 23:22 - 2014-06-04 23:22 - 00000041 _____ () C:\Users\Shendelzare Silkwood\Downloads\fixlist.txt

2014-06-04 23:21 - 2014-06-04 23:21 - 00052472 _____ () C:\Users\Shendelzare Silkwood\Downloads\Addition (1).txt

2014-06-04 23:16 - 2014-03-09 17:46 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-04 23:08 - 2011-04-07 01:33 - 01428934 _____ () C:\Windows\WindowsUpdate.log

2014-06-04 22:44 - 2014-06-04 22:40 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-06-04 22:40 - 2014-06-04 22:40 - 00107224 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-04 22:40 - 2014-06-04 22:40 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-04 22:21 - 2014-06-04 22:21 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-04 22:21 - 2014-06-04 22:20 - 00000000 ____D () C:\Users\Shendelzare Silkwood\Desktop\mbar

2014-06-04 22:20 - 2014-06-04 22:08 - 00023412 _____ () C:\Users\Shendelzare Silkwood\Downloads\Result.txt

2014-06-04 22:07 - 2014-06-04 21:42 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Shendelzare Silkwood\Downloads\mbar-1.07.0.1009.exe

2014-06-04 22:04 - 2013-06-02 19:12 - 00000380 _____ () C:\Windows\Tasks\update-S-1-5-21-1569652100-3304354286-3704929050-1000.job

2014-06-04 21:47 - 2014-06-04 21:42 - 00982016 _____ (Farbar) C:\Users\Shendelzare Silkwood\Downloads\MiniToolBox.exe

2014-06-04 21:26 - 2014-06-04 21:26 - 00092803 _____ () C:\Users\Shendelzare Silkwood\Downloads\Shortcut.txt

2014-06-04 21:26 - 2014-06-04 21:25 - 00043601 _____ () C:\Users\Shendelzare Silkwood\Downloads\Addition.txt

2014-06-04 21:24 - 2014-06-04 21:22 - 01059840 _____ (Farbar) C:\Users\Shendelzare Silkwood\Downloads\FRST.exe

2014-06-04 21:12 - 2014-06-04 21:12 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Roaming\Toshiba

2014-06-04 21:12 - 2013-06-02 19:12 - 00000380 _____ () C:\Windows\Tasks\update-sys.job

2014-06-04 21:09 - 2014-06-04 20:36 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Roaming\CDisplayEx

2014-06-04 21:04 - 2013-01-22 01:59 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1569652100-3304354286-3704929050-1000UA.job

2014-06-04 21:04 - 2013-01-22 01:59 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1569652100-3304354286-3704929050-1000Core.job

2014-06-04 20:51 - 2011-05-15 16:31 - 00000000 ____D () C:\Users\Zenaida\AppData\Local\Temp

2014-06-04 20:48 - 2009-07-14 12:34 - 00014320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-06-04 20:48 - 2009-07-14 12:34 - 00014320 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-06-04 20:36 - 2014-06-04 20:36 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\TOSHIBA

2014-06-04 20:35 - 2014-06-04 20:35 - 00110048 _____ () C:\Users\Shendelzare Silkwood\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-04 20:35 - 2014-06-04 20:35 - 00001384 _____ () C:\Users\Shendelzare Silkwood\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-06-04 20:35 - 2014-06-04 20:35 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Roaming\Adobe

2014-06-04 20:35 - 2014-06-04 20:35 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\VirtualStore

2014-06-04 20:35 - 2014-06-04 20:35 - 00000000 ____D () C:\Users\Shendelzare Silkwood\AppData\Local\Google

2014-06-04 20:35 - 2014-06-04 20:34 - 00000000 ____D () C:\Users\Shendelzare Silkwood

2014-06-04 20:35 - 2014-03-09 17:46 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-04 20:34 - 2014-06-04 20:34 - 00000020 ___SH () C:\Users\Shendelzare Silkwood\ntuser.ini

2014-06-04 20:23 - 2013-04-29 01:59 - 00000000 ____D () C:\Users\Zenaida\AppData\Roaming\BitTorrent

2014-06-04 20:22 - 2011-09-29 13:07 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

2014-06-04 20:21 - 2009-07-14 12:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-04 20:21 - 2009-07-14 12:39 - 00300425 _____ () C:\Windows\setupact.log

2014-06-03 22:28 - 2009-07-14 12:53 - 00032532 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-06-03 07:03 - 2013-06-11 06:51 - 00000000 ____D () C:\Users\Zenaida\AppData\Roaming\vlc

2014-06-03 02:36 - 2013-06-02 19:12 - 00000440 _____ () C:\Users\Zenaida\AppData\Local\UserProducts.xml

2014-06-03 02:36 - 2013-06-02 19:12 - 00000000 ____D () C:\Users\Zenaida\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot

2014-06-01 23:51 - 2014-05-31 17:34 - 00001916 _____ () C:\Users\Zenaida\Desktop\order.txt

2014-06-01 22:35 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\system32\NDF

2014-06-01 22:28 - 2014-06-01 22:28 - 00000000 __SHD () C:\Users\Zenaida\AppData\Local\EmieUserList

2014-06-01 22:28 - 2014-06-01 22:28 - 00000000 __SHD () C:\Users\Zenaida\AppData\Local\EmieSiteList

2014-06-01 21:53 - 2014-03-26 17:15 - 00000000 ____D () C:\Users\Zenaida\Downloads\caramoan

2014-06-01 21:44 - 2010-11-15 22:15 - 00000000 ____D () C:\Program Files\Photo-Service

2014-06-01 21:43 - 2014-03-09 13:45 - 00019671 _____ () C:\missing.ini

2014-06-01 21:42 - 2013-04-29 02:08 - 00000000 ____D () C:\ProgramData\TEMP

2014-06-01 11:59 - 2011-04-07 01:30 - 00332776 _____ () C:\Windows\PFRO.log

2014-06-01 05:50 - 2014-06-01 05:50 - 00002084 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk

2014-06-01 05:50 - 2014-06-01 05:50 - 00000000 ____D () C:\Program Files\Microsoft Security Client

2014-06-01 05:50 - 2014-03-02 23:38 - 00001945 _____ () C:\Windows\epplauncher.mif

2014-06-01 05:47 - 2014-06-01 05:47 - 00000000 ____D () C:\4f16ec9ef99384ec0d411c2307b780ab

2014-06-01 05:38 - 2013-04-14 20:29 - 00000000 ____D () C:\Users\Zenaida\AppData\Roaming\SoftGrid Client

2014-06-01 02:21 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-06-01 01:54 - 2014-06-01 01:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

2014-06-01 01:54 - 2014-06-01 01:54 - 00000000 ____D () C:\Program Files\McAfee Security Scan

2014-06-01 01:54 - 2014-04-18 10:38 - 00001979 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

2014-06-01 01:54 - 2014-04-18 10:38 - 00000000 ____D () C:\ProgramData\McAfee Security Scan

2014-06-01 00:34 - 2014-06-01 00:34 - 00000221 _____ () C:\Windows\wininit.ini

2014-06-01 00:21 - 2014-06-01 00:20 - 11241816 _____ (Microsoft Corporation) C:\Users\Zenaida\Downloads\mseinstall.exe

2014-05-31 23:29 - 2014-05-31 23:29 - 00000000 ___HD () C:\Windows\PIF

2014-05-31 21:35 - 2014-05-31 21:33 - 26908896 _____ (Microsoft Corporation) C:\Users\Zenaida\Downloads\Windows-KB890830-V5.12.exe

2014-05-31 13:02 - 2012-03-28 23:16 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-05-31 03:34 - 2014-05-31 03:33 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-05-31 01:28 - 2013-04-24 14:05 - 00000000 ____D () C:\Users\Zenaida\Desktop\DOTA2

2014-05-30 21:29 - 2014-05-30 21:29 - 00005816 _____ () C:\Users\Zenaida\Desktop\first.txt

2014-05-30 12:21 - 2011-07-26 17:51 - 00000000 ____D () C:\Users\Zenaida\AppData\Local\CrashDumps

2014-05-30 04:30 - 2013-04-24 23:57 - 00000000 ____D () C:\Program Files\Common Files\Steam

2014-05-30 04:00 - 2013-12-12 07:42 - 00005614 _____ () C:\Users\Zenaida\Desktop\fox.txt

2014-05-30 03:40 - 2014-05-30 03:40 - 00406242 _____ () C:\Users\Zenaida\Desktop\sinker.htm

2014-05-30 03:40 - 2014-05-30 03:40 - 00000000 ____D () C:\Users\Zenaida\Desktop\sinker_files

2014-05-23 21:34 - 2014-03-09 17:55 - 00002100 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-05-22 19:42 - 2014-03-17 15:48 - 00000000 ____D () C:\Users\Zenaida\AppData\Roaming\CDisplayEx

2014-05-22 10:01 - 2010-11-15 21:00 - 00006450 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-21 16:11 - 2014-04-22 21:06 - 00000000 ____D () C:\Users\Zenaida\AppData\Local\Microsoft Games

2014-05-18 12:07 - 2009-07-14 10:37 - 00000000 ____D () C:\Windows\rescache

2014-05-15 14:59 - 2013-04-27 17:44 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-05-15 14:59 - 2012-02-11 18:33 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-05-14 12:21 - 2014-05-14 12:21 - 00000000 __SHD () C:\found.000

2014-05-14 10:45 - 2014-05-02 17:01 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-14 10:44 - 2013-06-18 00:32 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-05-14 10:43 - 2013-07-24 12:47 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-14 10:04 - 2014-05-14 10:04 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2014-05-13 02:00 - 2012-07-18 20:00 - 00000000 ____D () C:\Users\Zenaida\AppData\Roaming\Skype

2014-05-11 00:04 - 2013-12-09 15:20 - 00000882 _____ () C:\Users\Zenaida\Desktop\BitTorrent.lnk

2014-05-11 00:04 - 2013-12-09 15:20 - 00000862 _____ () C:\Users\Zenaida\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk

2014-05-09 15:06 - 2014-05-14 10:44 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 15:04 - 2014-05-14 10:44 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-08 13:56 - 2014-05-08 13:50 - 02503720 _____ () C:\Users\Zenaida\Downloads\Ragnarok_Online_Downloader (1).exe

2014-05-08 11:54 - 2014-05-08 11:49 - 02503720 _____ () C:\Users\Zenaida\Downloads\Ragnarok_Online_Downloader.exe

2014-05-06 11:25 - 2014-05-14 10:40 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-06 11:07 - 2014-05-14 10:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-06 10:10 - 2014-05-14 10:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

Some content of TEMP:

====================

C:\Users\Zenaida\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Zenaida\AppData\Local\Temp\utt5DCC.tmp.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager

--------------------

identifier {bootmgr}

device partition=\Device\HarddiskVolume1

description Windows Boot Manager

locale en-US

inherit {globalsettings}

default {current}

resumeobject {8c21156f-f0b6-11df-ae71-88ae1df24066}

displayorder {current}

toolsdisplayorder {memdiag}

timeout 30

Windows Boot Loader

-------------------

identifier {current}

device partition=C:

path \Windows\system32\winload.exe

description Windows 7

locale en-US

inherit {bootloadersettings}

recoverysequence {8c211571-f0b6-11df-ae71-88ae1df24066}

recoveryenabled Yes

osdevice partition=C:

systemroot \Windows

resumeobject {8c21156f-f0b6-11df-ae71-88ae1df24066}

nx OptIn

Windows Boot Loader

-------------------

identifier {8c211571-f0b6-11df-ae71-88ae1df24066}

device ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{8c211572-f0b6-11df-ae71-88ae1df24066}

path \windows\system32\winload.exe

description Windows Recovery Environment

inherit {bootloadersettings}

osdevice ramdisk=[\Device\HarddiskVolume1]\Recovery\WindowsRE\Winre.wim,{8c211572-f0b6-11df-ae71-88ae1df24066}

systemroot \windows

nx OptIn

winpe Yes

Resume from Hibernate

---------------------

identifier {8c21156f-f0b6-11df-ae71-88ae1df24066}

device partition=C:

path \Windows\system32\winresume.exe

description Windows Resume Application

locale en-US

inherit {resumeloadersettings}

filedevice partition=C:

filepath \hiberfil.sys

pae Yes

debugoptionenabled No

Windows Memory Tester

---------------------

identifier {memdiag}

device partition=\Device\HarddiskVolume1

path \boot\memtest.exe

description Windows Memory Diagnostic

locale en-US

inherit {globalsettings}

badmemoryaccess Yes

EMS Settings

------------

identifier {emssettings}

bootems Yes

Debugger Settings

-----------------

identifier {dbgsettings}

debugtype Serial

debugport 1

baudrate 115200

RAM Defects

-----------

identifier {badmemory}

Global Settings

---------------

identifier {globalsettings}

inherit {dbgsettings}

{emssettings}

{badmemory}

Boot Loader Settings

--------------------

identifier {bootloadersettings}

inherit {globalsettings}

{hypervisorsettings}

Hypervisor Settings

-------------------

identifier {hypervisorsettings}

hypervisordebugtype Serial

hypervisordebugport 1

hypervisorbaudrate 115200

Resume Loader Settings

----------------------

identifier {resumeloadersettings}

inherit {globalsettings}

Device options

--------------

identifier {8c211572-f0b6-11df-ae71-88ae1df24066}

description Ramdisk Options

ramdisksdidevice partition=\Device\HarddiskVolume1

ramdisksdipath \Recovery\WindowsRE\boot.sdi

LastRegBack: 2014-05-29 01:10

==================== End Of Log ============================

Microsoft Office Sessions:

=========================

==================== Memory info ===========================

Percentage of memory in use: 63%

Total physical RAM: 2930.67 MB

Available physical RAM: 1080.79 MB

Total Pagefile: 5859.63 MB

Available Pagefile: 3912.7 MB

Total Virtual: 2047.88 MB

Available Virtual: 1932.05 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:146.97 GB) NTFS

Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:53.67 GB) NTFS

Drive i: () (Removable) (Total:3.69 GB) (Free:3.43 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 31B52A66)

Partition 1: (Active) - (Size=400 MB) - (Type=27)

Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

========================================================

Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

kalistomo2 · June 4, 2014

Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-06-2014

Ran by Shendelzare Silkwood at 2014-06-04 23:27:12

Running from C:\Users\Shendelzare Silkwood\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)

Adobe AIR (Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden

Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated) Hidden

Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated) Hidden

Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated) Hidden

Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color EU Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Color NA Recommended Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS3 (HKLM\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated) Hidden

Adobe Reader XI (11.0.03) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)

Adobe Setup (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated) Hidden

Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated) Hidden

Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated) Hidden

Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated) Hidden

Age of Mythology - The Titans Expansion (HKLM\...\Age of Mythology Expansion Pack 1.0) (Version: - )

Age of Mythology (HKLM\...\Age of Mythology 1.0) (Version: - )

Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v8.00.00(T) - TOSHIBA CORPORATION)

Bookworm Adventures Vol. 2 (HKLM\...\Bookworm Adventures Vol. 2) (Version: - PopCap Games)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.42 - Broadcom Corporation)

CDisplayEx 1.10.8 (HKLM\...\CDisplayEx_is1) (Version: - cdisplayex.com)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Disciples III: Resurrection (HKLM\...\{AED2C31B-91E5-481f-9E77-D3D6F68B3206}_is1) (Version: - .DAT)

eBay (HKLM\...\{FDE58148-57E7-43BF-879A-29CCE818C078}) (Version: 1.1.9 - eBay Inc.)

Facebook Video Calling 2.0.0.447 (HKLM\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)

Globe Tattoo Broadband (HKLM\...\Globe Tattoo Broadband) (Version: 21.005.11.00.158 - Huawei Technologies Co.,Ltd)

Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)

Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden

Heroes of Might and Magic V - Collectors Edition (HKLM\...\Heroes of Might and Magic V - Collectors Edition3.1) (Version: 3.1 - Ubisoft)

HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{C111B73A-93EA-4A12-80E2-0460F11D431F}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

HP Deskjet 1050 J410 series Help (HKLM\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)

HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5E83AB6E-2284-4468-BF97-A451904F186C}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)

HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)

HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)

HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden

Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)

Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)

Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)

Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Java 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Lightshot-5.1.2.5 (HKLM\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.2.5 - Skillbrains)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden

Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Click-to-Run 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden

Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Starter 2010 - English (HKLM\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Mozilla Firefox 30.0 (x86 en-US) (HKLM\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML4 Parser (HKLM\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)

Nero 10 Movie ThemePack Basic (Version: 10.0.10600.6.0 - Nero AG) Hidden

Nero BackItUp 10 (HKLM\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.4.24700.31.100 - Nero AG)

Nero BackItUp 10 Help (CHM) (Version: 1.0.10900 - Nero AG) Hidden

Nero BurnRights 10 (HKLM\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.0.11300.14.100 - Nero AG)

Nero BurnRights 10 Help (CHM) (Version: 1.0.10900 - Nero AG) Hidden

Nero Control Center 10 (Version: 10.2.200.0.2 - Nero AG) Hidden

Nero ControlCenter 10 Help (CHM) (Version: 1.0.10900 - Nero AG) Hidden

Nero Core Components 10 (Version: 2.0.16800.7.15 - Nero AG) Hidden

Nero Express 10 (HKLM\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.0.12100.22.100 - Nero AG)

Nero Express 10 Help (CHM) (Version: 1.0.10900 - Nero AG) Hidden

Nero InfoTool 10 (HKLM\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.0.11400.15.100 - Nero AG)

Nero InfoTool 10 Help (CHM) (Version: 1.0.10900 - Nero AG) Hidden

Nero MediaHub 10 (HKLM\...\{1F7FB68F-52F6-46A3-B42F-38CE46295AE5}) (Version: 1.0.14800.28.100 - Nero AG)

Nero MediaHub 10 Help (CHM) (Version: 1.0.10900 - Nero AG) Hidden

Nero Multimedia Suite 10 Essentials (HKLM\...\{0FF68F26-416C-4954-ACA5-6AD5F9DE99C1}) (Version: 10.0.15000 - Nero AG)

Nero RescueAgent 10 (HKLM\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.0.11800.26.100 - Nero AG)

Nero RescueAgent 10 Help (CHM) (Version: 1.0.10900 - Nero AG) Hidden

Nero StartSmart 10 (HKLM\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.0.12300.27.100 - Nero AG)

Nero StartSmart 10 Help (CHM) (Version: 1.0.10900 - Nero AG) Hidden

Nero Update (HKLM\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)

PDF Settings (Version: 1.0 - Adobe Systems Incorporated) Hidden

Realtek Ethernet Controller Driver For Windows 7 (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)

Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)

Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)

Skype Toolbars (HKLM\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)

Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Smart Bro (HKLM\...\Smart Bro) (Version: 22.001.18.18.238 - Huawei Technologies Co.,Ltd)

SMART BRO 2013.6.14outer (HKLM\...\SMART BRO 2013.6.14outer) (Version: 2013.6.14outer - )

Source SDK (HKLM\...\Steam App 211) (Version: - Valve)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1020 - SUPERAntiSpyware.com)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)

TOSHIBA Assist (HKLM\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)

TOSHIBA Bulletin Board (HKLM\...\InstallShield_{B2FB7DBA-CEEC-41F1-BC23-3323D96290F6}) (Version: 1.6.08.32 - TOSHIBA Corporation)

TOSHIBA Bulletin Board (Version: 1.6.08.32 - TOSHIBA Corporation) Hidden

TOSHIBA ConfigFree (HKLM\...\{E0FAA369-B0E3-48B8-9447-4873103B0012}) (Version: 8.0.33 - TOSHIBA CORPORATION)

TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 - TOSHIBA Corporation)

TOSHIBA DVD PLAYER (HKLM\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.12-A - TOSHIBA Corporation)

TOSHIBA Face Recognition (HKLM\...\InstallShield_{C730E42C-935A-45BB-A0C5-37E5234D111B}) (Version: 3.1.3.32 - TOSHIBA Corporation)

TOSHIBA Face Recognition (Version: 3.1.3.32 - TOSHIBA Corporation) Hidden

TOSHIBA Flash Cards Support Utility (HKLM\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)

TOSHIBA Flash Cards Support Utility (Version: 1.63.0.11C - TOSHIBA CORPORATION) Hidden

TOSHIBA Hardware Setup (HKLM\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.30C - TOSHIBA CORPORATION)

TOSHIBA Hardware Setup (Version: 1.63.0.30C - TOSHIBA CORPORATION) Hidden

TOSHIBA HDD/SSD Alert (HKLM\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.0.6 - TOSHIBA Corporation)

TOSHIBA HDD/SSD Alert (Version: 3.1.0.6 - TOSHIBA Corporation) Hidden

Toshiba Manuals (HKLM\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)

TOSHIBA Media Controller (HKLM\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.80.8 - TOSHIBA CORPORATION)

TOSHIBA Media Controller Plug-in (HKLM\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)

TOSHIBA Online Product Information (HKLM\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 2.09.0001 - TOSHIBA)

TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.5 - TOSHIBA Corporation)

TOSHIBA Recovery Media Creator Reminder (HKLM\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)

TOSHIBA Recovery Media Creator Reminder (Version: 1.00.0019 - TOSHIBA) Hidden

TOSHIBA ReelTime (HKLM\...\InstallShield_{8CD0B97D-46E9-4293-B467-A24DB96DB6DB}) (Version: 1.7.16.32 - TOSHIBA Corporation)

TOSHIBA ReelTime (Version: 1.7.16.32 - TOSHIBA Corporation) Hidden

TOSHIBA Service Station (HKLM\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)

TOSHIBA Supervisor Password (HKLM\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.10C - TOSHIBA CORPORATION)

TOSHIBA Supervisor Password (Version: 1.63.0.10C - TOSHIBA CORPORATION) Hidden

Toshiba TEMPRO (HKLM\...\{DBB7021A-3437-446F-ACE5-7261644A972C}) (Version: 3.33 - Toshiba Europe GmbH)

TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.3.19 - TOSHIBA Corporation)

TOSHIBA Value Added Package (Version: 1.3.19 - TOSHIBA Corporation) Hidden

TOSHIBA Web Camera Application (HKLM\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.16 - TOSHIBA Corporation)

TRORMCLauncher (HKLM\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: 1.0.0.10 - TOSHIBA)

TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)

Update for Microsoft Office Access 2007 Help (KB963663) (HKLM\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)

Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)

Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version: - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)

Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version: - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)

Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)

Utility Common Driver (Version: 1.0.52.2C - TOSHIBA) Hidden

VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

Warframe (HKLM\...\Steam App 230410) (Version: - )

WinArchiver (HKLM\...\WinArchiver) (Version: 3.4 - Power Software Ltd)

Windows Driver Package - ATI Technologies Inc. (amdkmdap) Display (10/05/2010 8.783.0.0000) (HKLM\...\9DB07010F6FF5D15AA7354D4E46AB19CF969D0C3) (Version: 10/05/2010 8.783.0.0000 - ATI Technologies Inc.)

Windows Driver Package - ATI Technologies Inc. (amdkmdap) Display (10/05/2010 8.783.0.0000) (HKLM\...\D562A120D6E42CAAED6C38917D58C2EB4D941D92) (Version: 10/05/2010 8.783.0.0000 - ATI Technologies Inc.)

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinRAR 5.00 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

Your Uninstaller! 7 (HKLM\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)

بريد Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة (HKLM\...\{E18B30AA-6E2D-480C-B918-AF61009F4010}) (Version: 15.4.5722.2 - Microsoft Corporation)

معرض صور Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points =========================

30-05-2014 04:28:53 Windows Update

31-05-2014 16:33:55 Before uninstalling Browser Tab Search by Ask for Firefox

01-06-2014 00:15:10 Before uninstalling ???? ???? ActiveX ????? ?? Windows Live Mesh ????????? ???????

01-06-2014 13:43:35 Before uninstalling Photo Service - powered by myphotobook

01-06-2014 13:43:48 Removed Photo Service - powered by myphotobook

03-06-2014 11:37:54 Windows Update

==================== Hosts content: ==========================

2009-07-14 10:04 - 2009-06-11 05:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02D38B41-6334-4AAD-A95C-6776E8288539} - System32\Tasks\{6DAC970C-0A15-488D-B6B0-B3DF9E8ADF68} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {1492D0B3-7EB6-4644-92C4-5159C24D7E47} - System32\Tasks\{DC0A0793-1CCC-496C-AE7F-32175E4CC02D} => C:\Users\Zenaida\Desktop\DOTA2\Steam.exe [2014-05-30] (Valve Corporation)

Task: {1F69605D-B389-496B-A247-81013F06CBA6} - System32\Tasks\{CE191A2E-A357-4FEE-ACBE-1A21BCAA4F21} => C:\Users\Zenaida\Desktop\DOTA2\Steam.exe [2014-05-30] (Valve Corporation)

Task: {20D2ADED-B20F-441A-9A94-8E6BB527BA1B} - System32\Tasks\{D7228264-9FC6-4BA8-B40A-F433C10239FE} => C:\Users\Zenaida\Desktop\DOTA2\Steam.exe [2014-05-30] (Valve Corporation)

Task: {224DCAFF-2F66-4BCA-9B64-85DAF4479C78} - System32\Tasks\{F5D15D4E-18AA-42EA-A04B-2C93AD6EEEA2} => C:\Users\Zenaida\Downloads\FP-008 XON\Android 4.0 Installer\LiveSuitPack_version_1.07_2011026.exe

Task: {23924C9D-919F-4D6B-AEA0-3DC3AC2FFCC1} - System32\Tasks\{C4C4F525-32DD-4D51-9481-B38166767069} => C:\Users\Zenaida\Downloads\FP-008 XON\Android 4.0 Installer\LiveSuitPack_version_1.07_2011026.exe

Task: {2E79B4AD-0484-4EB4-BD0E-0F1C1FEF3A5F} - System32\Tasks\{47465652-3E5F-4E34-91E3-4887CDF967E6} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {3F28D22F-C670-48F1-8FCD-93F06AB441EB} - System32\Tasks\{5593B91D-67D7-4AB4-93CF-9E059043D1C8} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {56423173-F12B-44B0-89A0-C0D62E1086B9} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1569652100-3304354286-3704929050-1000Core => C:\Users\Zenaida\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-22] (Facebook Inc.)

Task: {56E5B05C-DCCF-4A17-AAE6-EFDA55B93E03} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1569652100-3304354286-3704929050-1000UA => C:\Users\Zenaida\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-22] (Facebook Inc.)

Task: {58D54944-28D8-4023-A159-9F23959608EC} - System32\Tasks\{33430B18-90D8-479A-B884-427A4E88AA56} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {70D17D92-5020-49BA-AD3E-91ED5D75F141} - System32\Tasks\{3268C65D-A36C-4464-AA55-13D8A491CED2} => C:\Users\Zenaida\Downloads\FP-008 XON\Android 4.0 Installer\LiveSuitPack_version_1.07_2011026.exe

Task: {7617AB9C-1EC1-4A1D-849C-12563F45DA1C} - System32\Tasks\{43CA3CB2-B486-4C0D-A6BE-E05E2860DFDA} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {7B2B906C-4DE4-4175-969B-54ED57FD356E} - System32\Tasks\{563FE290-866F-48FB-97F4-599FB67FB1EC} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {82212037-DC70-46C3-AA3F-0DB71CAAC006} - System32\Tasks\{4D445EAC-0BDA-4359-A3EB-81A4EA4EE195} => C:\Users\Zenaida\Desktop\DOTA2\Steam.exe [2014-05-30] (Valve Corporation)

Task: {83819298-9F43-447C-B372-05AD1118C281} - System32\Tasks\{1B7263A5-BB54-4136-923A-D168AAB6758D} => C:\Users\Zenaida\Downloads\FP-008 XON\Android 4.0 Installer\LiveSuit.exe

Task: {90C0C3D2-3291-4D3D-91BE-440284FF6DEA} - System32\Tasks\{9D35904D-B9F8-47AC-91E8-F82DEE2E10E4} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {95BA0B8A-4410-420D-AA02-58F10B1FFD56} - System32\Tasks\{F8EDC2C6-17DA-45C7-80E0-9C61F9B2B6C2} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {A132B917-32B8-4E87-A834-5D269B098BA2} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)

Task: {A74B2587-849F-48F4-BDE1-76682764C274} - System32\Tasks\update-sys => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()

Task: {A820962D-2CD9-4603-8D74-7F6AD1A53E27} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe [2010-06-03] (TOSHIBA CORPORATION)

Task: {B129E67E-F2C7-42CA-A9CD-23F751274CA0} - System32\Tasks\{D4718413-21ED-4F53-A01E-510129065A08} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {B538C7E0-9A13-4F4C-9D5E-BBB4FCD1B947} - System32\Tasks\{FB8A8177-A562-4D00-A6C4-C51AE58F3DA6} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {BBF9CF26-D503-4C46-A34D-3E0AAF8D1C44} - System32\Tasks\{33DF4602-9371-4D56-A121-F511AB996D5A} => C:\Users\Zenaida\Downloads\FP-008 XON\Android 4.0 Installer\LiveSuit.exe

Task: {BCA92A4A-2DE5-4815-A871-02E6E250C1B5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-15] (Adobe Systems Incorporated)

Task: {BD0621D5-8A80-4EAB-9096-1AA17C0D3BC4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-09] (Google Inc.)

Task: {C5218249-2F22-4CED-8298-BFD80B5B3090} - System32\Tasks\{A6E223F2-9102-47DD-9AD5-CC6E44E1B530} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {C86C719B-7A51-4BBA-8472-4763604ECFF7} - System32\Tasks\{D28F614C-F691-4BC7-BDD6-5E4844B84EB4} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {CA238392-B9A0-43AE-8D04-64E952DA2C03} - System32\Tasks\{CF0EBA65-2AF7-4FA4-B9C5-19FCF88BBCF6} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {CC5F3412-5FB8-4273-B061-DFD8739CEC24} - System32\Tasks\{8D902089-FF91-4E1C-8461-6AA8625AAEC5} => C:\Users\Zenaida\Desktop\DOTA2\Steam.exe [2014-05-30] (Valve Corporation)

Task: {CF1CF29E-BCF6-4CF8-BE8A-B7CF7F353AC9} - System32\Tasks\update-S-1-5-21-1569652100-3304354286-3704929050-1000 => C:\Program Files\Skillbrains\Updater\Updater.exe [2014-03-25] ()

Task: {D8038881-F773-4AAD-969F-08F89FFA11EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-03-09] (Google Inc.)

Task: {DF77E35E-AA1A-4E81-AAC2-DC715224AE10} - System32\Tasks\{04A2453D-6C22-454B-AC1B-1E4844F3B391} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {ECB49594-8885-4BE9-A164-7292FFF8BE5D} - System32\Tasks\{223D6731-2834-4A89-A699-7326192752A0} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: {EE1B0E6E-D563-4F29-8118-24021E174FA6} - System32\Tasks\{8A6F8714-9FA7-4EE6-A53D-B9B57D3C60AF} => C:\Heroes of Might and Magic V - Collectors Edition\HMM5\bina2\bin\H5_Game.exe [2008-06-04] ()

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1569652100-3304354286-3704929050-1000Core.job => C:\Users\Zenaida\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1569652100-3304354286-3704929050-1000UA.job => C:\Users\Zenaida\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\update-S-1-5-21-1569652100-3304354286-3704929050-1000.job => C:\Program Files\Skillbrains\Updater\Updater.exe

Task: C:\Windows\Tasks\update-sys.job => C:\Program Files\Skillbrains\Updater\Updater.exe

==================== Loaded Modules (whitelisted) =============

2013-11-10 10:53 - 2013-11-10 10:53 - 00202264 _____ () C:\Program Files\WinArchiver\WAService.exe

2013-11-02 15:26 - 2013-05-22 14:41 - 00135168 _____ () C:\Windows\System32\ChgService.exe

2013-10-30 20:54 - 2013-10-30 20:54 - 00218624 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\ouc.exe

2013-10-30 20:54 - 2013-10-30 20:54 - 00011362 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\mingwm10.dll

2013-10-30 20:54 - 2013-10-30 20:54 - 00043008 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\libgcc_s_dw2-1.dll

2013-10-30 20:54 - 2013-10-30 20:54 - 02415104 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtCore4.dll

2013-10-30 20:54 - 2013-10-30 20:54 - 01148416 _____ () C:\ProgramData\Globe Tattoo Broadband\OnlineUpdate\QtNetwork4.dll

2011-03-14 23:27 - 2011-03-14 23:27 - 00271712 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe

2014-02-06 07:54 - 2014-02-06 07:52 - 00246112 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\ouc.exe

2014-02-06 07:54 - 2014-02-06 07:52 - 00011362 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\mingwm10.dll

2014-02-06 07:54 - 2014-02-06 07:52 - 00043008 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\libgcc_s_dw2-1.dll

2014-02-06 07:54 - 2014-02-06 07:52 - 02415104 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtCore4.dll

2014-02-06 07:54 - 2014-02-06 07:52 - 01148416 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtNetwork4.dll

2014-02-06 07:54 - 2014-02-06 07:52 - 00384512 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QueryStrategy.dll

2014-02-06 07:54 - 2014-02-06 07:52 - 00398336 _____ () C:\ProgramData\Smart Bro\OnlineUpdate\QtXml4.dll

2014-05-23 21:34 - 2014-05-14 07:40 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libglesv2.dll

2014-05-23 21:34 - 2014-05-14 07:40 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libegl.dll

2014-05-23 21:34 - 2014-05-14 07:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll

2014-05-23 21:34 - 2014-05-14 07:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll

2014-05-23 21:34 - 2014-05-14 07:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

2014-05-23 21:34 - 2014-05-14 07:40 - 13695816 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51

==================== Safe Mode (whitelisted) ===================

==================== EXE Association (whitelisted) =============

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: McComponentHostService => 3

MSCONFIG\Services: NAUpdate => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\Windows\pss\Bluetooth Manager.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupreg: (default) =>

MSCONFIG\startupreg: 00TCrdMain => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe

MSCONFIG\startupreg: autodetect => C:\Windows\system32\SupportAppXL\AutoDect.exe

MSCONFIG\startupreg: Facebook Update => "C:\Users\Zenaida\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe

MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe

MSCONFIG\startupreg: HWSetup => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe hwSetUP

MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe

MSCONFIG\startupreg: KeNotify => "C:\Program Files\TOSHIBA\Utilities\KeNotify.exe" LPCM

MSCONFIG\startupreg: LightShot => C:\Users\Zenaida\AppData\Local\Skillbrains\lightshot\LightShot.exe Flags: uninsdeletevalue

MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet

MSCONFIG\startupreg: Microsoft Default Manager => "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume

MSCONFIG\startupreg: NBAgent => "c:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart

MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe

MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup

MSCONFIG\startupreg: SmartFaceVWatcher => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe

MSCONFIG\startupreg: SmoothView => C:\Program Files\Toshiba\SmoothView\SmoothView.exe

MSCONFIG\startupreg: SVPWUTIL => C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL

MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

MSCONFIG\startupreg: Toshiba TEMPRO => C:\Program Files\Toshiba TEMPRO\TemproTray.exe

MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60

MSCONFIG\startupreg: TosNC => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe

MSCONFIG\startupreg: TosReelTimeMonitor => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe

MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe

MSCONFIG\startupreg: TPwrMain => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE

MSCONFIG\startupreg: TWebCamera => "C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

MSCONFIG\startupreg: WAHELPER.EXE => "C:\Program Files\WinArchiver\WAHELPER.EXE"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (06/04/2014 08:22:30 PM) (Source: Application Virtualization Client) (EventID: 6026) (User: )

Description: {tid=10D0}

corrupt cp file detected ('Q:\140066.enu\osguard.cp'). osguard cp file, NO CORRECTIVE ACTION TAKEN

Error: (06/04/2014 04:47:29 PM) (Source: Application Virtualization Client) (EventID: 6026) (User: )

Description: {tid=10F8}

corrupt cp file detected ('Q:\140066.enu\osguard.cp'). osguard cp file, NO CORRECTIVE ACTION TAKEN

Error: (06/04/2014 02:10:15 PM) (Source: Application Virtualization Client) (EventID: 6026) (User: )

Description: {tid=1148}

corrupt cp file detected ('Q:\140066.enu\osguard.cp'). osguard cp file, NO CORRECTIVE ACTION TAKEN

Error: (06/04/2014 09:44:31 AM) (Source: Application Virtualization Client) (EventID: 6026) (User: )

Description: {tid=10F8}

corrupt cp file detected ('Q:\140066.enu\osguard.cp'). osguard cp file, NO CORRECTIVE ACTION TAKEN

Error: (06/04/2014 07:13:14 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (06/04/2014 07:10:28 AM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".

Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

Error: (06/03/2014 11:22:35 PM) (Source: Application Virtualization Client) (EventID: 6026) (User: )

Description: {tid=11D8}

corrupt cp file detected ('Q:\140066.enu\osguard.cp'). osguard cp file, NO CORRECTIVE ACTION TAKEN

Error: (06/03/2014 10:29:49 PM) (Source: Application Virtualization Client) (EventID: 6026) (User: )

Description: {tid=116C}

corrupt cp file detected ('Q:\140066.enu\osguard.cp'). osguard cp file, NO CORRECTIVE ACTION TAKEN

Error: (06/03/2014 07:23:15 PM) (Source: Application Virtualization Client) (EventID: 6026) (User: )

Description: {tid=126C}

corrupt cp file detected ('Q:\140066.enu\osguard.cp'). osguard cp file, NO CORRECTIVE ACTION TAKEN

Error: (06/03/2014 01:53:01 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

System errors:

=============

Error: (06/04/2014 11:26:33 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 11:06:29 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 11:04:57 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 10:16:19 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 10:01:52 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 09:55:30 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 09:54:35 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 09:50:11 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 09:48:31 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Error: (06/04/2014 09:46:44 PM) (Source: ipnathlp) (EventID: 31004) (User: )

Description: 0

Microsoft Office Sessions:

=========================

==================== Memory info ===========================

Percentage of memory in use: 63%

Total physical RAM: 2930.67 MB

Available physical RAM: 1080.79 MB

Total Pagefile: 5859.63 MB

Available Pagefile: 3912.7 MB

Total Virtual: 2047.88 MB

Available Virtual: 1932.05 MB

==================== Drives ================================

Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:146.97 GB) NTFS

Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:53.67 GB) NTFS

Drive i: () (Removable) (Total:3.69 GB) (Free:3.43 GB) FAT32

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 31B52A66)

Partition 1: (Active) - (Size=400 MB) - (Type=27)

Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)

========================================================

Disk: 1 (Size: 4 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

kalistomo2 · June 4, 2014

Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-06-2014

Ran by Shendelzare Silkwood at 2014-06-05 01:03:33

Running from C:\Users\Shendelzare Silkwood\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}