Having problems running Malware.. I think I'm infected

kdtyler10 · July 2, 2014

Any help that you can provide would be very appreciated

Addition.txt

FRST.txt

kdtyler10 · July 2, 2014

Not sure if I should have pasted the logs...

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-07-2014

Ran by EDITH CAIN (administrator) on EDITHCAINLAPTOP on 02-07-2014 14:54:36

Running from C:\Users\EDITH CAIN\Documents\Downloads

Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)

Internet Explorer Version 9

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

() C:\Windows\System32\WLTRYSVC.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE

(Andrea Electronics Corporation) C:\Windows\System32\AEstSrv.exe

(AOL LLC) C:\Program Files\Common Files\aol\acs\AOLacsd.exe

() C:\Users\EDITH CAIN\AppData\Local\a05affdce4ca9d72a7d3c0c3ab912182\b96b7643e8c426f.exe

() C:\Users\123\AppData\Local\c2a96e701e29d4ee54e891ff50a200de\DefaultFreewareProcess.exe

() C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord\FunctionKeyboardWord.exe

() C:\Program Files\003\htfmboczez32.exe

(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe

() C:\Program Files\pcmax\pcmax.exe

() C:\Program Files\Pirrit\AutoUpdater.exe

(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe

(IDT, Inc.) C:\Windows\System32\stacsv.exe

() C:\Program Files\WinRST\WinRST.exe

(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe

(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

() C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord\AppEncondingWin32.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corporation) C:\Windows\System32\wercon.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [fst_us_87] => [X]

HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [155648 2009-01-09] (Apple Computer, Inc.)

HKLM\...\Run: [fst_us_53] => [X]

HKLM\...\Run: [fst_us_63] => [X]

Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll (Citrix Online, a division of Citrix Systems, Inc.)

HKLM\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-756178843-1719226502-2987531416-1000\...\Run: [Driver Detective] => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe /applicationMode:systemTray /showWelcome:false

HKU\S-1-5-21-756178843-1719226502-2987531416-1000\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()

HKU\S-1-5-21-756178843-1719226502-2987531416-1000\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-756178843-1719226502-2987531416-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-756178843-1719226502-2987531416-1000\...\Policies\Explorer: [HideSCAHealth] 1

HKU\S-1-5-21-756178843-1719226502-2987531416-1001\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-756178843-1719226502-2987531416-1001\...\Run: [DellSupportCenter] => C:\Program Files\Dell Support Center\bin\sprtcmd.exe [202544 2008-03-11] (SupportSoft, Inc.)

HKU\S-1-5-21-756178843-1719226502-2987531416-1001\...\Run: [Weather] => C:\Program Files\AWS\WeatherBug\Weather.exe 1

HKU\S-1-5-21-756178843-1719226502-2987531416-1001\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [155648 2009-01-09] (Apple Computer, Inc.)

HKU\S-1-5-21-756178843-1719226502-2987531416-1001\...\RunOnce: [DelTr701598] - cmd.exe /c rd /s /q "C:\Users\EDITH CAIN\AppData\Roaming\Speedial"

HKU\S-1-5-21-756178843-1719226502-2987531416-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-756178843-1719226502-2987531416-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

AppInit_DLLs: c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll => c:\progra~2\browse~1\261095~1.52\{c16c1~1\browse~1.dll File Not Found

ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => No File

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.

ProxyServer: http=127.0.0.1:37956

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x94B9289D0A81CF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =

URLSearchHook: HKLM - AOL Toolbar Search Class - {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)

SearchScopes: HKLM - DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL =

SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL =

SearchScopes: HKCU - DefaultScope {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3329901&octid=EB_ORIGINAL_CTID&ISID=M8D330D17-4567-41FF-A3BA-3421B42F9F97&SearchSource=58&CUI=&UM=2&UP=SP4B7F0AB4-FAB1-46BE-AFB9-2F701293C701&q={searchTerms}&SSPV=

SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL = http://www.trovi.com/Results.aspx?gd=&ctid=CT3329901&octid=EB_ORIGINAL_CTID&ISID=M8D330D17-4567-41FF-A3BA-3421B42F9F97&SearchSource=58&CUI=&UM=2&UP=SP4B7F0AB4-FAB1-46BE-AFB9-2F701293C701&q={searchTerms}&SSPV=

BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.)

BHO: AOL Toolbar Loader - {3ef64538-8b54-4573-b48f-4d34b0238ab2} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)

BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)

BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)

BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File

BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)

BHO: IEExtension.Extension - {d40c654d-7c51-4eb3-95b2-1e23905c2a2d} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

BHO: Zoom Downloader - {E5C66DD8-308B-4a4f-AF0A-3D04F25B5343} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)

Toolbar: HKLM - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)

Toolbar: HKCU - AOL Toolbar - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - C:\Program Files\AOL Toolbar\aoltb.dll (AOL Inc.)

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File

DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455}

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.)

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)

Handler: rebinfo - {AF808758-C780-404C-A4EE-4526323FD9B6} - No File

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:

========

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @viewpoint.com/VMP - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Extension: No Name - C:\Users\EDITH CAIN\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2014-04-19]

FF Extension: Pirrit Suggestor - C:\Users\EDITH CAIN\AppData\Roaming\Mozilla\Firefox\profiles\extensions\suggestor@suggestor.pirrit.com.xpi [2014-04-19]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-18]

FF HKCU\...\Firefox\Extensions: [{58bd07eb-0ee0-4df0-8121-dc9b693373df}] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension

FF HKCU\...\Firefox\Extensions: [{828c786a-e911-4821-aabd-a58eff0dcf02}] - C:\Program Files\BlockAndSurf Corp\158.xpi

Chrome:

=======

CHR HomePage: hxxp://www.yahoo.com/

CHR Extension: (Speedial) - C:\Users\EDITH CAIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2014-06-05]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\EDITH CAIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-02]

CHR Extension: (HD-Vpro--1.9) - C:\Users\EDITH CAIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cckahkoimnbpflhhobnanhfdihegpedf [2014-04-19]

CHR Extension: (DailyBibleGuide) - C:\Users\EDITH CAIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdanlnkkocbcbpgngbjcmfopmnicklbf [2014-04-19]

CHR Extension: (MySearchDial) - C:\Users\EDITH CAIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-04-19]

CHR Extension: (easy-deals3) - C:\Users\EDITH CAIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\iobhlofholalpkgbeoeobhckdmfpcpce [2014-04-19]

CHR Extension: (Google Wallet) - C:\Users\EDITH CAIN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-19]

CHR HKLM\...\Chrome\Extension: [aaaaimaoojakejhnaflpfmfgdkpllplb] - C:\ProgramData\AskPartnerNetwork\Toolbar\BCPA1-V7\CRX\ToolbarCR.crx [2014-04-19]

CHR HKLM\...\Chrome\Extension: [gdanlnkkocbcbpgngbjcmfopmnicklbf] - C:\Program Files\DailyBibleGuide Chrome Extension\bar\DailyBibleGuide@mindspark.com [2014-04-17]

CHR HKLM\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\EDITHC~1\AppData\Local\speedial.crx [2014-04-19]

CHR HKLM\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1095.52\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [2014-04-19]

CHR HKCU\...\Chrome\Extension: [iagcajndpnfncplednpbnkahadegklfa] - C:\Users\EDITHC~1\AppData\Local\speedial.crx [2014-04-19]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 AOL ACS; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [46640 2006-10-23] (AOL LLC)

S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-01-06] () [File not signed]

S4 AVG Security Toolbar Service; C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe [167264 2011-11-10] ()

S4 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)

S4 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-07-23] (AVG Technologies CZ, s.r.o.)

R2 b96b7643e8c426f.exe; C:\Users\EDITH CAIN\AppData\Local\a05affdce4ca9d72a7d3c0c3ab912182\b96b7643e8c426f.exe [93696 2014-05-27] () [File not signed]

R2 DefaultFreewareProcess.exe; C:\Users\123\AppData\Local\c2a96e701e29d4ee54e891ff50a200de\DefaultFreewareProcess.exe [110592 2014-06-03] () [File not signed]

R2 FunctionKeyboardWord.exe; C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord\FunctionKeyboardWord.exe [110629 2014-07-01] () [File not signed]

R2 htfmboczez32; C:\Program Files\003\htfmboczez32.exe [541696 2014-04-19] () [File not signed]

S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [241344 2014-05-29] ()

R2 PirritUpdater; C:\Program Files\Pirrit\AutoUpdater.exe [59904 2014-02-20] () [File not signed]

R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)

R2 sprtsvc_dellsupportcenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [202544 2008-03-11] (SupportSoft, Inc.)

R2 WinRST; C:\Program Files\WinRST\WinRST.exe [59904 2014-02-26] () [File not signed]

R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [2506752 2007-12-11] (Dell Inc.) [File not signed]

S2 4f893caf24e3b34.exe; C:\Users\123\AppData\Local\7f6f6588fcc35d70d4f131cddf46ac5e\4f893caf24e3b34.exe [X]

S2 BTHelper.exe; C:\Program Files\Brand Thunder\Helper\bin\BTHelper.exe [X]

S2 f069d3e76f26eb9.exe; C:\Users\EDITH CAIN\AppData\Local\e10653ec9b12b1de0a47da1ed83cf89e\f069d3e76f26eb9.exe [X]

S2 PirritDesktop; C:\Users\EDITH CAIN\AppData\Local\PirritSuggestor\PirritService.exe [X]

S2 vosr; C:\Users\EDITH CAIN\AppData\Roaming\VOPackage\VOsrv.exe [X]

S2 vToolbarUpdater14.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\14.2.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [208184 2013-07-20] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22328 2013-09-10] (AVG Technologies CZ, s.r.o.)

S1 AvgLdx86; C:\Windows\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)

R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)

R0 AvgMfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)

R1 AvgTdiX; C:\Windows\System32\DRIVERS\avgtdix.sys [182072 2013-03-21] (AVG Technologies CZ, s.r.o.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-02] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [36600 2014-04-28] (Riverbed Technology, Inc.)

R4 RegFltrX86; C:\Users\123\AppData\Local\c2a96e701e29d4ee54e891ff50a200de\RegFltrX86.sys [17552 2014-06-03] ()

S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2014-06-05] ()

R3 wanatw; C:\Windows\System32\DRIVERS\wanatw4.sys [33588 2006-11-01] (America Online, Inc.)

R1 {cc30460f-753f-44d9-b58c-13dae1321968}t; C:\Windows\System32\drivers\{cc30460f-753f-44d9-b58c-13dae1321968}t.sys [55232 2014-05-22] (StdLib)

S3 BCM42RLY; system32\drivers\BCM42RLY.sys [X]

S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]

S0 hitmanpro37duringboot; system32\drivers\hitmanpro37.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-02 14:54 - 2014-07-02 14:54 - 00000000 ____D () C:\FRST

2014-07-02 14:37 - 2014-07-02 14:38 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-02 14:37 - 2014-07-02 14:37 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-02 14:37 - 2014-07-02 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-02 14:37 - 2014-07-02 14:37 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-02 14:37 - 2014-07-02 14:37 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-02 14:37 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-02 14:37 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-02 14:37 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-07-02 14:17 - 2014-07-02 14:18 - 00176285 _____ () C:\Users\EDITH CAIN\Desktop\CheckResults.txt

2014-07-02 14:15 - 2014-07-02 14:15 - 00014688 _____ () C:\Users\EDITH CAIN\Desktop\attach.txt

2014-07-02 14:15 - 2014-07-02 14:14 - 00016217 _____ () C:\Users\EDITH CAIN\Desktop\dds.txt

2014-07-02 10:22 - 2014-07-02 14:03 - 00000003 _____ () C:\Users\EDITH CAIN\AppData\Local\proxy.log

2014-07-02 10:22 - 2014-07-02 12:32 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\BenchUpdater

2014-07-02 10:21 - 2014-07-02 14:05 - 00000000 ____D () C:\Program Files\Bench

2014-07-01 21:20 - 2014-07-01 21:20 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf95ace54f00ae.job

2014-07-01 21:20 - 2014-05-28 09:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-01 21:20 - 2014-05-28 09:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-01 21:20 - 2014-05-28 09:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-01 21:20 - 2014-05-28 09:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-01 21:20 - 2014-05-28 09:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-01 21:20 - 2014-05-28 09:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-01 21:20 - 2014-05-28 09:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-07-01 21:20 - 2014-05-28 09:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-01 21:20 - 2014-05-28 09:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-01 21:20 - 2014-05-28 09:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-07-01 21:20 - 2014-05-28 09:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-01 21:20 - 2014-05-28 09:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-01 21:20 - 2014-05-28 09:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-01 21:20 - 2014-05-28 09:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-01 21:20 - 2014-05-28 09:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-07-01 21:20 - 2014-05-28 09:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-01 21:20 - 2014-05-28 09:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-01 21:20 - 2014-05-28 09:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-01 21:20 - 2014-05-28 09:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-07-01 21:20 - 2014-05-28 09:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-07-01 21:20 - 2014-05-28 09:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-01 21:18 - 2014-04-26 09:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-07-01 21:18 - 2014-04-04 19:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-07-01 21:18 - 2014-03-09 18:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-07-01 21:18 - 2014-03-09 18:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-07-01 21:04 - 2014-07-01 21:05 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord

2014-07-01 14:27 - 2014-07-01 14:27 - 00000000 __RSH () C:\MSDOS.SYS

2014-07-01 14:27 - 2014-07-01 14:27 - 00000000 __RSH () C:\IO.SYS

2014-07-01 13:42 - 2014-07-01 13:42 - 00000227 _____ () C:\Users\EDITH CAIN\AppData\Local\poetsch.bat

2014-07-01 13:08 - 2014-07-01 13:08 - 00000000 ____D () C:\Program Files\System Optimizer Pro

2014-07-01 13:04 - 2014-07-01 13:04 - 00000000 ____D () C:\Program Files\predm

2014-07-01 12:58 - 2014-07-01 12:58 - 00000680 _____ () C:\Users\123\AppData\Local\d3d9caps.dat

2014-07-01 11:43 - 2014-07-01 11:43 - 00000000 ____D () C:\Users\123\AppData\Roaming\OpenSoftwareUpdater

2014-07-01 11:42 - 2014-07-01 11:42 - 00000000 ____D () C:\Users\123\AppData\Local\WebBar

2014-06-18 19:47 - 2014-06-18 19:47 - 00000000 ____D () C:\4e62051e361e3695368ccc0515241b

2014-06-08 21:26 - 2014-06-08 21:26 - 00000000 ____D () C:\ProgramData\Sun

2014-06-08 20:47 - 2008-05-17 01:21 - 00139264 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaws.exe

2014-06-08 20:46 - 2008-05-17 01:21 - 00135168 _____ (Sun Microsystems, Inc.) C:\Windows\system32\javaw.exe

2014-06-08 20:46 - 2008-05-17 01:21 - 00135168 _____ (Sun Microsystems, Inc.) C:\Windows\system32\java.exe

2014-06-08 20:32 - 2014-06-08 21:25 - 00000000 ____D () C:\ProgramData\Oracle

2014-06-08 20:10 - 2014-06-22 12:37 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\PCFixSpeed

2014-06-08 20:10 - 2014-06-08 20:12 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\OpenSoftwareUpdater

2014-06-08 20:09 - 2014-07-02 12:32 - 00000000 ____D () C:\Program Files\gorillaprice

2014-06-08 20:07 - 2014-07-01 12:59 - 00000000 ____D () C:\Program Files\OpenSoftwareUpdater

2014-06-06 19:44 - 2014-06-10 14:30 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\Activeris

2014-06-06 19:18 - 2014-06-08 19:00 - 00000364 _____ () C:\Windows\Tasks\APSnotifierPP3.job

2014-06-06 19:18 - 2014-06-08 19:00 - 00000364 _____ () C:\Windows\Tasks\APSnotifierPP2.job

2014-06-06 19:15 - 2014-06-06 21:00 - 00002922 _____ () C:\Users\EDITH CAIN\AppData\Roaming\aps.scan.results

2014-06-06 19:15 - 2014-06-06 21:00 - 00001160 _____ () C:\Users\EDITH CAIN\AppData\Roaming\aps.scan.quick.results

2014-06-06 19:13 - 2014-06-06 19:13 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup

2014-06-05 19:24 - 2014-06-05 19:24 - 00000000 ____D () C:\Users\EDITH CAIN\Documents\PC Speed Maximizer

2014-06-05 19:20 - 2014-07-01 13:25 - 00000000 ____D () C:\ProgramData\InstallSightSDK

2014-06-05 19:20 - 2014-07-01 13:25 - 00000000 ____D () C:\Program Files\WebBar

2014-06-05 19:20 - 2014-06-10 15:17 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\WebBar

2014-06-05 19:20 - 2014-06-05 19:20 - 00000000 ____D () C:\Users\EDITH CAIN\Documents\GoFastPC

2014-06-05 19:19 - 2014-07-02 14:33 - 00000270 _____ () C:\Windows\Tasks\pcreg.job

2014-06-05 19:19 - 2014-06-18 20:12 - 00000354 _____ () C:\Windows\Tasks\At1.job

2014-06-05 19:19 - 2014-06-10 13:54 - 00000000 ____D () C:\Program Files\pcmax

2014-06-05 17:51 - 2014-06-05 17:51 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\PC_Drivers_Headquarters

2014-06-05 17:50 - 2014-06-05 17:50 - 00000000 ____D () C:\Program Files\PC Drivers HeadQuarters

2014-06-05 14:56 - 2014-07-01 13:12 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\fst_us_87

2014-06-05 14:44 - 2014-06-05 14:44 - 00000000 ____D () C:\Windows\Sun

2014-06-05 14:11 - 2014-06-05 14:57 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}

2014-06-05 12:47 - 2014-06-05 13:07 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-06-05 12:27 - 2014-06-05 12:27 - 00001735 _____ () C:\Users\EDITH CAIN\Downloads\WLBidRequestHandler

2014-06-05 10:51 - 2014-06-05 10:51 - 00000000 ____D () C:\Users\123\AppData\Roaming\Activeris

2014-06-05 10:46 - 2014-06-05 14:49 - 00001009 _____ () C:\Windows\system32\debug.log

2014-06-05 10:33 - 2014-06-05 10:33 - 00000000 ____D () C:\Users\123\AppData\Local\d9d28ad74c37999ab8d6d59ba193b832

2014-06-05 10:33 - 2014-06-05 10:33 - 00000000 ____D () C:\Users\123\AppData\Local\c2a96e701e29d4ee54e891ff50a200de

2014-06-05 10:22 - 2014-06-05 10:23 - 01527104 _____ (LogMeIn, Inc.) C:\Users\123\Downloads\Support-LogMeInRescue (7).exe

==================== One Month Modified Files and Folders =======

2014-07-02 14:56 - 2008-05-17 01:11 - 01917082 _____ () C:\Windows\WindowsUpdate.log

2014-07-02 14:54 - 2014-07-02 14:54 - 00000000 ____D () C:\FRST

2014-07-02 14:52 - 2008-05-23 14:48 - 00000000 ___HD () C:\TEMP

2014-07-02 14:50 - 2013-03-14 17:54 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-02 14:38 - 2014-07-02 14:37 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-02 14:38 - 2014-04-19 09:14 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\CrashDumps

2014-07-02 14:37 - 2014-07-02 14:37 - 00000901 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-02 14:37 - 2014-07-02 14:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-02 14:37 - 2014-07-02 14:37 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-02 14:37 - 2014-07-02 14:37 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-02 14:37 - 2006-11-02 03:33 - 00703388 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-02 14:36 - 2012-11-21 12:42 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-02 14:34 - 2014-04-19 08:34 - 00000294 _____ () C:\Windows\Tasks\FF Watcher {4AF489E7-8509-4448-AC76-E29C66162AC3}.job

2014-07-02 14:33 - 2014-06-05 19:19 - 00000270 _____ () C:\Windows\Tasks\pcreg.job

2014-07-02 14:32 - 2014-04-17 16:05 - 00002140 _____ () C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-4.job

2014-07-02 14:32 - 2014-04-17 16:05 - 00001444 _____ () C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-5.job

2014-07-02 14:32 - 2014-04-17 16:05 - 00001356 _____ () C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-2.job

2014-07-02 14:32 - 2014-04-17 16:04 - 00002774 _____ () C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-3.job

2014-07-02 14:32 - 2013-03-26 18:10 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics

2014-07-02 14:31 - 2014-04-19 10:53 - 00000390 _____ () C:\Windows\Tasks\FreeFileViewerUpdateChecker.job

2014-07-02 14:31 - 2014-04-17 16:05 - 00001356 _____ () C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-1.job

2014-07-02 14:31 - 2006-11-02 05:47 - 00003968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-02 14:31 - 2006-11-02 05:47 - 00003968 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-02 14:30 - 2013-10-28 09:42 - 00237450 _____ () C:\Windows\PFRO.log

2014-07-02 14:30 - 2012-10-02 16:14 - 00065536 _____ () C:\Windows\system32\Ikeext.etl

2014-07-02 14:30 - 2006-11-02 06:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-02 14:30 - 2006-11-02 05:47 - 00281536 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-02 14:29 - 2006-11-02 06:01 - 00032630 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-02 14:28 - 2011-02-11 15:50 - 00000000 ____D () C:\ProgramData\MFAData

2014-07-02 14:18 - 2014-07-02 14:17 - 00176285 _____ () C:\Users\EDITH CAIN\Desktop\CheckResults.txt

2014-07-02 14:15 - 2014-07-02 14:15 - 00014688 _____ () C:\Users\EDITH CAIN\Desktop\attach.txt

2014-07-02 14:14 - 2014-07-02 14:15 - 00016217 _____ () C:\Users\EDITH CAIN\Desktop\dds.txt

2014-07-02 14:05 - 2014-07-02 10:21 - 00000000 ____D () C:\Program Files\Bench

2014-07-02 14:03 - 2014-07-02 10:22 - 00000003 _____ () C:\Users\EDITH CAIN\AppData\Local\proxy.log

2014-07-02 14:02 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\tracing

2014-07-02 13:50 - 2008-05-17 01:21 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information

2014-07-02 12:37 - 2013-01-27 17:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-07-02 12:35 - 2014-01-03 14:29 - 00000000 ____D () C:\ProgramData\FilesOpened

2014-07-02 12:32 - 2014-07-02 10:22 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\BenchUpdater

2014-07-02 12:32 - 2014-06-08 20:09 - 00000000 ____D () C:\Program Files\gorillaprice

2014-07-02 12:32 - 2014-04-19 09:39 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\TidyNetwork

2014-07-02 12:32 - 2014-04-19 09:39 - 00000000 ____D () C:\Program Files\TidyNetwork

2014-07-02 12:32 - 2014-03-17 20:57 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\ArcadeParlor

2014-07-02 12:32 - 2013-05-21 18:25 - 00000000 ____D () C:\Program Files\AppGraffiti

2014-07-02 12:32 - 2013-05-21 18:24 - 00000000 ____D () C:\Program Files\RebateInformer

2014-07-02 12:32 - 2012-11-21 12:50 - 00000000 ____D () C:\Program Files\24x7Help

2014-07-01 21:38 - 2006-11-02 03:23 - 00000450 _____ () C:\Windows\win.ini

2014-07-01 21:25 - 2013-12-21 15:45 - 00001973 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-07-01 21:20 - 2014-07-01 21:20 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf95ace54f00ae.job

2014-07-01 21:05 - 2014-07-01 21:04 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord

2014-07-01 14:28 - 2014-04-19 08:50 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-07-01 14:27 - 2014-07-01 14:27 - 00000000 __RSH () C:\MSDOS.SYS

2014-07-01 14:27 - 2014-07-01 14:27 - 00000000 __RSH () C:\IO.SYS

2014-07-01 14:25 - 2013-12-19 15:58 - 00001802 _____ () C:\Windows\wininit.ini

2014-07-01 13:57 - 2009-01-27 15:10 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy

2014-07-01 13:55 - 2009-01-27 15:10 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2014-07-01 13:42 - 2014-07-01 13:42 - 00000227 _____ () C:\Users\EDITH CAIN\AppData\Local\poetsch.bat

2014-07-01 13:42 - 2014-03-17 20:57 - 00000000 ____D () C:\ProgramData\Yahoo!

2014-07-01 13:42 - 2008-05-23 14:02 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\Google

2014-07-01 13:25 - 2014-06-05 19:20 - 00000000 ____D () C:\ProgramData\InstallSightSDK

2014-07-01 13:25 - 2014-06-05 19:20 - 00000000 ____D () C:\Program Files\WebBar

2014-07-01 13:12 - 2014-06-05 14:56 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\fst_us_87

2014-07-01 13:10 - 2008-08-07 14:42 - 00000000 ____D () C:\Program Files\AOL 9.0b

2014-07-01 13:10 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\system32\spool

2014-07-01 13:10 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\system32\Msdtc

2014-07-01 13:10 - 2006-11-02 04:18 - 00000000 ____D () C:\Windows\registration

2014-07-01 13:10 - 2006-11-02 03:22 - 36962304 _____ () C:\Windows\system32\config\software_previous

2014-07-01 13:10 - 2006-11-02 03:22 - 20971520 _____ () C:\Windows\system32\config\system_previous

2014-07-01 13:08 - 2014-07-01 13:08 - 00000000 ____D () C:\Program Files\System Optimizer Pro

2014-07-01 13:07 - 2014-05-31 15:10 - 00000000 ____D () C:\Users\123\AppData\Roaming\Systweak

2014-07-01 13:07 - 2013-01-27 17:57 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\Systweak

2014-07-01 13:04 - 2014-07-01 13:04 - 00000000 ____D () C:\Program Files\predm

2014-07-01 13:04 - 2014-05-10 16:07 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\fst_us_53

2014-07-01 13:03 - 2006-11-02 03:22 - 40370176 _____ () C:\Windows\system32\config\components_previous

2014-07-01 13:03 - 2006-11-02 03:22 - 00262144 _____ () C:\Windows\system32\config\sam_previous

2014-07-01 13:02 - 2006-11-02 03:22 - 00262144 _____ () C:\Windows\system32\config\security_previous

2014-07-01 12:59 - 2014-06-08 20:07 - 00000000 ____D () C:\Program Files\OpenSoftwareUpdater

2014-07-01 12:58 - 2014-07-01 12:58 - 00000680 _____ () C:\Users\123\AppData\Local\d3d9caps.dat

2014-07-01 12:48 - 2014-01-24 13:46 - 00000000 ____D () C:\Program Files\File Type Assistant

2014-07-01 12:46 - 2014-04-01 13:41 - 00000304 _____ () C:\Windows\system32\ff.bin

2014-07-01 12:41 - 2014-04-01 13:31 - 00000546 _____ () C:\Windows\system32\schtasks.bin

2014-07-01 12:40 - 2014-05-31 15:10 - 00000900 __RSH () C:\Users\123\ntuser.pol

2014-07-01 12:40 - 2014-05-31 15:10 - 00000000 ____D () C:\Users\123

2014-07-01 12:19 - 2008-05-23 14:00 - 00000000 ____D () C:\Users\EDITH CAIN

2014-07-01 12:01 - 2006-11-02 03:22 - 00262144 _____ () C:\Windows\system32\config\default_previous

2014-07-01 11:51 - 2014-05-31 15:13 - 00000000 ____D () C:\Users\123\AppData\Local\CrashDumps

2014-07-01 11:43 - 2014-07-01 11:43 - 00000000 ____D () C:\Users\123\AppData\Roaming\OpenSoftwareUpdater

2014-07-01 11:43 - 2014-05-31 15:11 - 00066784 _____ () C:\Users\123\AppData\Local\GDIPFONTCACHEV1.DAT

2014-07-01 11:42 - 2014-07-01 11:42 - 00000000 ____D () C:\Users\123\AppData\Local\WebBar

2014-06-22 12:37 - 2014-06-08 20:10 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\PCFixSpeed

2014-06-18 20:54 - 2011-02-11 15:49 - 00000000 ____D () C:\ProgramData\Temp

2014-06-18 20:12 - 2014-06-05 19:19 - 00000354 _____ () C:\Windows\Tasks\At1.job

2014-06-18 19:47 - 2014-06-18 19:47 - 00000000 ____D () C:\4e62051e361e3695368ccc0515241b

2014-06-18 19:47 - 2006-11-02 03:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

2014-06-10 15:17 - 2014-06-05 19:20 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\WebBar

2014-06-10 14:45 - 2012-11-21 12:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2014-06-10 14:30 - 2014-06-06 19:44 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\Activeris

2014-06-10 13:54 - 2014-06-05 19:19 - 00000000 ____D () C:\Program Files\pcmax

2014-06-10 13:49 - 2008-05-23 14:01 - 00066784 _____ () C:\Users\EDITH CAIN\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-10 13:29 - 2014-04-19 08:27 - 00608351 _____ (Click Me In Limited) C:\Users\EDITH CAIN\AppData\Local\AnyProtectScannerSetup.exe

2014-06-08 21:26 - 2014-06-08 21:26 - 00000000 ____D () C:\ProgramData\Sun

2014-06-08 21:26 - 2008-05-17 01:21 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-06-08 21:25 - 2014-06-08 20:32 - 00000000 ____D () C:\ProgramData\Oracle

2014-06-08 20:45 - 2008-05-17 01:21 - 00000000 ____D () C:\Program Files\Java

2014-06-08 20:12 - 2014-06-08 20:10 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\OpenSoftwareUpdater

2014-06-08 19:34 - 2014-04-19 08:56 - 00000000 ____D () C:\ProgramData\Norton

2014-06-08 19:00 - 2014-06-06 19:18 - 00000364 _____ () C:\Windows\Tasks\APSnotifierPP3.job

2014-06-08 19:00 - 2014-06-06 19:18 - 00000364 _____ () C:\Windows\Tasks\APSnotifierPP2.job

2014-06-06 21:20 - 2014-04-19 09:00 - 00000366 _____ () C:\Windows\Tasks\APSnotifierPP1.job

2014-06-06 21:00 - 2014-06-06 19:15 - 00002922 _____ () C:\Users\EDITH CAIN\AppData\Roaming\aps.scan.results

2014-06-06 21:00 - 2014-06-06 19:15 - 00001160 _____ () C:\Users\EDITH CAIN\AppData\Roaming\aps.scan.quick.results

2014-06-06 21:00 - 2014-04-19 08:59 - 00000318 _____ () C:\Users\EDITH CAIN\AppData\Roaming\aps.uninstall.scan.results

2014-06-06 19:13 - 2014-06-06 19:13 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup

2014-06-06 18:48 - 2014-01-24 13:46 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\FileTypeAssistant

2014-06-06 18:35 - 2013-12-19 15:33 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\LogMeIn Rescue Applet

2014-06-05 19:24 - 2014-06-05 19:24 - 00000000 ____D () C:\Users\EDITH CAIN\Documents\PC Speed Maximizer

2014-06-05 19:20 - 2014-06-05 19:20 - 00000000 ____D () C:\Users\EDITH CAIN\Documents\GoFastPC

2014-06-05 17:51 - 2014-06-05 17:51 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\PC_Drivers_Headquarters

2014-06-05 17:50 - 2014-06-05 17:50 - 00000000 ____D () C:\Program Files\PC Drivers HeadQuarters

2014-06-05 15:14 - 2008-05-23 14:53 - 00000000 ____D () C:\ProgramData\AOL

2014-06-05 14:57 - 2014-06-05 14:11 - 00000000 __HDC () C:\ProgramData\{E0A9340B-C01B-42C1-9910-C307D7BE4756}

2014-06-05 14:49 - 2014-06-05 10:46 - 00001009 _____ () C:\Windows\system32\debug.log

2014-06-05 14:44 - 2014-06-05 14:44 - 00000000 ____D () C:\Windows\Sun

2014-06-05 13:41 - 2014-04-19 17:06 - 00000000 ____D () C:\Windows\Minidump

2014-06-05 13:40 - 2014-05-04 13:47 - 00000000 ____D () C:\Users\EDITH CAIN\AppData\Local\Mobogenie

2014-06-05 13:07 - 2014-06-05 12:47 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-06-05 12:27 - 2014-06-05 12:27 - 00001735 _____ () C:\Users\EDITH CAIN\Downloads\WLBidRequestHandler

2014-06-05 12:13 - 2014-03-17 21:08 - 00000000 ____D () C:\ProgramData\Fighters

2014-06-05 12:13 - 2014-01-14 23:19 - 00000069 _____ () C:\Users\EDITH CAIN\AppData\Roaming\WB.CFG

2014-06-05 12:02 - 2013-12-19 15:50 - 00000000 ____D () C:\Windows\pss

2014-06-05 11:51 - 2014-05-29 16:30 - 00000000 ____D () C:\ProgramData\SpeedMaxPc

2014-06-05 11:13 - 2013-10-14 16:12 - 00013464 _____ () C:\Windows\system32\Drivers\SWDUMon.sys

2014-06-05 11:03 - 2014-05-31 15:10 - 00000000 ____D () C:\Users\123\AppData\Roaming\System Speedup

2014-06-05 10:51 - 2014-06-05 10:51 - 00000000 ____D () C:\Users\123\AppData\Roaming\Activeris

2014-06-05 10:33 - 2014-06-05 10:33 - 00000000 ____D () C:\Users\123\AppData\Local\d9d28ad74c37999ab8d6d59ba193b832

2014-06-05 10:33 - 2014-06-05 10:33 - 00000000 ____D () C:\Users\123\AppData\Local\c2a96e701e29d4ee54e891ff50a200de

2014-06-05 10:33 - 2014-05-31 16:52 - 00000000 ____D () C:\Users\123\AppData\Local\7f6f6588fcc35d70d4f131cddf46ac5e

2014-06-05 10:26 - 2014-05-31 16:07 - 00000000 ____D () C:\Users\123\AppData\Local\LogMeIn Rescue Applet

2014-06-05 10:23 - 2014-06-05 10:22 - 01527104 _____ (LogMeIn, Inc.) C:\Users\123\Downloads\Support-LogMeInRescue (7).exe

Files to move or delete:

====================

C:\Windows\Tasks\At1.job

Some content of TEMP:

====================

C:\Users\123\AppData\Local\Temp\nsb629D.exe

C:\Users\EDITH CAIN\AppData\Local\Temp\dlLogic.exe

C:\Users\EDITH CAIN\AppData\Local\Temp\dltr.exe

C:\Users\EDITH CAIN\AppData\Local\Temp\file_to_run55881.exe

C:\Users\EDITH CAIN\AppData\Local\Temp\GCVerifier.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-02 14:38

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-07-2014

Ran by EDITH CAIN at 2014-07-02 14:57:34

Running from C:\Users\EDITH CAIN\Documents\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: AVG Anti-Virus Free (Disabled - Up to date) {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}

AS: AVG Anti-Virus Free (Disabled - Up to date) {B7F27160-B86D-C455-D0D1-307E04E5E53F}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2013 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

FW: AVG update module (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )

Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )

AOL Toolbar (HKCU\...\AOL Toolbar) (Version: - )

AOL Uninstaller (Choose which Products to Remove) (HKLM\...\AOL Uninstaller) (Version: - )

Ask Toolbar (HKLM\...\{42435041-312D-5637-00A7-A758B70C0A00}) (Version: 12.10.0.3168 - APN, LLC) <==== ATTENTION

AVG 2013 (HKLM\...\AVG) (Version: 2013.0.3426 - AVG Technologies)

AVG 2013 (Version: 13.0.3222 - AVG Technologies) Hidden

AVG 2013 (Version: 13.0.3426 - AVG Technologies) Hidden

Banctec Service Agreement (HKLM\...\{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}) (Version: 1.11.0000 - Dell)

Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)

Cisco EAP-FAST Module (HKLM\...\{BF53252E-4AB2-4C7F-A0FD-6100755745E3}) (Version: 2.0.26 - Cisco Systems, Inc.)

Cisco LEAP Module (HKLM\...\{76F9CF97-FC4B-4E20-B363-D127C888448F}) (Version: 1.0.11 - Cisco Systems, Inc.)

Cisco PEAP Module (HKLM\...\{4E5386F5-C0F6-4532-A54A-374865AEAB71}) (Version: 1.0.12 - Cisco Systems, Inc.)

Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )

DailyBibleGuide Toolbar Chrome Extension (HKLM\...\DailyBibleGuide Chrome Extension Uninstall) (Version: - Mindspark Interactive Network) <==== ATTENTION

Dell DataSafe Online (HKLM\...\{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}) (Version: 1.0.21 - Dell, Inc.)

Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.1.08060 - Dell)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1.102.7 - Alps Electric)

Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )

Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )

Dell Wireless WLAN Card (HKLM\...\Broadcom 802.11b Network Adapter) (Version: 4.170.25.12 - Dell Inc.)

Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)

emaze PowerPoint Add-In (HKCU\...\emaze PowerPoint Add-In) (Version: 1.1 - emaze.com)

File Type Assistant (HKLM\...\Trusted Software Assistant_is1) (Version: 2014.5.6.0 - ) <==== ATTENTION

Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden

GoToAssist 8.0.0.514 (HKLM\...\GoToAssist) (Version: - )

HD-Vpro--1.9 (HKLM\...\HD-Vpro--1.9) (Version: 1.34.4.10 - HD2-Plus)

HiDef Media Player 1.1.12 (HKLM\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)

iLumina Gold Premium (HKLM\...\iLuminaPremium) (Version: 2.80 - Tyndale House Publishers)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - )

Internet Service Offers Launcher (HKLM\...\{CCFF1E13-77A2-4032-8B12-7566982A27DF}) (Version: 1.00.0000 - Dell Inc.)

Itibiti RTC (Version: 0.0.1 - Itibiti Inc) Hidden

Java SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)

Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )

Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.0817.1 - Creative Technology Ltd.)

Live! Cam Avatar v1.0 (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative Technology Ltd.)

Lucky Savings Widget (HKLM\...\{3E8E469E-1631-424B-8BCA-00FEB824881A}) (Version: 1.6.1.890 - Linkury Inc.) <==== ATTENTION

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft VC9 runtime libraries (Version: 2.0.0 - AOL Inc.) Hidden

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Works (HKLM\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)

Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)

MPlayer (remove only) (HKLM\...\MPlayer) (Version: - )

mPlayer version 1.0 (HKLM\...\{B482E758-D602-434C-80B9-DDEFEEAE4BCA}_is1) (Version: 1.0 - Download Freely, LLC)

Music, Photos & Videos Launcher (HKLM\...\{D7769185-9A7C-48D4-8874-5388743A1DE2}) (Version: 1.00.0000 - Dell Inc.)

NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)

OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)

Product Documentation Launcher (HKLM\...\{89CEAE14-DD0F-448E-9554-15781EC9DB24}) (Version: 1.00.0000 - Dell Inc.)

QuickSet (HKLM\...\{C4972073-2BFE-475D-8441-564EA97DA161}) (Version: 8.2.17 - Dell Inc.)

QuickTime (HKLM\...\InstallShield_{929408E6-D265-4174-805F-81D1D914E2A4}) (Version: 7.0.4 - Apple Computer, Inc.)

QuickTime (Version: 7.0.4 - Apple Computer, Inc.) Hidden

RebateInformer (HKLM\...\{4EF645BD-65B0-4F98-AD56-D0437B7045F6}_is1) (Version: 2.0.0.7 - Inbox.com, Inc.)

Roxio Creator Audio (Version: 3.7.0 - Roxio) Hidden

Roxio Creator Copy (Version: 3.7.0 - Roxio) Hidden

Roxio Creator Data (Version: 3.7.0 - Roxio) Hidden

Roxio Creator DE (HKLM\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - )

Roxio Creator DE (Version: 3.7.0 - Roxio) Hidden

Roxio Creator Tools (Version: 3.7.0 - Roxio) Hidden

Roxio Express Labeler 3 (Version: 3.2.1 - Roxio) Hidden

Roxio Update Manager (Version: 6.0.0 - Roxio) Hidden

RTC Client API v1.2 (HKLM\...\{44CDBD1B-89FB-4E02-8319-2A4C550F664A}) (Version: 1.2.0000 - Microsoft)

Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2468871) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2533523) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600217) (Version: 1 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)

User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )

Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version: - )

Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Zoom Downloader (HKLM\...\Zoom Downloader) (Version: - Zoom Downloader)

==================== Restore Points =========================

09-06-2014 03:44:27 Installed Java 8

19-06-2014 02:42:42 Windows Update

20-06-2014 18:28:43 Windows Update

02-07-2014 00:54:50 Scheduled Checkpoint

02-07-2014 04:00:17 Windows Update

02-07-2014 04:20:48 Windows Update

==================== Hosts content: ==========================

2006-11-02 03:23 - 2014-06-05 14:53 - 00008728 ____A C:\Windows\system32\Drivers\etc\hosts

216.239.32.20 google.com www.google.com

216.239.32.20 google.com www.google.ad

216.239.32.20 google.com www.google.ae

216.239.32.20 google.com www.google.com.af

216.239.32.20 google.com www.google.com.ag

216.239.32.20 google.com www.google.com.ai

216.239.32.20 google.com www.google.al

216.239.32.20 google.com www.google.am

216.239.32.20 google.com www.google.co.ao

216.239.32.20 google.com www.google.com.ar

216.239.32.20 google.com www.google.as

216.239.32.20 google.com www.google.at

216.239.32.20 google.com www.google.com.au

216.239.32.20 google.com www.google.az

216.239.32.20 google.com www.google.ba

216.239.32.20 google.com www.google.com.bd

216.239.32.20 google.com www.google.be

216.239.32.20 google.com www.google.bf

216.239.32.20 google.com www.google.bg

216.239.32.20 google.com www.google.com.bh

216.239.32.20 google.com www.google.bi

216.239.32.20 google.com www.google.bj

216.239.32.20 google.com www.google.com.bn

216.239.32.20 google.com www.google.com.bo

216.239.32.20 google.com www.google.com.br

216.239.32.20 google.com www.google.bs

216.239.32.20 google.com www.google.bt

216.239.32.20 google.com www.google.co.bw

216.239.32.20 google.com www.google.by

There are 162 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {048AC704-41CD-486C-BB14-2978D5960C5F} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {04A96BB1-F7C7-40F7-9CF4-97EE1B096352} - System32\Tasks\FreeFileViewerUpdateChecker => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION

Task: {0726FF07-07EF-4E6A-9255-41789ACB5914} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files\Browsersafeguard\uninstall.BrowserSafeguard.exe <==== ATTENTION

Task: {08602F50-4176-4043-BAF7-A05C4D137D02} - System32\Tasks\SpeedMaxPc_sch_2A5C784D-E789-11E3-8C24-00038A000015 => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe

Task: {08A49C40-DE4C-4BC5-B0A7-DFD0486E28AA} - System32\Tasks\ArcadeParlor => C:\Users\EDITH CAIN\AppData\Local\ArcadeParlor\versioncheck.exe

Task: {0AB3A1A7-6F79-496D-88A8-7595B4518CA4} - System32\Tasks\8b927cea-2d3c-41f7-9e30-aa2c279bf006-3 => C:\Program Files\123HD-Ready\8b927cea-2d3c-41f7-9e30-aa2c279bf006-3.exe

Task: {0CCDD1F0-9FBE-4FFB-A9A0-7BC3C3053589} - System32\Tasks\0 => Iexplore.exe <==== ATTENTION

Task: {0E90A9D4-82D4-43FC-A216-AF1CDA0DC2CB} - System32\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-3 => C:\Program Files\HD-Vpro--1.9\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-3.exe [2014-04-17] (HD2-Plus)

Task: {115BE0A9-12A7-480B-A8C1-5DFAC07CC368} - System32\Tasks\System Speedup => C:\Program Files\System Speedup\SystemSpeedup.exe

Task: {14160134-703A-42E5-95F0-B8E3DD2E6303} - System32\Tasks\LaunchApp => C:\Program Files\MyPC Backup\MyPC Backup.exe <==== ATTENTION

Task: {187FCE46-4938-4DE9-B1AD-2B7BE7BEE813} - System32\Tasks\2498c771-38e6-4940-8dce-eb55fa2ac5b9-5 => C:\Program Files\easy-deals3\2498c771-38e6-4940-8dce-eb55fa2ac5b9-5.exe

Task: {1C0C3621-0F9A-4179-8A32-94EBE2F37968} - System32\Tasks\Driver Restore-RTMUpdater => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {23EBAF90-6603-4A38-BB24-030382CAFF15} - System32\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-4 => C:\Program Files\HD-Vpro--1.9\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-4.exe [2014-04-17] (HD2-Plus)

Task: {2AFDFFC5-8CD2-41AC-B379-13D47523B228} - System32\Tasks\Driver Detective-RTMUpdater => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe

Task: {2BB7AF76-73D1-4443-92BF-25CEA7F3DB5D} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION

Task: {2CFB0828-AE4A-4978-9013-1C89BA746250} - System32\Tasks\ProgramUpdateCheck => C:\Program Files\File Type Assistant\TSAssist.exe [2014-05-06] (FTA ApS) <==== ATTENTION

Task: {2D37F782-79D4-4207-B70F-18FB6C7A0D32} - System32\Tasks\BlockAndSurf Update => C:\Program Files\BlockAndSurf Corp\BnSup.exe <==== ATTENTION

Task: {2F553467-4F8C-474C-B767-D7958DEBF210} - System32\Tasks\ImproveSpeedPC => C:\Program Files\ImproveSpeedPC\ImproveSpeedPC.exe

Task: {30D95E50-71B2-4F53-A828-C7DDF5927FAF} - System32\Tasks\PC Health Kit Schedule

Task: {36099C11-FF63-40DF-A5D1-0A03F316AEA0} - System32\Tasks\Advanced System Protector_startup => C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION

Task: {3AC37153-55C8-4D7A-B08C-0DC7811BCC78} - System32\Tasks\SpeedMaxPc Update3_triggeronce => c:\program files\common files\speedmaxpc\uus3\Update3.exe

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {4060F927-DA4A-4E41-8367-007883D1961E} - System32\Tasks\FF Watcher {4AF489E7-8509-4448-AC76-E29C66162AC3} => C:\Program Files\V-bates\PrefHelper.exe

Task: {44918611-8B44-402C-B0E0-922FFB42CCEF} - System32\Tasks\2498c771-38e6-4940-8dce-eb55fa2ac5b9-3 => C:\Program Files\easy-deals3\2498c771-38e6-4940-8dce-eb55fa2ac5b9-3.exe

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)

Task: {492FC3C6-528F-4FC3-8940-C19ED274C30F} - System32\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-1 => C:\Program Files\HD-Vpro--1.9\HD-Vpro--1.9-codedownloader.exe [2014-04-17] (HD2-Plus)

Task: {5106F23C-BFAA-4AD2-BBD3-8193DDCB7CDC} - System32\Tasks\TidyNetwork Update => C:\Users\EDITH CAIN\AppData\Local\TidyNetwork\petnupdate.exe

Task: {514D4071-8DC1-48FF-9CA6-510383545EF2} - System32\Tasks\RegPowerClean => C:\Program Files\Winferno\RegistryPowerCleaner\RegPowerClean.exe

Task: {5569890E-2680-4F5A-B4E5-25E24EE0EDC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-11-21] (Google Inc.)

Task: {5991F52F-4425-40F4-AF97-4C7728B7DEBB} - System32\Tasks\System Speedup_UPDATES => C:\Program Files\System Speedup\SystemSpeedup.exe

Task: {59F870A2-0653-4F9C-8779-8502F554E88A} - System32\Tasks\Norton Zone\Norton Error Processor => C:\Program Files\Norton Zone\Engine\1.2.0.4\SymErr.exe

Task: {604240C7-BEFC-429C-9712-E679A3A7FC63} - System32\Tasks\ZenSearch\Updater\ZenSearch updater => C:\Program Files\ZenSearch Updater\updater.exe

Task: {60E1429C-BF1A-4A81-9876-C3594B747E77} - System32\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-5 => C:\Program Files\HD-Vpro--1.9\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-5.exe [2014-04-17] (HD2-Plus)

Task: {662AEC2D-9B6E-43E3-9563-34C10A6896DB} - System32\Tasks\Driver Detective-RTMScanRunOnce => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe

Task: {67E59F41-0A90-449B-A804-BA06086C7C8B} - System32\Tasks\Driver Detective-RTMScan => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe

Task: {69A69331-CAD3-4935-B6DF-1224065A71A5} - System32\Tasks\SpeedMaxPc Registration3 => Rundll32.exe "C:\Program Files\Common Files\SpeedMaxPc\UUS3\UUS3.dll" RunUns

Task: {6ED5B004-42AC-4CD6-B429-047DED202CBC} - System32\Tasks\4789 => Wscript.exe C:\Users\EDITHC~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION

Task: {6F9E86A6-F396-4662-91CB-D275679E41D9} - System32\Tasks\8b927cea-2d3c-41f7-9e30-aa2c279bf006-2 => C:\Program Files\123HD-Ready\8b927cea-2d3c-41f7-9e30-aa2c279bf006-2.exe

Task: {70AA0B39-CF08-4CDD-8691-6EE52DF32D2D} - System32\Tasks\2498c771-38e6-4940-8dce-eb55fa2ac5b9-1 => C:\Program Files\easy-deals3\easy-deals3-codedownloader.exe

Task: {7273B8A3-1F78-4B3A-AD00-62248B03270E} - System32\Tasks\8b927cea-2d3c-41f7-9e30-aa2c279bf006-4 => C:\Program Files\123HD-Ready\8b927cea-2d3c-41f7-9e30-aa2c279bf006-4.exe

Task: {75539A92-FC7E-4FAB-A65D-918A39461164} - System32\Tasks\8b927cea-2d3c-41f7-9e30-aa2c279bf006-5 => C:\Program Files\123HD-Ready\8b927cea-2d3c-41f7-9e30-aa2c279bf006-5.exe

Task: {77BC4E95-5C23-4636-9F30-0A78E6C5F8A1} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {7B36DC1B-4477-4E19-ABA3-D6D2E0F5C99B} - System32\Tasks\APSnotifierPP1 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {7CCBAF89-549B-408C-872F-A6EF4078FB5C} - System32\Tasks\ProgramRefresh-ATFST => C:\Program Files\File Type Assistant\tsasetup.exe [2014-06-05] ( ) <==== ATTENTION

Task: {822E05A0-C90C-4FF5-B8EF-1F99A7D0EF1C} - System32\Tasks\SoftUpdateLogon => C:\Users\EDITH

Task: {83F27B38-C11E-4117-88B9-4ECD7439FB09} - System32\Tasks\Norton Zone\Norton Error Analyzer => C:\Program Files\Norton Zone\Engine\1.2.0.4\SymErr.exe

Task: {8460453A-F933-4C02-A2AE-536D7AF5DDBD} - System32\Tasks\APSnotifierPP3 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {84E3A90A-F174-44D6-BE29-DAC7EB81E62A} - System32\Tasks\Driver Restore-RTMRules => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe

Task: {889A92B7-E99E-4342-B5FB-0038406DEFC9} - System32\Tasks\2498c771-38e6-4940-8dce-eb55fa2ac5b9-2 => C:\Program Files\easy-deals3\2498c771-38e6-4940-8dce-eb55fa2ac5b9-2.exe

Task: {897052A2-2B2E-4A0C-96A2-EE67B2C9B8AB} - System32\Tasks\APSnotifierPP2 => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: {98A4C9EE-F938-4B4A-93C8-6003B3136EC8} - System32\Tasks\SpeedMaxPc Update3 => c:\program files\common files\speedmaxpc\uus3\Update3.exe

Task: {9B1A0504-6B12-4C3D-994B-5FB714E409E4} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {9CEB804E-EE81-4BDC-8686-BB008E4764C5} - System32\Tasks\Microsoft\Windows\RestartManager\{077C4DE5-B876-4bac-BE3D-C7D0D753659B} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)

Task: {9EE003C0-AED7-4F27-8D7B-366FC8043321} - System32\Tasks\RPCReminder => C:\Program Files\Winferno\RegistryPowerCleaner\RPCReminder.exe

Task: {9F5593D2-AF66-41D6-9FAA-95F0647C5B64} - System32\Tasks\System Speedup_DEFAULT => C:\Program Files\System Speedup\SystemSpeedup.exe

Task: {A14A12BF-53C4-4104-B537-BDA731DF9530} - System32\Tasks\Driver Detective-RTMRules => C:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe

Task: {A25C3253-7461-4BF1-A333-9730845EA817} - System32\Tasks\SuperFastPC_AutorunOnStartup => C:\Program Files\System Optimizer Pro\SystemOptimizerPro.exe <==== ATTENTION

Task: {A264463F-C0E7-4A9D-B402-5318A6FA6EEB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-29] (Adobe Systems Incorporated)

Task: {A66E192E-4A8C-42EE-AD11-AA53B9AD4ACD} - System32\Tasks\Driver Restore-RTMScan => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe

Task: {A76F47E7-8620-4EA9-AA25-17281397C2FA} - System32\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-2 => C:\Program Files\HD-Vpro--1.9\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-2.exe [2014-04-17] (HD2-Plus)

Task: {A8C3A8CB-7F05-411C-9A10-7EE574294CB9} - System32\Tasks\Driver Restore-RTMScanRunOnce => C:\Program Files\Driver Restore\Driver Restore\DriverRestore.exe

Task: {AB5363F7-DBE6-4FBF-8C46-1A420BE75787} - System32\Tasks\At1 => c:\Program Files\pcmax\service.exe [2014-05-29] () <==== ATTENTION

Task: {AD71A329-459B-4586-9FB3-9DB5850A5311} - System32\Tasks\WebBarLaunchTask => C:\Program Files\WebBar\wbsvc.exe

Task: {B5582A58-EE93-46CE-930C-C06D4B2BC3E6} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-19] (Microsoft Corporation)

Task: {C21E25C2-0A81-48E5-A0D3-B28B399560B6} - System32\Tasks\2498c771-38e6-4940-8dce-eb55fa2ac5b9-4 => C:\Program Files\easy-deals3\2498c771-38e6-4940-8dce-eb55fa2ac5b9-4.exe

Task: {D1D2450C-2EB4-4BDF-A207-B8DEEFEF65E5} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {D77EDF22-FD45-4860-833B-3B36127A681F} - System32\Tasks\BlockAndSurf_wd => C:\Program Files\BlockAndSurf Corp\BlockAndSurf_wd.exe <==== ATTENTION

Task: {DC516F0A-E83F-4E79-9E6B-3BBCC50265C5} - System32\Tasks\Speedial => C:\Users\EDITHC~1\AppData\Roaming\Speedial\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

Task: {DD10345C-9A8E-47BE-8A9B-86650050B9FE} - System32\Tasks\WebBarUpdateTask => C:\Program Files\WebBar\wbsvc.exe

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()

Task: {E8E6FBEE-51C3-416B-B42E-C40A4F176829} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION

Task: {EDC50C6E-7A9F-4E0C-88D1-422EBC246A37} - System32\Tasks\DriverUpdate Startup => C:\Program Files\DriverUpdate\DriverUpdate.exe

Task: {F45DD0D6-4014-4A00-BE0E-8E7E46DF9D73} - System32\Tasks\PC Speed Maximizer Schedule => C:\Program Files\PC Speed Maximizer\SPMLauncher.exe

Task: {F4D3FFB2-60E9-4FF4-A47D-BE1B770F8445} - System32\Tasks\8b927cea-2d3c-41f7-9e30-aa2c279bf006-1 => C:\Program Files\123HD-Ready\123HD-Ready-codedownloader.exe

Task: {F710F666-8330-4B76-9477-A1F97260A443} - System32\Tasks\GoFastPC Schedule => C:\Program Files\GoFastPC\GFPCLauncher.exe

Task: {FD667ACA-0727-429F-8970-C37C95D5B5D5} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] () <==== ATTENTION

Task: {FECAE173-5A15-4720-AF60-752A14F47F4F} - System32\Tasks\SoftUpdateDaily => C:\Users\EDITH

Task: {FF0C3403-AE40-405F-9F3E-38AA35F17F13} - System32\Tasks\Norton Security Scan for EDITH CAIN => C:\PROGRA~1\NORTON~2\Engine\410~1.28\Nss.exe

Task: C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-1.job => C:\Program Files\HD-Vpro--1.9\HD-Vpro--1.9-codedownloader.exe

Task: C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-2.job => C:\Program Files\HD-Vpro--1.9\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-2.exe

Task: C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-3.job => C:\Program Files\HD-Vpro--1.9\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-3.exe

Task: C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-4.job => C:\Program Files\HD-Vpro--1.9\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-4.exe

Task: C:\Windows\Tasks\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-5.job => C:\Program Files\HD-Vpro--1.9\8af841f3-ff38-47df-b4f8-f0b2d0e2a4bd-5.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\Windows\Tasks\At1.job => c:\Program Files\pcmax\service.exe

Task: C:\Windows\Tasks\FF Watcher {4AF489E7-8509-4448-AC76-E29C66162AC3}.job => C:\Program Files\V-bates\PrefHelper.exe

Task: C:\Windows\Tasks\FreeFileViewerUpdateChecker.job => C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe <==== ATTENTION

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf95ace54f00ae.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\pcreg.job => C:\Program Files\pcmax\service.exe <==== ATTENTION

Task: C:\Windows\Tasks\SpeedMaxPc Update3_triggeronce.job => c:\program files\common files\speedmaxpc\uus3\Update3.exe

Task: C:\Windows\Tasks\SpeedMaxPc_sch_2A5C784D-E789-11E3-8C24-00038A000015.job => C:\Program Files\SpeedMaxPc\SpeedMaxPc\SpeedMaxPc.exe

==================== Loaded Modules (whitelisted) =============

2008-05-17 01:28 - 2007-12-11 23:02 - 00024064 _____ () C:\Windows\System32\WLTRYSVC.EXE

2008-05-17 01:28 - 2007-12-11 23:01 - 00054784 _____ () C:\Windows\System32\bcmwlrmt.dll

2014-05-30 15:46 - 2014-05-27 15:45 - 00093696 _____ () C:\Users\EDITH CAIN\AppData\Local\a05affdce4ca9d72a7d3c0c3ab912182\b96b7643e8c426f.exe

2014-05-30 15:46 - 2014-03-07 20:56 - 00117262 _____ () C:\Users\EDITH CAIN\AppData\Local\a05affdce4ca9d72a7d3c0c3ab912182\libgcc_s_dw2-1.dll

2014-05-30 15:46 - 2014-03-07 20:56 - 00970766 _____ () C:\Users\EDITH CAIN\AppData\Local\a05affdce4ca9d72a7d3c0c3ab912182\libstdc++-6.dll

2014-06-05 10:33 - 2014-06-03 16:34 - 00110592 _____ () C:\Users\123\AppData\Local\c2a96e701e29d4ee54e891ff50a200de\DefaultFreewareProcess.exe

2014-06-05 10:33 - 2014-03-07 20:56 - 00117262 _____ () C:\Users\123\AppData\Local\c2a96e701e29d4ee54e891ff50a200de\libgcc_s_dw2-1.dll

2014-06-05 10:33 - 2014-03-07 20:56 - 00970766 _____ () C:\Users\123\AppData\Local\c2a96e701e29d4ee54e891ff50a200de\libstdc++-6.dll

2014-07-01 21:05 - 2014-07-01 21:05 - 00110629 _____ () C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord\FunctionKeyboardWord.exe

2014-07-01 21:05 - 2014-03-07 20:56 - 00117262 _____ () C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord\libgcc_s_dw2-1.dll

2014-07-01 21:04 - 2014-03-07 20:56 - 00970766 _____ () C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord\libstdc++-6.dll

2014-04-19 10:22 - 2014-04-19 10:22 - 00541696 _____ () C:\Program Files\003\htfmboczez32.exe

2014-05-29 04:16 - 2014-05-29 04:16 - 00241344 _____ () C:\Program Files\pcmax\pcmax.exe

2014-04-19 11:41 - 2014-02-20 15:13 - 00059904 _____ () C:\Program Files\Pirrit\AutoUpdater.exe

2014-04-19 17:10 - 2014-02-26 17:42 - 00059904 _____ () C:\Program Files\WinRST\WinRST.exe

2014-07-01 21:25 - 2014-06-05 06:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll

2014-07-01 21:25 - 2014-06-05 06:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

2014-07-01 21:25 - 2014-06-05 06:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

2014-07-01 21:25 - 2014-06-05 06:58 - 14612296 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

2014-07-01 21:05 - 2014-07-01 21:05 - 00297509 _____ () C:\Users\EDITH CAIN\AppData\Local\FunctionKeyboardWord\AppEncondingWin32.exe

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:373E1720

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AVG Security Toolbar Service => 3

MSCONFIG\Services: AVGIDSAgent => 2

MSCONFIG\Services: avgwd => 2

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickSet.lnk => C:\Windows\pss\QuickSet.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SmartMediaConverter.lnk => C:\Windows\pss\SmartMediaConverter.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftwareUpdater.lnk => C:\Windows\pss\SoftwareUpdater.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^EDITH CAIN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopWeatherAlerts.lnk => C:\Windows\pss\DesktopWeatherAlerts.lnk.Startup

MSCONFIG\startupfolder: C:^Users^EDITH CAIN^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weather Alerts.lnk => C:\Windows\pss\Weather Alerts.lnk.Startup

MSCONFIG\startupreg: 24x7HELP => "C:\Program Files\24x7Help\App24x7Help.exe" /STARTUP

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

MSCONFIG\startupreg: AGupdate => C:\Program Files\AppGraffiti\AGupdate.exe

MSCONFIG\startupreg: AOL Dialer => C:\Program Files\Common Files\AOL\ACS\AOlDial.exe

MSCONFIG\startupreg: AOL Fast Start => "C:\Program Files\AOL 9.0b\AOL.EXE" -b

MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe

MSCONFIG\startupreg: AVG_UI => "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY

MSCONFIG\startupreg: BackupDutyLite => C:\Program Files\BackUpDutyLite\BackUpDutyLite.exe

MSCONFIG\startupreg: BlockNSurf => C:\Program Files\BlockAndSurf Corp\BlockNSurf.exe

MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Windows\system32\WLTRAY.exe

MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\EDITH CAIN\AppData\Local\Smartbar\Application\Luckysave.exe startup

MSCONFIG\startupreg: BrowserSafeguard => "C:\Program Files\Browsersafeguard\BrowserSafeguard.exe"

MSCONFIG\startupreg: ChromeHelper => C:\Program Files\Common Files\ChromeHelper\ChromeHelper.exe

MSCONFIG\startupreg: CommonToolkitTray => C:\Program Files\Fighters\Tray\FightersTray.exe

MSCONFIG\startupreg: DELL Webcam Manager => "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s

MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter

MSCONFIG\startupreg: DownloadManager => "C:\Program Files\Zoom Downloader\DownloadManager.exe" /as

MSCONFIG\startupreg: dscactivate => "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"

MSCONFIG\startupreg: ECenter => C:\Dell\E-Center\EULALauncher.exe

MSCONFIG\startupreg: ehTray.exe => C:\Windows\ehome\ehTray.exe

MSCONFIG\startupreg: Exetender => "C:\Program Files\Hoopla\GPlayer.exe" /runonstartup

MSCONFIG\startupreg: fastclean => "C:\Program Files\FastClean PRO\fastcleanpro.exe"

MSCONFIG\startupreg: fst_us_53 => "C:\Program Files\fst_us_53\fst_us_53.exe"

MSCONFIG\startupreg: fst_us_63 => "C:\Program Files\fst_us_63\fst_us_63.exe"

MSCONFIG\startupreg: fst_us_87 => "C:\Program Files\fst_us_87\fst_us_87.exe"

MSCONFIG\startupreg: HostManager => C:\Program Files\Common Files\AOL\1211579613\ee\AOLSoftware.exe

MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe

MSCONFIG\startupreg: IAAnotif => "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe

MSCONFIG\startupreg: InboxToolbar => "C:\PROGRA~1\INBOXT~1\Inbox.exe" /STARTUP

MSCONFIG\startupreg: Itibiti.exe => C:\Program Files\Itibiti Soft Phone\Itibiti.exe

MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files\Mobogenie\DaemonProcess.exe

MSCONFIG\startupreg: My Web Search Bar Search Scope Monitor => "C:\PROGRA~1\MYWEBS~1\bar\3.bin\m3SrchMn.exe" /m=2 /w /h

MSCONFIG\startupreg: MyWebSearch Email Plugin => C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe

MSCONFIG\startupreg: OEM02Mon.exe => C:\Windows\OEM02Mon.exe

MSCONFIG\startupreg: PCMService => "C:\Program Files\Dell\MediaDirect\PCMService.exe"

MSCONFIG\startupreg: PCPowerSpeed => "C:\Program Files\PCPowerSpeed\PCPowerTray.exe" /startup

MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe

MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime

MSCONFIG\startupreg: RadioRage Search Scope Monitor => "C:\PROGRA~1\RADIOR~2\bar\1.bin\4jsrchmn.exe" /m=2 /w /h

MSCONFIG\startupreg: RadioRage_4j Browser Plugin Loader => C:\PROGRA~1\RADIOR~2\bar\1.bin\4jbrmon.exe

MSCONFIG\startupreg: RebateInformer => C:\Program Files\RebateInformer\RebateInf.exe /STARTUP

MSCONFIG\startupreg: SigmatelSysTrayApp => %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe

MSCONFIG\startupreg: SiteRanker => "C:\Program Files\SiteRanker\SiteRankTray.exe"

MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

MSCONFIG\startupreg: TelevisionFanatic Browser Plugin Loader => C:\Program Files\TelevisionFanatic\bar\1.bin\64brmon.exe

MSCONFIG\startupreg: TelevisionFanatic EPM Support => "C:\PROGRA~1\TELEVI~2\bar\1.bin\64medint.exe" T8EPMSUP.DLL,S

MSCONFIG\startupreg: TelevisionFanatic Home Page Guard 32 bit => "C:\PROGRA~1\TELEVI~2\bar\1.bin\AppIntegrator.exe"

MSCONFIG\startupreg: TelevisionFanatic Search Scope Monitor => "C:\PROGRA~1\TELEVI~2\bar\1.bin\64srchmn.exe" /m=2 /w /h

MSCONFIG\startupreg: VNT => C:\Program Files\VNT\vntldr.exe

MSCONFIG\startupreg: vProt => "C:\Program Files\AVG Secure Search\vprot.exe"

MSCONFIG\startupreg: WeatherBug => C:\Program Files\Earth Networks\WeatherBug\WeatherBug.exe

MSCONFIG\startupreg: Windows Client Manager => C:\Program Files\Java Update\javaclient32.exe

MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide

==================== Faulty Device Manager Devices =============

Name: 6TO4 Adapter

Description: Microsoft 6to4 Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Compaq PCMCIA Controller

Description: Compaq PCMCIA Controller

Class Guid: {4d36e977-e325-11ce-bfc1-08002be10318}

Manufacturer: Compaq

Service: pcmcia

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:

==================

Error: (07/02/2014 02:38:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,

process id 0xf7c, application start time 0xmbam.exe0.

Error: (07/02/2014 02:11:57 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,

process id 0x14fc, application start time 0xmbam.exe0.

Error: (07/02/2014 02:07:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,

process id 0xb84, application start time 0xmbam.exe0.

Error: (07/02/2014 01:52:10 PM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/02/2014 00:35:17 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point on volume (Process = C:\Windows\system32\msiexec.exe /V; Descripton = Removed Ask Toolbar; Hr = 0x8007043c).

Error: (07/02/2014 00:35:14 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point on volume (Process = C:\Windows\system32\msiexec.exe /V; Descripton = Removed Ask Toolbar; Hr = 0x8007043c).

Error: (07/02/2014 00:33:15 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,

process id 0x634, application start time 0xmbam.exe0.

Error: (07/02/2014 00:00:01 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,

process id 0x3c4, application start time 0xmbam.exe0.

Error: (07/02/2014 11:59:35 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application mbam.exe, version 1.0.0.532, time stamp 0x53518532, faulting module MSVCR100.dll, version 10.0.40219.325, time stamp 0x4df2be1e, exception code 0x40000015, fault offset 0x0008d6fd,

process id 0x6c0, application start time 0xmbam.exe0.

Error: (07/02/2014 11:53:26 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

System errors:

=============

Error: (07/02/2014 02:32:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: BCM42RLY%%2

Error: (07/02/2014 02:32:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: BCM42RLY%%2

Error: (07/02/2014 02:32:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: BCM42RLY%%2

Error: (07/02/2014 02:32:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: BCM42RLY%%2

Error: (07/02/2014 02:32:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: AvgLdx86

Error: (07/02/2014 02:32:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: WinRST

Error: (07/02/2014 02:32:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: PirritUpdater

Error: (07/02/2014 02:32:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: FunctionKeyboardWord.exe

Error: (07/02/2014 02:32:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: DefaultFreewareProcess.exe

Error: (07/02/2014 02:32:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: b96b7643e8c426f.exe

Microsoft Office Sessions:

=========================

Error: (07/02/2014 02:38:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdf7c01cf963de20132af

Error: (07/02/2014 02:11:57 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd14fc01cf963a38588863

Error: (07/02/2014 02:07:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdb8401cf9638fd69f193

Error: (07/02/2014 01:52:10 PM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

Error: (07/02/2014 00:35:17 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Windows\system32\msiexec.exe /VRemoved Ask Toolbar0x8007043c

Error: (07/02/2014 00:35:14 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Windows\system32\msiexec.exe /VRemoved Ask Toolbar0x8007043c

Error: (07/02/2014 00:33:15 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd63401cf962807f9cc3b

Error: (07/02/2014 00:00:01 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd3c401cf9627d17652ab

Error: (07/02/2014 11:59:35 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd6c001cf9626fb6c8f8b

Error: (07/02/2014 11:53:26 AM) (Source: EventSystem) (EventID: 4609) (User: )

Description: d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp458007043c

CodeIntegrity Errors:

===================================

Date: 2014-07-02 14:57:17.681

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:57:17.084

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:57:16.292

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:57:15.714

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:57:14.884

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:57:12.458

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:57:11.654

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:57:10.850

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:55:33.397

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-02 14:55:32.805

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Percentage of memory in use: 76%

Total physical RAM: 2037.31 MB

Available physical RAM: 474.25 MB

Total Pagefile: 4313.89 MB

Available Pagefile: 2587.76 MB

Total Virtual: 2047.88 MB

Available Virtual: 1890.39 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:220.58 GB) (Free:176.51 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (RECOVERY) (Fixed) (Total:9.77 GB) (Free:5.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (Size: 233 GB) (Disk ID: 00000080)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)

Partition 3: (Active) - (Size=221 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=2 GB) - (Type=OF Extended)

==================== End Of Log ============================

MrCharlie · July 3, 2014

Welcome to the forum.

General P2P/Piracy Warning:

1. If you're using Peer 2 Peer software such uTorrent, BitTorrent or similar you must either fully uninstall it or completely disable it from running while being assisted here.
2. If you have illegal/cracked software (MS Office, Adobe Products), cracks, keygens, custom (Adobe) host file, etc. on the system, please remove or uninstall them now and read the policy on Piracy.
Failure to remove such software will result in your topic being closed and no further assistance being provided.

Please run a Quick Scan with Malwarebytes

For Malwarebytes ver: 1.75

Open up Malwarebytes > Settings Tab > Scanner Settings > Under action for PUP > Select: Show in Results List and Check for removal.

Please Update and run a Quick Scan with Malwarebytes Anti-Malware, post the report.

Make sure that everything is checked, and click Remove Selected.

For Malwarebytes 2.0, please run a Threat Scan

Click on Settings > Detection and Protection > Non-Malware Protection > PUP (Potentially Unwanted Program) detections > Make sure it's set to Treat detections as malware

Same for PUM (Potentially Unwanted Modifications)

Quarantine all that's found

Then.......

Please download and run RogueKiller 32 bit to your desktop.

RogueKiller<---use this one for 64 bit systems

Which system am I using?

Quit all running programs.

For Windows XP, double-click to start.

For Vista or Windows 7-8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

(please don't put logs in code or quotes and use the default font)

MrC

Note:

Please read all of my instructions completely including these.

Make sure system restore is turned on and running. Create a new restore point

Make sure you're subscribed to this topic: Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

Removing malware can be unpredictable...unlikely but things can go very wrong! Backup any files that cannot be replaced. You can copy them to a CD/DVD, external drive or a pen drive

<+>Please don't run any other scans, download, install or uninstall any programs while I'm working with you.

<+>The removal of malware isn't instantaneous, please be patient.

<+>When we are done, I'll give to instructions on how to cleanup all the tools and logs

<+>Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that.

------->Your topic will be closed if you haven't replied within 3 days!<--------

If I don't respond within 24 hours, please send me a PM

AdvancedSetup · July 13, 2014

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Sign In

Having problems running Malware.. I think I'm infected

Recommended Posts

kdtyler10

Link to post

Share on other sites

kdtyler10

Link to post

Share on other sites

MrCharlie

Link to post

Share on other sites

AdvancedSetup

Link to post

Share on other sites

Recently Browsing 0 members

Browse

Activity

Personal

Business

Business Modules

Partners

Learn

Start here

Type of malware/attacks

How does it get on my computer?

Scams and grifts

Support

Important Information