Unable to intall most files "Setup files are corrupt"

[dman255]

Hi everyone!

 

I'm gonna get straight to the point. I've been having issues with my computer for around a week now where I cannot install most files including the latest version of Malwarebytes Anti-Malware. I know where and when I got the malware too. I had accidentally downloaded some bad software when trying to download a program on a website. I had clicked on a very convincing download ad and it even had its own wizard with the name of the software I was trying to download. Needless to say I ended up downloading a bunch of strange programs which I deleted immediately. However some stuff was left over.

 

After almost a week it started getting worse to the point where I couldn't install most .exe files and .rar and all video files were always corrupt. I tried self-medicating based on similar forum posted on this forum to the problem I was having at first which I now realize may have been a stupid move. I downloaded and used an array of programs including an outdated version of Malwarebytes Anti-Malware, Junkware Removal tool, AdwCleaner, RKill, and Bitdefender. I still have the logs for everything except for Bitdefender because Bitdefender doesn't produce logs after scans (as far as I know). Also, for some reason I was able to download and execute RKill.exe,Junkware Removal Tool, and AdwCleaner during  the time that I couldn't install other programs. I also haven't run any Chameleons for Malewarebytes.

 

Thanks for reading. Any and all help is appreciated and I plan on responding until the issue is resolved.

 

(P.S. I know the policy on Piracy here on the forums and have removed programs like uTorrent and anything I may have downloaded while using it. However, all of the scans and cleanups were done with the programs and application on my PC. Thanks again!)

 

-Daniel

[Psychotic]

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

• First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
• Perform everything in the correct order. Sometimes one step requires the previous one.
• If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
• Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
• Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
• If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
• Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
• My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

• Rename FRST.exe (or FRST64.exe) to FRST.com
• Run FRST.
• Don´t change one of the checkboxes and hit Scan.
• Logfiles are created on your desktop.
• Poste the FRST.txt and (after the first scan only!) the Addition.txt.
  

[dman255]

I assume you meant to post the .txt files because I cannot post the logs as a reply because I get an error message saying it is too long.

FRST.txt

Addition.txt

[dman255]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014

Ran by Daniel (administrator) on DANIEL-PC on 04-07-2014 14:08:11

Running from C:\Users\Daniel\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe

(McAfee, Inc.) C:\Windows\System32\mfevtps.exe

(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Bitdefender) C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe

(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

() C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe

() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe

() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe

(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe

() C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

() C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

() C:\Program Files (x86)\AVG Secure Search\vprot.exe

(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe

(Dell, Inc.) C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(PC-Doctor, Inc.) C:\Program Files\My Dell\uaclauncher.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe

(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe

(Google Inc.) C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

(Nero AG) C:\Program Files (x86)\Nero\SyncUP\SyncUP.exe

(Nero AG) C:\Program Files (x86)\Nero\SyncUP\Nero.AndroidServer.exe

(Farbar) C:\Users\Daniel\Downloads\FRST64.com.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [608112 2011-03-29] (Alps Electric Co., Ltd.)

HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)

HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3668336 2011-03-24] (Dell Inc.)

HKLM\...\Run: [stage Remote] => C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe [2022976 2011-06-27] ()

HKLM\...\Run: [DellStage] => C:\Program Files (x86)\Dell Stage\Dell Stage\stage_primary.exe [2195824 2012-02-01] ()

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)

HKLM-x32\...\Run: [NeroLauncher] => C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe [67496 2012-08-21] ()

HKLM-x32\...\Run: [AccuWeatherWidget] => C:\Program Files (x86)\Dell Stage\Dell Stage\AccuWeather\accuweather.exe [968048 2012-02-01] ()

HKLM-x32\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [1532992 2013-03-13] (McAfee, Inc.)

HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2557976 2014-04-28] ()

HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577536 2012-05-09] (Creative Technology Ltd)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816272 2014-06-23] (LogMeIn Inc.)

Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

HKLM\...\Policies\Explorer: [NoControlPanel] 0

HKU\S-1-5-21-723765448-4241196438-2827874537-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-12-14] ()

HKU\S-1-5-21-723765448-4241196438-2827874537-1001\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\oovoo.exe [35253312 2013-09-10] (ooVoo LLC)

HKU\S-1-5-21-723765448-4241196438-2827874537-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)

HKU\S-1-5-21-723765448-4241196438-2827874537-1001\...\Run: [sE] => "C:\Users\Daniel\AppData\Roaming\SkypEmoticons\SE.exe"  /minimized 

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk

ShortcutTarget: ESO Survey Live.lnk -> C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

URLSearchHook: HKCU - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

SearchScopes: HKLM-x32 - DefaultScope value is missing.

SearchScopes: HKCU - DefaultScope {2A03B2F0-F27B-479C-8180-CB6A45CB7578} URL = https://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - {2A03B2F0-F27B-479C-8180-CB6A45CB7578} URL = https://www.google.com/search?q={searchTerms}

SearchScopes: HKCU - {9D8BC862-2B1E-420A-BEFD-E629DF212E8A} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}

SearchScopes: HKCU - {F81C8F68-6297-4D31-858A-4F7D0582147E} URL = http://search.yahoo.com/search?fr=mcafee&type=A011US105&p={SearchTerms}

BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20130305175614.dll (McAfee, Inc.)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: Adblocker - {6BC69763-75BD-513A-F984-12981FF1D2D1} - C:\Program Files (x86)\Adblocker\yBIC.dll No File

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20130305175622.dll (McAfee, Inc.)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: Searcho-NewTab - {B0D33A0D-A78B-517A-5C90-B598372E95AF} - C:\Program Files (x86)\Searcho-NewTab\u08XqFPiC.dll No File

BHO-x32: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File

Toolbar: HKLM-x32 - AOL Toolbar - {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - C:\Program Files (x86)\AOL Toolbar\aoltb.dll No File

Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File

Toolbar: HKCU - No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} -  No File

DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab

Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} -  No File

Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

Handler-x32: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - C:\Program Files (x86)\Cozi Express\CoziProtocolHandler.dll (Cozi Group, Inc.)

Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)

Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)

Tcpip\Parameters: [DhcpNameServer] 167.206.13.180 167.206.13.181

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll ()

FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.13.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.13.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Daniel\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49

FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor

FF Extension: McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor [2013-02-02]

FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore

FF Extension: McAfee ScriptScan for Firefox - C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012-05-03]

FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2012-05-03]

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com/

CHR StartupUrls: "hxxp://www.google.com/"

CHR DefaultSearchKeyword: mcafee

CHR DefaultSearchURL: http://search.yahoo.com/search?fr=mcafee&type=A211US105&p={searchTerms}

CHR DefaultNewTabURL: 

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()

CHR Plugin: (Shockwave Flash) - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\35.0.1916.153\gcswf32.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Google Update) - C:\Users\Daniel\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Plugin: (McAfee SecurityCenter) - c:\progra~2\mcafee\msc\npmcsn~1.dll ()

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-19]

CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-20]

CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-06-19]

CHR Extension: (Google Search) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-20]

CHR Extension: (SiteAdvisor) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2014-02-11]

CHR Extension: (Coupon Companion Plugin) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj [2013-02-11]

CHR Extension: (Google Wallet) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]

CHR Extension: (Gmail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-20]

CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2014-06-13]

CHR StartMenuInternet: Google Chrome - C:\Users\Daniel\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-06-04] () [File not signed]

R2 gzserv; C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe [69368 2013-10-23] (Bitdefender)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 McAfee SiteAdvisor Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 McAWFwk; c:\Program Files\mcafee\msc\McAWFwk.exe [224704 2011-03-08] (McAfee, Inc.)

R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)

S4 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)

R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)

R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)

R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)

S2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [X]

S2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [X]

 

==================== Drivers (Whitelisted) ====================

 

R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [718840 2013-04-17] (BitDefender)

U5 avchv; C:\Windows\System32\Drivers\avchv.sys [261056 2012-11-02] (BitDefender)

R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [593144 2013-04-17] (BitDefender)

R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50464 2014-03-03] (AVG Technologies)

R1 bdfwfpf; C:\Program Files\Bitdefender\Antivirus Free Edition\bdfwfpf.sys [121928 2013-07-02] (Bitdefender SRL)

R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)

R1 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [148696 2013-04-22] (BitDefender LLC)

S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)

R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-03-24] (AnchorFree Inc.)

S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-26] (Visicom Media Inc.)

R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-04] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)

R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)

R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)

U3 mfeavfk01; No ImagePath

R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)

R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)

S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)

R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)

R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-03-24] (Anchorfree Inc.)

R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [382536 2013-05-28] (BitDefender S.R.L.)

S3 TSVAD_PCM; C:\Windows\System32\drivers\tsvadpcm.sys [33552 2012-08-22] (Windows ® Win 7 DDK provider)

S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-04 14:08 - 2014-07-04 14:08 - 00025464 _____ () C:\Users\Daniel\Downloads\FRST.txt

2014-07-04 14:06 - 2014-07-04 14:08 - 00000000 ____D () C:\FRST

2014-07-04 14:05 - 2014-07-04 14:05 - 02083840 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.com.exe

2014-07-04 13:55 - 2014-07-04 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-07-04 02:35 - 2014-07-03 23:36 - 00008780 _____ () C:\Users\Daniel\Desktop\AdwCleaner[R0].txt

2014-07-04 01:30 - 2014-07-04 01:30 - 14307404 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.07.0.1012.exe

2014-07-04 01:19 - 2014-07-04 01:23 - 00002040 _____ () C:\Users\Daniel\Desktop\Rkill.txt

2014-07-04 01:18 - 2014-07-04 01:18 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Daniel\Downloads\rkill.exe

2014-07-04 01:17 - 2014-07-04 01:17 - 00003116 _____ () C:\windows\System32\Tasks\WinZip Malware Protector_startup

2014-07-04 01:16 - 2014-07-04 01:16 - 00001191 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk

2014-07-04 01:16 - 2014-07-04 01:16 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Nico Mak Computing

2014-07-04 01:16 - 2014-07-04 01:16 - 00000000 ____D () C:\ProgramData\Nico Mak Computing

2014-07-04 01:16 - 2014-07-04 01:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector

2014-07-04 01:16 - 2014-07-04 01:16 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector

2014-07-04 01:16 - 2013-03-15 17:10 - 00020480 _____ () C:\windows\system32\wsusnative64.exe

2014-07-04 01:09 - 2014-07-04 01:09 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Macromedia

2014-07-04 01:07 - 2014-07-04 14:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4

2014-07-04 01:07 - 2014-07-04 14:03 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Mozilla

2014-07-04 01:07 - 2014-07-04 01:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Mozilla

2014-07-04 01:05 - 2014-07-04 01:05 - 00003778 _____ () C:\Users\Daniel\Downloads\Mozilla.Firefox.4.0.torrent

2014-07-04 00:55 - 2014-07-04 01:04 - 29754888 _____ (Mozilla) C:\Users\Daniel\Downloads\Firefox Setup 30.0.exe

2014-07-04 00:51 - 2014-07-04 00:51 - 00284224 _____ (Mozilla) C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0 (1).exe

2014-07-04 00:37 - 2014-07-04 00:37 - 48235382 _____ () C:\Users\Daniel\Downloads\Standoff (2).mp4

2014-07-03 23:51 - 2014-07-03 23:51 - 00009956 _____ () C:\Users\Daniel\Desktop\AdwCleaner[s0].txt

2014-07-03 23:36 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\windows\SysWOW64\sqlite3.dll

2014-07-03 23:35 - 2014-07-04 02:35 - 00000000 ____D () C:\AdwCleaner

2014-07-03 23:34 - 2014-07-03 23:35 - 01346519 _____ () C:\Users\Daniel\Downloads\adwcleaner_3.214.exe

2014-07-03 20:59 - 2014-07-03 21:00 - 00284224 _____ (Mozilla) C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0.exe

2014-07-03 19:49 - 2014-07-03 19:49 - 00929416 _____ (CNET Download.com) C:\Users\Daniel\Downloads\cbsidlm-cbsi188-ManageEngine_WiFi_Manager-SEO-10347599.exe

2014-06-30 02:55 - 2014-07-04 00:44 - 74042129 _____ () C:\Users\Daniel\Downloads\Standoff Cinematic with CC (1).wmv

2014-06-30 02:49 - 2014-06-30 02:49 - 00000000 __SHD () C:\Users\Daniel\AppData\Local\EmieUserList

2014-06-30 02:49 - 2014-06-30 02:49 - 00000000 __SHD () C:\Users\Daniel\AppData\Local\EmieSiteList

2014-06-30 01:31 - 2014-06-30 01:31 - 46360560 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.3.exe

2014-06-30 01:20 - 2014-06-30 01:21 - 00280204 _____ () C:\Users\Daniel\Downloads\WindowsUpdateDiagnostic.diagcab

2014-06-30 01:07 - 2014-06-30 01:09 - 169839058 _____ () C:\Users\Daniel\Downloads\standoff 1.mp4

2014-06-30 00:14 - 2014-07-04 13:50 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-30 00:13 - 2014-06-30 00:13 - 00001104 ____N () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-30 00:13 - 2014-06-30 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-30 00:13 - 2014-06-30 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-30 00:13 - 2014-06-30 00:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-30 00:13 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys

2014-06-30 00:13 - 2014-05-12 07:26 - 00063704 ____N (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys

2014-06-30 00:13 - 2014-05-12 07:25 - 00025816 ____N (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys

2014-06-30 00:10 - 2014-06-30 00:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-2.0.2.1012.exe

2014-06-30 00:03 - 2014-06-30 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2014-06-30 00:03 - 2014-06-30 00:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2014-06-29 22:04 - 2014-06-29 22:04 - 00017520 _____ () C:\Users\Daniel\Desktop\JRT.txt

2014-06-29 21:47 - 2014-06-29 21:43 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe

2014-06-29 21:44 - 2014-06-29 21:44 - 00000000 ____D () C:\windows\ERUNT

2014-06-29 21:43 - 2014-06-29 21:43 - 01016261 _____ (Thisisu) C:\Users\Daniel\Downloads\JRT.exe

2014-06-29 21:10 - 2014-06-29 21:10 - 48160922 _____ () C:\Users\Daniel\Downloads\Standoff (1).mp4

2014-06-29 20:16 - 2014-06-29 20:27 - 279499061 _____ () C:\Users\Daniel\Downloads\standoff.mp4

2014-06-29 20:10 - 2014-06-29 20:12 - 134538983 _____ () C:\Users\Daniel\Downloads\Standoff 2 Pack #6.rar

2014-06-29 19:04 - 2014-06-29 19:05 - 74090309 _____ () C:\Users\Daniel\Downloads\Standoff Cinematic with CC.wmv

2014-06-29 19:02 - 2014-06-29 19:03 - 74122429 _____ () C:\Users\Daniel\Downloads\Standoff Cinematic with CC.wmv.crdownload

2014-06-29 17:39 - 2014-06-29 17:39 - 00000000 ____D () C:\ProgramData\Package Cache

2014-06-28 03:23 - 2014-06-28 03:24 - 311081966 _____ () C:\Users\Daniel\Downloads\OCC 140 Cines Original Quality.rar

2014-06-23 21:41 - 2014-06-23 21:43 - 00321760 _____ () C:\Users\Daniel\Downloads\Move On  - Jez Dior.mp3.sfk

2014-06-22 16:52 - 2014-06-22 17:27 - 00003240 _____ () C:\Users\Daniel\Downloads\Explosion_Dull.sfk

2014-06-22 00:26 - 2014-06-22 00:26 - 00000000 ____D () C:\Program Files (x86)\Freemake

2014-06-22 00:24 - 2014-06-22 00:24 - 01325576 _____ (Ellora Assets Corporation ) C:\Users\Daniel\Downloads\FreemakeVideoConverterSetup.exe

2014-06-19 19:22 - 2014-06-19 19:22 - 00001056 _____ () C:\Users\Daniel\Desktop\Simkl IM CVR.lnk

2014-06-19 19:10 - 2014-06-27 20:30 - 00000000 ____D () C:\ProgramData\SimklStoreR

2014-06-19 19:10 - 2014-06-19 19:11 - 00000000 ____D () C:\ProgramData\SimklStore

2014-06-19 19:10 - 2014-06-19 19:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simkl IM CVR

2014-06-19 19:10 - 2014-06-19 19:10 - 00000000 ____D () C:\Program Files (x86)\Simkl IM CVR

2014-06-19 19:06 - 2014-06-19 19:11 - 05549552 _____ () C:\Users\Daniel\Downloads\MP3SkypeRecorderSetup.msi

2014-06-19 00:50 - 2014-06-19 00:50 - 00206536 _____ () C:\ProgramData\1403152164.bdinstall.bin

2014-06-19 00:37 - 2014-06-19 00:37 - 00002174 ____N () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk

2014-06-19 00:37 - 2014-06-19 00:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition

2014-06-19 00:37 - 2013-04-17 14:59 - 00718840 ____N (BitDefender) C:\windows\system32\Drivers\avc3.sys

2014-06-19 00:37 - 2013-04-17 14:59 - 00593144 ____N (BitDefender) C:\windows\system32\Drivers\avckf.sys

2014-06-19 00:37 - 2012-11-02 14:17 - 00261056 _____ (BitDefender) C:\windows\system32\Drivers\avchv.sys

2014-06-19 00:31 - 2014-06-19 00:37 - 00000000 ____D () C:\Program Files\Bitdefender

2014-06-19 00:30 - 2013-05-28 12:12 - 00382536 ____N (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys

2014-06-19 00:30 - 2013-04-22 13:21 - 00148696 ____N (BitDefender LLC) C:\windows\system32\Drivers\gzflt.sys

2014-06-19 00:29 - 2014-06-19 00:31 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\QuickScan

2014-06-19 00:29 - 2014-06-19 00:29 - 10447328 _____ () C:\Users\Daniel\Downloads\Antivirus_Free_Edition_x64.exe

2014-06-19 00:29 - 2014-06-19 00:29 - 00162208 _____ () C:\Users\Daniel\Downloads\Antivirus_Free_Edition.exe

2014-06-19 00:16 - 2014-06-19 00:16 - 00000000 ____D () C:\Users\Daniel\Downloads\Virtual DJ v7.4 PRO + Crack [ChattChitto RG]

2014-06-19 00:02 - 2014-06-30 02:48 - 00000000 ____D () C:\ProgramData\Adblocker

2014-06-19 00:02 - 2014-06-30 02:48 - 00000000 ____D () C:\Program Files (x86)\Adblocker

2014-06-19 00:02 - 2014-06-19 00:03 - 00000000 ____D () C:\ProgramData\WorldAppIt

2014-06-19 00:02 - 2014-06-19 00:02 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Guest

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Packages

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Comodo

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Administrator

2014-06-18 23:42 - 2014-06-18 23:42 - 01700688 _____ (BitTorrent Inc.) C:\Users\Daniel\Downloads\uTorrent.exe

2014-06-16 16:58 - 2014-06-16 16:59 - 00393944 _____ () C:\Users\Daniel\Downloads\Virtual Riot & Sub.Sound - Where Are You.mp3.sfk

2014-06-16 16:53 - 2014-06-16 16:54 - 00346528 _____ () C:\Users\Daniel\Downloads\L115 KEM Strike - WORLD CUP Predictions....mp4.sfk

2014-06-16 16:47 - 2014-06-16 16:48 - 97222026 _____ () C:\Users\Daniel\Downloads\L115 KEM Strike - WORLD CUP Predictions....mp4

2014-06-14 01:22 - 2014-06-14 01:33 - 00032768 _____ () C:\Users\Daniel\Desktop\Aquua - 1080 suicide raid.mp4.sfk

2014-06-14 01:22 - 2012-12-09 21:28 - 38552569 ____N () C:\Users\Daniel\Desktop\Aquua - 1080 suicide raid.mp4

2014-06-13 23:35 - 2014-06-13 23:36 - 00049864 ____N () C:\Users\Daniel\Desktop\raid.mp4.sfk

2014-06-13 23:35 - 2013-09-14 08:42 - 34261007 ____N () C:\Users\Daniel\Desktop\raid.mp4

2014-06-13 23:30 - 2014-06-13 23:31 - 33817536 _____ () C:\Users\Daniel\Downloads\raid.rar

2014-06-13 23:23 - 2013-09-14 08:43 - 20882251 ____N () C:\Users\Daniel\Desktop\standoff.mp4

2014-06-13 23:15 - 2014-06-13 23:18 - 203428532 _____ () C:\Users\Daniel\Downloads\Part1.zip

2014-06-13 23:08 - 2014-06-13 23:08 - 20882327 _____ () C:\Users\Daniel\Downloads\standoff.rar

2014-06-13 21:54 - 2012-09-02 20:04 - 15685925 _____ () C:\Users\Daniel\Desktop\How to use COD twitch + Color correction effects together tutorial.wmv

2014-06-12 23:48 - 2014-06-22 19:44 - 00199736 ____N () C:\Users\Daniel\Desktop\Rush.veg

2014-06-12 23:48 - 2014-06-22 17:15 - 00199664 _____ () C:\Users\Daniel\Desktop\Rush.veg.bak

2014-06-12 23:43 - 2014-06-12 23:43 - 02231481 _____ () C:\Users\Daniel\Downloads\Twixtor for Vegas Pro 12.zip

2014-06-12 20:25 - 2014-06-12 20:27 - 00261664 _____ () C:\Users\Daniel\Downloads\No Reloading KEM Strike! Applying to Clans!.mp4.sfk

2014-06-12 20:23 - 2014-06-12 20:23 - 58276347 _____ () C:\Users\Daniel\Downloads\No Reloading KEM Strike! Applying to Clans!.mp4

2014-06-12 20:15 - 2014-06-12 20:19 - 00358912 _____ () C:\Users\Daniel\Downloads\Sub.Sound - Another time.mp3.sfk

2014-06-12 18:42 - 2014-06-12 18:42 - 00005258 _____ () C:\Users\Daniel\Downloads\Preset pack 4 (CC Mega Pack).rar

2014-06-12 18:42 - 2012-09-02 17:08 - 00051310 ____N () C:\Users\Daniel\Desktop\Preset pack 4 (CC Mega pack).sfpreset

2014-06-12 18:25 - 2013-08-18 22:09 - 00423666 ____N () C:\Users\Daniel\Desktop\Preset Pack 5 (Animated effects pack).sfpreset

2014-06-12 18:24 - 2014-06-12 18:24 - 30540092 _____ () C:\Users\Daniel\Downloads\Preset Pack 5 (Animated effects pack, With Tutorials).rar

2014-06-12 18:22 - 2011-09-11 17:44 - 00024348 _____ () C:\Users\Daniel\Desktop\Sony Vegas pro 8 Preset package 1.sfpreset

2014-06-12 18:20 - 2014-06-12 18:21 - 00004329 _____ () C:\Users\Daniel\Downloads\Preset Pack 1.zip

2014-06-12 18:20 - 2014-06-12 18:20 - 00002010 _____ () C:\Users\Public\Desktop\Preset Manager 2.0.lnk

2014-06-12 18:18 - 2014-06-12 18:19 - 13328352 _____ (Sony Creative Software Inc.) C:\Users\Daniel\Downloads\presetmngr20k.exe

2014-06-12 18:04 - 2014-06-12 18:05 - 00076576 _____ () C:\Users\Daniel\Downloads\Fastest S&D Ace w_ DSR Grafitti Camo!!!!.mp4.sfk

2014-06-12 18:04 - 2014-06-12 18:04 - 19585481 _____ () C:\Users\Daniel\Downloads\Fastest S&D Ace w_ DSR Grafitti Camo!!!!.mp4

2014-06-12 17:55 - 2014-06-12 17:55 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Publish Providers

2014-06-12 17:54 - 2014-06-12 17:54 - 00002452 _____ () C:\Users\Daniel\Documents\Register Vegas Pro.htm

2014-06-12 17:46 - 2014-06-12 17:46 - 00006078 _____ () C:\windows\system32\--traceoff

2014-06-12 17:46 - 2014-06-12 17:46 - 00000000 _____ () C:\windows\system32\--debugoff

2014-06-12 17:45 - 2014-06-12 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-06-12 17:45 - 2014-06-12 17:45 - 00001040 ____N () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk

2014-06-12 17:44 - 2014-06-12 18:20 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-06-12 17:44 - 2014-06-12 17:53 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Sony

2014-06-12 17:44 - 2014-06-12 17:44 - 00000000 ____D () C:\ProgramData\Sony

2014-06-12 17:44 - 2014-06-12 17:44 - 00000000 ____D () C:\Program Files\Sony

2014-06-12 17:04 - 2014-06-13 23:44 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Sony

2014-06-12 17:00 - 2014-06-12 17:03 - 354230360 _____ (Sony Creative Software Inc.) C:\Users\Daniel\Downloads\vegaspro13.0.310_64bit.exe

2014-06-12 16:57 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll

2014-06-12 16:57 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb

2014-06-12 16:57 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll

2014-06-12 16:57 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll

2014-06-12 16:57 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll

2014-06-12 16:57 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll

2014-06-12 16:57 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll

2014-06-12 16:57 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll

2014-06-12 16:57 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll

2014-06-12 16:57 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll

2014-06-12 16:57 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe

2014-06-12 16:57 - 2014-05-30 05:21 - 00111616 ____N (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe

2014-06-12 16:57 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll

2014-06-12 16:57 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll

2014-06-12 16:57 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe

2014-06-12 16:57 - 2014-05-30 05:08 - 05782528 ____N (Microsoft Corporation) C:\windows\system32\jscript9.dll

2014-06-12 16:57 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll

2014-06-12 16:57 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb

2014-06-12 16:57 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll

2014-06-12 16:57 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll

2014-06-12 16:57 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll

2014-06-12 16:57 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll

2014-06-12 16:57 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll

2014-06-12 16:57 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll

2014-06-12 16:57 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll

2014-06-12 16:57 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll

2014-06-12 16:57 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe

2014-06-12 16:57 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll

2014-06-12 16:57 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll

2014-06-12 16:57 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll

2014-06-12 16:57 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll

2014-06-12 16:57 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe

2014-06-12 16:57 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll

2014-06-12 16:57 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll

2014-06-12 16:57 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl

2014-06-12 16:57 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll

2014-06-12 16:57 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-12 16:57 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll

2014-06-12 16:57 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll

2014-06-12 16:57 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll

2014-06-12 16:57 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll

2014-06-12 16:57 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll

2014-06-12 16:57 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll

2014-06-12 16:57 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll

2014-06-12 16:57 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl

2014-06-12 16:57 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll

2014-06-12 16:57 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll

2014-06-12 16:57 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll

2014-06-12 16:57 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll

2014-06-12 16:57 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll

2014-06-12 16:57 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll

2014-06-12 16:57 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll

2014-06-11 17:21 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\usp10.dll

2014-06-11 17:21 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\windows\SysWOW64\usp10.dll

2014-06-11 17:21 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys

2014-06-11 17:21 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS

2014-06-11 17:21 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll

2014-06-11 17:21 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll

2014-06-11 17:21 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll

2014-06-11 17:21 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll

2014-06-11 17:21 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll

2014-06-11 17:21 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll

2014-06-11 17:21 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll

2014-06-11 17:21 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll

2014-06-11 17:20 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-06-11 17:20 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-06-10 17:52 - 2014-06-10 17:52 - 00406064 _____ () C:\Users\Daniel\Downloads\Explosion_Dull.wav

2014-06-10 16:42 - 2014-06-10 16:42 - 00000445 _____ () C:\Users\Daniel\Downloads\Call Of Duty Black Ops 2 Sniper Quad Feed [Nuketown 2025].scn

2014-06-10 16:23 - 2014-06-10 18:42 - 00000000 ___RD () C:\Users\Daniel\Desktop\MY MOVIE

2014-06-10 16:15 - 2014-06-10 16:15 - 00998808 _____ () C:\Users\Daniel\Downloads\Player.exe

2014-06-10 16:15 - 2014-06-10 16:15 - 00324384 _____ (Supersoftware App) C:\Users\Daniel\Downloads\Call Of Duty Black Ops 2 Sniper Quad Feed [Nuketown 2025].mp4.exe

 

==================== One Month Modified Files and Folders =======

 

2014-07-04 14:09 - 2012-12-14 21:14 - 00000000 ____D () C:\Users\Daniel\AppData\Local\PMB Files

2014-07-04 14:08 - 2014-07-04 14:08 - 00025464 _____ () C:\Users\Daniel\Downloads\FRST.txt

2014-07-04 14:08 - 2014-07-04 14:06 - 00000000 ____D () C:\FRST

2014-07-04 14:06 - 2012-08-10 17:11 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Nero

2014-07-04 14:05 - 2014-07-04 14:05 - 02083840 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.com.exe

2014-07-04 14:05 - 2012-06-21 10:25 - 00093776 _____ () C:\Users\Daniel\AppData\Local\GDIPFONTCACHEV1.DAT

2014-07-04 14:04 - 2014-07-04 01:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 4

2014-07-04 14:04 - 2012-06-21 20:59 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Skype

2014-07-04 14:03 - 2014-07-04 01:07 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Mozilla

2014-07-04 13:57 - 2012-07-20 19:25 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001UA.job

2014-07-04 13:57 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-04 13:57 - 2009-07-14 00:45 - 00020928 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-04 13:55 - 2014-07-04 13:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

2014-07-04 13:55 - 2012-05-03 17:30 - 01948270 _____ () C:\windows\WindowsUpdate.log

2014-07-04 13:52 - 2013-10-23 16:42 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-07-04 13:51 - 2013-06-15 16:30 - 00000000 ____D () C:\Users\Daniel\AppData\Local\LogMeIn Hamachi

2014-07-04 13:50 - 2014-06-30 00:14 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-04 13:50 - 2013-06-03 17:05 - 00000350 _____ () C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

2014-07-04 13:50 - 2012-05-03 18:23 - 00000000 ____D () C:\Users\Default\AppData\Local\SoftThinks

2014-07-04 13:50 - 2012-05-03 18:23 - 00000000 ____D () C:\Users\Default User\AppData\Local\SoftThinks

2014-07-04 13:50 - 2012-05-03 18:12 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup

2014-07-04 13:49 - 2010-11-20 23:47 - 00308930 _____ () C:\windows\PFRO.log

2014-07-04 13:49 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT

2014-07-04 13:49 - 2009-07-14 00:51 - 00094127 _____ () C:\windows\setupact.log

2014-07-04 02:35 - 2014-07-03 23:35 - 00000000 ____D () C:\AdwCleaner

2014-07-04 02:00 - 2012-11-02 14:28 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Adobe

2014-07-04 01:30 - 2014-07-04 01:30 - 14307404 _____ (Malwarebytes Corp.) C:\Users\Daniel\Downloads\mbar-1.07.0.1012.exe

2014-07-04 01:23 - 2014-07-04 01:19 - 00002040 _____ () C:\Users\Daniel\Desktop\Rkill.txt

2014-07-04 01:18 - 2014-07-04 01:18 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Daniel\Downloads\rkill.exe

2014-07-04 01:17 - 2014-07-04 01:17 - 00003116 _____ () C:\windows\System32\Tasks\WinZip Malware Protector_startup

2014-07-04 01:16 - 2014-07-04 01:16 - 00001191 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk

2014-07-04 01:16 - 2014-07-04 01:16 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Nico Mak Computing

2014-07-04 01:16 - 2014-07-04 01:16 - 00000000 ____D () C:\ProgramData\Nico Mak Computing

2014-07-04 01:16 - 2014-07-04 01:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector

2014-07-04 01:16 - 2014-07-04 01:16 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector

2014-07-04 01:09 - 2014-07-04 01:09 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Macromedia

2014-07-04 01:07 - 2014-07-04 01:07 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Mozilla

2014-07-04 01:05 - 2014-07-04 01:05 - 00003778 _____ () C:\Users\Daniel\Downloads\Mozilla.Firefox.4.0.torrent

2014-07-04 01:04 - 2014-07-04 00:55 - 29754888 _____ (Mozilla) C:\Users\Daniel\Downloads\Firefox Setup 30.0.exe

2014-07-04 00:56 - 2012-06-23 17:50 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Audacity

2014-07-04 00:51 - 2014-07-04 00:51 - 00284224 _____ (Mozilla) C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0 (1).exe

2014-07-04 00:44 - 2014-06-30 02:55 - 74042129 _____ () C:\Users\Daniel\Downloads\Standoff Cinematic with CC (1).wmv

2014-07-04 00:44 - 2013-05-09 17:21 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\vlc

2014-07-04 00:37 - 2014-07-04 00:37 - 48235382 _____ () C:\Users\Daniel\Downloads\Standoff (2).mp4

2014-07-03 23:51 - 2014-07-03 23:51 - 00009956 _____ () C:\Users\Daniel\Desktop\AdwCleaner[s0].txt

2014-07-03 23:36 - 2014-07-04 02:35 - 00008780 _____ () C:\Users\Daniel\Desktop\AdwCleaner[R0].txt

2014-07-03 23:35 - 2014-07-03 23:34 - 01346519 _____ () C:\Users\Daniel\Downloads\adwcleaner_3.214.exe

2014-07-03 21:00 - 2014-07-03 20:59 - 00284224 _____ (Mozilla) C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0.exe

2014-07-03 20:45 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF

2014-07-03 19:49 - 2014-07-03 19:49 - 00929416 _____ (CNET Download.com) C:\Users\Daniel\Downloads\cbsidlm-cbsi188-ManageEngine_WiFi_Manager-SEO-10347599.exe

2014-07-03 17:19 - 2013-05-21 19:06 - 00003440 _____ () C:\windows\System32\Tasks\PCDEventLauncherTask

2014-06-30 02:49 - 2014-06-30 02:49 - 00000000 __SHD () C:\Users\Daniel\AppData\Local\EmieUserList

2014-06-30 02:49 - 2014-06-30 02:49 - 00000000 __SHD () C:\Users\Daniel\AppData\Local\EmieSiteList

2014-06-30 02:48 - 2014-06-19 00:02 - 00000000 ____D () C:\ProgramData\Adblocker

2014-06-30 02:48 - 2014-06-19 00:02 - 00000000 ____D () C:\Program Files (x86)\Adblocker

2014-06-30 02:24 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\Vss

2014-06-30 01:31 - 2014-06-30 01:31 - 46360560 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.3.exe

2014-06-30 01:21 - 2014-06-30 01:20 - 00280204 _____ () C:\Users\Daniel\Downloads\WindowsUpdateDiagnostic.diagcab

2014-06-30 01:09 - 2014-06-30 01:07 - 169839058 _____ () C:\Users\Daniel\Downloads\standoff 1.mp4

2014-06-30 00:53 - 2009-07-14 01:37 - 00000000 ____D () C:\windows\DigitalLocker

2014-06-30 00:13 - 2014-06-30 00:13 - 00001104 ____N () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-06-30 00:13 - 2014-06-30 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-30 00:13 - 2014-06-30 00:13 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-30 00:13 - 2014-06-30 00:13 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-06-30 00:10 - 2014-06-30 00:10 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Daniel\Downloads\mbam-setup-2.0.2.1012.exe

2014-06-30 00:03 - 2014-06-30 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2014-06-30 00:03 - 2014-06-30 00:03 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi

2014-06-29 22:04 - 2014-06-29 22:04 - 00017520 _____ () C:\Users\Daniel\Desktop\JRT.txt

2014-06-29 21:44 - 2014-06-29 21:44 - 00000000 ____D () C:\windows\ERUNT

2014-06-29 21:43 - 2014-06-29 21:47 - 01016261 _____ (Thisisu) C:\Users\Daniel\Desktop\JRT.exe

2014-06-29 21:43 - 2014-06-29 21:43 - 01016261 _____ (Thisisu) C:\Users\Daniel\Downloads\JRT.exe

2014-06-29 21:34 - 2014-02-09 16:35 - 00000000 ____D () C:\Users\Daniel\Downloads\Clips

2014-06-29 21:10 - 2014-06-29 21:10 - 48160922 _____ () C:\Users\Daniel\Downloads\Standoff (1).mp4

2014-06-29 20:27 - 2014-06-29 20:16 - 279499061 _____ () C:\Users\Daniel\Downloads\standoff.mp4

2014-06-29 20:12 - 2014-06-29 20:10 - 134538983 _____ () C:\Users\Daniel\Downloads\Standoff 2 Pack #6.rar

2014-06-29 19:05 - 2014-06-29 19:04 - 74090309 _____ () C:\Users\Daniel\Downloads\Standoff Cinematic with CC.wmv

2014-06-29 19:03 - 2014-06-29 19:02 - 74122429 _____ () C:\Users\Daniel\Downloads\Standoff Cinematic with CC.wmv.crdownload

2014-06-29 18:31 - 2012-06-21 10:44 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Adobe

2014-06-29 18:31 - 2012-05-03 17:47 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-06-29 17:56 - 2012-05-03 18:05 - 00000000 ____D () C:\ProgramData\Adobe

2014-06-29 17:39 - 2014-06-29 17:39 - 00000000 ____D () C:\ProgramData\Package Cache

2014-06-29 03:30 - 2014-05-29 23:23 - 00000196 ____N () C:\Users\Daniel\Desktop\vid notes.txt

2014-06-28 03:27 - 2014-06-01 16:01 - 00000000 ____D () C:\Users\Daniel\Downloads\YT Donwloads

2014-06-28 03:24 - 2014-06-28 03:23 - 311081966 _____ () C:\Users\Daniel\Downloads\OCC 140 Cines Original Quality.rar

2014-06-27 22:18 - 2012-09-06 21:03 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Paint.NET

2014-06-27 20:30 - 2014-06-19 19:10 - 00000000 ____D () C:\ProgramData\SimklStoreR

2014-06-23 21:43 - 2014-06-23 21:41 - 00321760 _____ () C:\Users\Daniel\Downloads\Move On  - Jez Dior.mp3.sfk

2014-06-22 19:44 - 2014-06-12 23:48 - 00199736 ____N () C:\Users\Daniel\Desktop\Rush.veg

2014-06-22 17:27 - 2014-06-22 16:52 - 00003240 _____ () C:\Users\Daniel\Downloads\Explosion_Dull.sfk

2014-06-22 17:15 - 2014-06-12 23:48 - 00199664 _____ () C:\Users\Daniel\Desktop\Rush.veg.bak

2014-06-22 14:57 - 2012-07-20 19:25 - 00000860 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001Core.job

2014-06-22 00:26 - 2014-06-22 00:26 - 00000000 ____D () C:\Program Files (x86)\Freemake

2014-06-22 00:24 - 2014-06-22 00:24 - 01325576 _____ (Ellora Assets Corporation ) C:\Users\Daniel\Downloads\FreemakeVideoConverterSetup.exe

2014-06-19 19:22 - 2014-06-19 19:22 - 00001056 _____ () C:\Users\Daniel\Desktop\Simkl IM CVR.lnk

2014-06-19 19:11 - 2014-06-19 19:10 - 00000000 ____D () C:\ProgramData\SimklStore

2014-06-19 19:11 - 2014-06-19 19:06 - 05549552 _____ () C:\Users\Daniel\Downloads\MP3SkypeRecorderSetup.msi

2014-06-19 19:10 - 2014-06-19 19:10 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Simkl IM CVR

2014-06-19 19:10 - 2014-06-19 19:10 - 00000000 ____D () C:\Program Files (x86)\Simkl IM CVR

2014-06-19 17:00 - 2009-07-14 00:45 - 05017832 _____ () C:\windows\system32\FNTCACHE.DAT

2014-06-19 00:50 - 2014-06-19 00:50 - 00206536 _____ () C:\ProgramData\1403152164.bdinstall.bin

2014-06-19 00:37 - 2014-06-19 00:37 - 00002174 ____N () C:\Users\Public\Desktop\Bitdefender Antivirus Free Edition.lnk

2014-06-19 00:37 - 2014-06-19 00:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition

2014-06-19 00:37 - 2014-06-19 00:31 - 00000000 ____D () C:\Program Files\Bitdefender

2014-06-19 00:31 - 2014-06-19 00:29 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\QuickScan

2014-06-19 00:29 - 2014-06-19 00:29 - 10447328 _____ () C:\Users\Daniel\Downloads\Antivirus_Free_Edition_x64.exe

2014-06-19 00:29 - 2014-06-19 00:29 - 00162208 _____ () C:\Users\Daniel\Downloads\Antivirus_Free_Edition.exe

2014-06-19 00:16 - 2014-06-19 00:16 - 00000000 ____D () C:\Users\Daniel\Downloads\Virtual DJ v7.4 PRO + Crack [ChattChitto RG]

2014-06-19 00:03 - 2014-06-19 00:02 - 00000000 ____D () C:\ProgramData\WorldAppIt

2014-06-19 00:03 - 2013-02-10 22:14 - 00000000 ____D () C:\ProgramData\InstallMate

2014-06-19 00:02 - 2014-06-19 00:02 - 00000258 __RSH () C:\ProgramData\ntuser.pol

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\HomeGroupUser$

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Guest

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Packages

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Comodo

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-06-19 00:02 - 2014-06-19 00:02 - 00000000 ____D () C:\Users\Administrator

2014-06-19 00:02 - 2012-07-20 19:25 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Google

2014-06-19 00:02 - 2009-07-13 23:20 - 00000000 ___HD () C:\windows\system32\GroupPolicy

2014-06-19 00:02 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\GroupPolicy

2014-06-18 23:42 - 2014-06-18 23:42 - 01700688 _____ (BitTorrent Inc.) C:\Users\Daniel\Downloads\uTorrent.exe

2014-06-16 16:59 - 2014-06-16 16:58 - 00393944 _____ () C:\Users\Daniel\Downloads\Virtual Riot & Sub.Sound - Where Are You.mp3.sfk

2014-06-16 16:54 - 2014-06-16 16:53 - 00346528 _____ () C:\Users\Daniel\Downloads\L115 KEM Strike - WORLD CUP Predictions....mp4.sfk

2014-06-16 16:48 - 2014-06-16 16:47 - 97222026 _____ () C:\Users\Daniel\Downloads\L115 KEM Strike - WORLD CUP Predictions....mp4

2014-06-15 12:54 - 2012-05-03 18:00 - 00000000 ____D () C:\Program Files (x86)\McAfee

2014-06-14 01:33 - 2014-06-14 01:22 - 00032768 _____ () C:\Users\Daniel\Desktop\Aquua - 1080 suicide raid.mp4.sfk

2014-06-14 00:03 - 2012-07-20 21:19 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-06-13 23:44 - 2014-06-12 17:04 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Sony

2014-06-13 23:36 - 2014-06-13 23:35 - 00049864 ____N () C:\Users\Daniel\Desktop\raid.mp4.sfk

2014-06-13 23:31 - 2014-06-13 23:30 - 33817536 _____ () C:\Users\Daniel\Downloads\raid.rar

2014-06-13 23:18 - 2014-06-13 23:15 - 203428532 _____ () C:\Users\Daniel\Downloads\Part1.zip

2014-06-13 23:13 - 2009-07-14 01:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-06-13 23:08 - 2014-06-13 23:08 - 20882327 _____ () C:\Users\Daniel\Downloads\standoff.rar

2014-06-12 23:43 - 2014-06-12 23:43 - 02231481 _____ () C:\Users\Daniel\Downloads\Twixtor for Vegas Pro 12.zip

2014-06-12 21:12 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\rescache

2014-06-12 20:27 - 2014-06-12 20:25 - 00261664 _____ () C:\Users\Daniel\Downloads\No Reloading KEM Strike! Applying to Clans!.mp4.sfk

2014-06-12 20:23 - 2014-06-12 20:23 - 58276347 _____ () C:\Users\Daniel\Downloads\No Reloading KEM Strike! Applying to Clans!.mp4

2014-06-12 20:19 - 2014-06-12 20:15 - 00358912 _____ () C:\Users\Daniel\Downloads\Sub.Sound - Another time.mp3.sfk

2014-06-12 18:42 - 2014-06-12 18:42 - 00005258 _____ () C:\Users\Daniel\Downloads\Preset pack 4 (CC Mega Pack).rar

2014-06-12 18:24 - 2014-06-12 18:24 - 30540092 _____ () C:\Users\Daniel\Downloads\Preset Pack 5 (Animated effects pack, With Tutorials).rar

2014-06-12 18:22 - 2012-06-21 10:27 - 00000000 ____D () C:\Users\Daniel\AppData\Local\VirtualStore

2014-06-12 18:21 - 2014-06-12 18:20 - 00004329 _____ () C:\Users\Daniel\Downloads\Preset Pack 1.zip

2014-06-12 18:20 - 2014-06-12 18:20 - 00002010 _____ () C:\Users\Public\Desktop\Preset Manager 2.0.lnk

2014-06-12 18:20 - 2014-06-12 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-06-12 18:20 - 2014-06-12 17:44 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-06-12 18:19 - 2014-06-12 18:18 - 13328352 _____ (Sony Creative Software Inc.) C:\Users\Daniel\Downloads\presetmngr20k.exe

2014-06-12 18:05 - 2014-06-12 18:04 - 00076576 _____ () C:\Users\Daniel\Downloads\Fastest S&D Ace w_ DSR Grafitti Camo!!!!.mp4.sfk

2014-06-12 18:04 - 2014-06-12 18:04 - 19585481 _____ () C:\Users\Daniel\Downloads\Fastest S&D Ace w_ DSR Grafitti Camo!!!!.mp4

2014-06-12 17:55 - 2014-06-12 17:55 - 00000000 ____D () C:\Users\Daniel\AppData\Roaming\Publish Providers

2014-06-12 17:54 - 2014-06-12 17:54 - 00002452 _____ () C:\Users\Daniel\Documents\Register Vegas Pro.htm

2014-06-12 17:53 - 2014-06-12 17:44 - 00000000 ____D () C:\Users\Daniel\AppData\Local\Sony

2014-06-12 17:46 - 2014-06-12 17:46 - 00006078 _____ () C:\windows\system32\--traceoff

2014-06-12 17:46 - 2014-06-12 17:46 - 00000000 _____ () C:\windows\system32\--debugoff

2014-06-12 17:45 - 2014-06-12 17:45 - 00001040 ____N () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk

2014-06-12 17:44 - 2014-06-12 17:44 - 00000000 ____D () C:\ProgramData\Sony

2014-06-12 17:44 - 2014-06-12 17:44 - 00000000 ____D () C:\Program Files\Sony

2014-06-12 17:03 - 2014-06-12 17:00 - 354230360 _____ (Sony Creative Software Inc.) C:\Users\Daniel\Downloads\vegaspro13.0.310_64bit.exe

2014-06-12 16:53 - 2013-07-22 00:29 - 00000000 ____D () C:\windows\system32\MRT

2014-06-12 16:48 - 2012-07-15 15:05 - 95414520 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2014-06-12 00:26 - 2014-05-06 23:10 - 00000000 ___SD () C:\windows\system32\CompatTel

2014-06-11 22:49 - 2012-06-27 19:07 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI

2014-06-10 18:42 - 2014-06-10 16:23 - 00000000 ___RD () C:\Users\Daniel\Desktop\MY MOVIE

2014-06-10 18:18 - 2012-09-05 17:17 - 00039424 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-06-10 17:52 - 2014-06-10 17:52 - 00406064 _____ () C:\Users\Daniel\Downloads\Explosion_Dull.wav

2014-06-10 16:42 - 2014-06-10 16:42 - 00000445 _____ () C:\Users\Daniel\Downloads\Call Of Duty Black Ops 2 Sniper Quad Feed [Nuketown 2025].scn

2014-06-10 16:15 - 2014-06-10 16:15 - 00998808 _____ () C:\Users\Daniel\Downloads\Player.exe

2014-06-10 16:15 - 2014-06-10 16:15 - 00324384 _____ (Supersoftware App) C:\Users\Daniel\Downloads\Call Of Duty Black Ops 2 Sniper Quad Feed [Nuketown 2025].mp4.exe

2014-06-08 05:13 - 2014-06-11 17:20 - 00506368 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll

2014-06-08 05:08 - 2014-06-11 17:20 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll

2014-06-07 15:51 - 2009-07-14 01:13 - 00783424 _____ () C:\windows\system32\PerfStringBackup.INI

2014-06-04 23:21 - 2013-01-31 19:02 - 00000000 ___RD () C:\Program Files (x86)\Skype

2014-06-04 23:21 - 2012-05-03 18:05 - 00000000 ____D () C:\ProgramData\Skype

2014-06-04 18:45 - 2014-06-03 22:37 - 00000000 ___RD () C:\Users\Daniel\Desktop\NEW

 

Files to move or delete:

====================

C:\Users\Daniel\jagex_cl_runescape_LIVE.dat

C:\Users\Daniel\jagex_cl_runescape_LIVE1.dat

C:\Users\Daniel\random.dat

 

 

Some content of TEMP:

====================

C:\Users\Daniel\AppData\Local\Temp\24FD.exe

C:\Users\Daniel\AppData\Local\Temp\aol_toolbar.exe

C:\Users\Daniel\AppData\Local\Temp\avguidx.dll

C:\Users\Daniel\AppData\Local\Temp\bdfilters.dll

C:\Users\Daniel\AppData\Local\Temp\C478.exe

C:\Users\Daniel\AppData\Local\Temp\CommonInstaller.exe

C:\Users\Daniel\AppData\Local\Temp\Creative Cloud Helper.exe

C:\Users\Daniel\AppData\Local\Temp\drm_dyndata_7370014.dll

C:\Users\Daniel\AppData\Local\Temp\drm_dyndata_7380014.dll

C:\Users\Daniel\AppData\Local\Temp\ezLooker-S-Setup_Suite1.exe

C:\Users\Daniel\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe

C:\Users\Daniel\AppData\Local\Temp\gbinit.exe

C:\Users\Daniel\AppData\Local\Temp\GUR1573.exe

C:\Users\Daniel\AppData\Local\Temp\GUR6BBD.exe

C:\Users\Daniel\AppData\Local\Temp\GUR6C3.exe

C:\Users\Daniel\AppData\Local\Temp\GUR95B9.exe

C:\Users\Daniel\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe

C:\Users\Daniel\AppData\Local\Temp\LiveSupport_setup.exe

C:\Users\Daniel\AppData\Local\Temp\MachineIdCreator.exe

C:\Users\Daniel\AppData\Local\Temp\oi_{902B6A52-2577-44C2-9FC0-D8BD709A55DB}.exe

C:\Users\Daniel\AppData\Local\Temp\Quarantine.exe

C:\Users\Daniel\AppData\Local\Temp\SearchProtectionSetup.exe

C:\Users\Daniel\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Daniel\AppData\Local\Temp\sSetup-se.exe

C:\Users\Daniel\AppData\Local\Temp\Strongvault.exe

C:\Users\Daniel\AppData\Local\Temp\STWSetup.exe

C:\Users\Daniel\AppData\Local\Temp\su-setup.exe

C:\Users\Daniel\AppData\Local\Temp\swt-win32-3349.dll

C:\Users\Daniel\AppData\Local\Temp\swt-win32-3740.dll

C:\Users\Daniel\AppData\Local\Temp\tmp4808.exe

C:\Users\Daniel\AppData\Local\Temp\ToolbarInstaller.exe

C:\Users\Daniel\AppData\Local\Temp\xmlUpdater.exe

C:\Users\Daniel\AppData\Local\Temp\YontooSetup-S.exe

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-06-19 21:20

 

==================== End Of Log ============================

[dman255]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014

Ran by Daniel at 2014-07-04 14:09:44

Running from C:\Users\Daniel\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AV: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}

AV: Bitdefender Antivirus Free Edition (Enabled - Up to date) {9B5F5313-CAF9-DD97-C460-E778420237B4}

AS: McAfee Anti-Virus and Anti-Spyware (Enabled - Up to date) {16C7C823-5972-5907-58FA-0004E2F9422F}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Bitdefender Antivirus Free Edition (Enabled - Up to date) {203EB2F7-ECC3-D219-FED0-DC0A39857D09}

FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}

 

==================== Installed Programs ======================

 

Accidental Damage Services Agreement (HKLM-x32\...\{EF85FEF4-EB92-4075-A6D2-5F519BB30A2C}) (Version: 2.0.0 - Dell Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.7.700.169 - Adobe Systems Incorporated)

Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

AOL Toolbar (HKCU\...\AOL Toolbar) (Version:  - )

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)

AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)

Banctec Service Agreement (HKLM-x32\...\{42D68A86-DB1C-4256-B8C9-5D0D92919AF5}) (Version: 2.0.0 - Dell Inc.)

Bandicam (HKLM-x32\...\Bandicam) (Version: 1.8.6.321 - Bandisoft.com)

Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)

BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bitdefender Antivirus Free Edition (HKLM\...\BitDefender Gonzales) (Version: 1.0.21.1099 - Bitdefender)

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blio (HKLM-x32\...\{400182B4-CA55-46A9-9D88-F8413DCFB36D}) (Version: 2.3.7140 - K-NFB Reading Technology, Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden

Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Complete Care Business Service Agreement (HKLM-x32\...\{0ECFCB07-9BFE-4970-ACA1-D568D982760B}) (Version: 2.0.0 - Dell Inc.)

Consumer In-Home Service Agreement (HKLM-x32\...\{F47C37A4-7189-430A-B81D-739FF8A7A554}) (Version: 2.0.0 - Dell Inc.)

Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)

Cozi (HKLM-x32\...\{EA1F3D6C-A6F5-4CDC-B0D3-9C56C06B4D29}) (Version: 1.0.6505.38692 - Cozi Group, Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)

DayZ Commander (HKLM-x32\...\{67686439-FBC8-4342-9748-D42BA10F7994}) (Version: 0.9.90 - Dotjosh Studios)

Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.67 - Dell Inc.)

Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.67 - Dell Inc.)

Dell DataSafe Online (HKLM-x32\...\{C53BCCBE-9268-4C09-82E9-611444A73B3F}) (Version: 2.9.0.19 - Dell)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)

Dell Home Systems Service Agreement (HKLM-x32\...\{AB2FDE4F-6BED-4E9E-B676-3DCCEBB1FBFE}) (Version: 2.0.0 - Dell Inc.)

Dell MusicStage (HKLM-x32\...\{3BD7DD08-991B-4A2F-A165-614ED14EAADD}) (Version: 1.6.225.0 - Fingertapps)

Dell PhotoStage (HKLM-x32\...\{E4335E82-17B3-460F-9E70-39D9BC269DB3}) (Version: 1.5.0.130 - ArcSoft)

Dell Stage (HKLM-x32\...\{FE182796-F6BA-486A-8590-89B7E8D1D60F}) (Version: 1.7.209.0 - Fingertapps)

Dell Stage Remote (HKLM-x32\...\{AF4D3C63-009B-4A17-B02E-D395065DD3F0}) (Version: 2.0.0.43 - ArcSoft)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.225 - ALPS ELECTRIC CO., LTD.)

Dell VideoStage  (HKLM-x32\...\InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}) (Version: 1.3.0.2513 - CyberLink Corp.)

Dell VideoStage  (x32 Version: 1.3.0.2513 - CyberLink Corp.) Hidden

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.17 - Creative Technology Ltd)

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

DW WLAN Card (HKLM\...\DW WLAN Card) (Version: 5.100.82.88 - Dell Inc.)

eBay (HKLM-x32\...\{A8B88634-7F90-402F-B66A-86429755F6A5}) (Version: 1.4.0 - eBay Inc.)

Escape Whisper Valley (x32 Version: 2.2.0.95 - WildTangent) Hidden

ESO Survey Live version 1.3.0 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.3.0 - Immersyve, Inc.)

Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden

FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden

Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden

Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden

Fraps (HKLM-x32\...\Fraps) (Version:  - )

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Horizon v2.7.1.4 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.1.4 - Daring Development Inc.)

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2342 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)

iTunes (HKLM\...\{A535111D-95C8-487F-869E-CE4C239972D2}) (Version: 11.1.1.11 - Apple Inc.)

Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden

Jewel Quest (x32 Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden

Luxor (x32 Version: 2.2.0.95 - WildTangent) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: 11.6.511 - McAfee, Inc.)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

Namco All-Stars PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden

Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden

Nero Blu-ray Player (x32 Version: 12.0.20012 - Nero AG) Hidden

Nero Control Center 10 (x32 Version: 10.6.13000.0.11 - Nero AG) Hidden

Nero ControlCenter 10 Help (CHM) (x32 Version: 10.2.10800 - Nero AG) Hidden

Nero Core Components 10 (x32 Version: 2.0.20500.9.16 - Nero AG) Hidden

Nero Update (x32 Version: 11.0.11500.28.0 - Nero AG) Hidden

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6 - Notepad++ Team)

ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9060 - ooVoo LLC.)

ooVoo toolbar, powered by Ask.com Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.4.1.34141 - Ask.com) <==== ATTENTION

Opera 12.02 (HKLM-x32\...\Opera 12.02.1578) (Version: 12.02.1578 - Opera Software ASA)

Optimum (HKCU\...\1060583097.optimumapp.iptv.optimum.net) (Version:  - optimumapp.iptv.optimum.net)

Optimum App for Laptop 1.70 (HKLM\...\{6082AB31-92B1-4832-AC89-3B2E6D8C14FE}) (Version: 1.70 - Cablevision)

Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Pinnacle Studio 12 (HKLM-x32\...\{D041EB9E-890A-4098-8F94-51DA194AC72A}) (Version: 12.1.3.6605 - Pinnacle Systems)

Pinnacle Video Driver (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.029 - Pinnacle Systems)

PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)

Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Premium Service Agreement (HKLM-x32\...\{C33AA6D6-F5EC-48F3-AFDC-8141345D473A}) (Version: 2.0.0 - Dell Inc.)

Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)

QualxServ Service Agreement (HKLM-x32\...\{903679E8-44C8-4C07-9600-05C92654FC50}) (Version: 2.0.0 - Dell Inc.)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)

Samantha Swift (x32 Version: 2.2.0.95 - WildTangent) Hidden

Search Protection (HKCU\...\Search Protection) (Version: 9.4.0.2 - Spigot, Inc.) <==== ATTENTION

Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)

SHOUTcast Source DSP 1.9.0 (remove only) (HKLM-x32\...\SHOUTcastDSP) (Version:  - )

Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7038 - Six Projects)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

SyncUP (HKLM-x32\...\{D92C9CCE-E5F0-4125-977A-0590F3225B74}) (Version: 10.2.16100 - Nero AG)

SyncUP (x32 Version: 1.12.12400.17.102 - Nero AG) Hidden

TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)

The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )

TrustedID IDMonitor Identity Protection (HKLM-x32\...\{0E74474A-1CDF-4249-A507-CE8C1DCEC8BC}) (Version: 1.1.0 - TrustedID Inc)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)

Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

VLC media player 2.0.6 (HKLM-x32\...\VLC media player) (Version: 2.0.6 - VideoLAN)

WildTangent Games (HKLM-x32\...\WildTangent dell Master Uninstall) (Version: 1.0.2.5 - WildTangent)

WildTangent Games App (Dell Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden

Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)

Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)

Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)

Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

 

==================== Restore Points  =========================

 

26-06-2014 03:53:07 Windows Update

29-06-2014 21:38:18 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030

04-07-2014 02:55:22 Windows Update

04-07-2014 17:52:39 Removed VirtualDJ PRO Full

 

==================== Hosts content: ==========================

 

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {01401359-084A-453F-892C-553BC4DA35DF} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION

Task: {08A763FC-7041-449F-A6C2-04D1E9A87C04} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {1FFECBD4-885A-4D30-B986-739E5E3BE60B} - \SW-Booster-S-1091471407 No Task File <==== ATTENTION

Task: {269DA1F4-B472-419C-85A3-E60F9650927D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001UA => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {60D890F1-0CF6-4D21-AF04-EE8C6900C2A5} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)

Task: {8A079C5F-4F82-4299-B189-08080A0D3BB0} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\windows\TEMP\{5285490B-6BC3-4FB7-ACE9-03C08195ADC4}.exe

Task: {90DF00AF-DC12-4DC2-88A8-E8B03D43B5CC} - System32\Tasks\Updater21804.exe => C:\Users\Daniel\AppData\Local\Updater21804\Updater21804.exe <==== ATTENTION

Task: {BA16033C-058F-4A5D-BFE0-B93A87A82C49} - System32\Tasks\AdobeAAMUpdater-1.0-Daniel-PC-Daniel => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

Task: {C0E074E6-09FD-425A-9D86-ED986DE51721} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] () <==== ATTENTION

Task: {D3DF8E49-CFB0-4E56-93CC-E78046C81B19} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)

Task: {D4CFF88C-887E-4744-8360-3A48976569C7} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe

Task: {DF15A11E-0ED6-4447-B7AC-42C1FE9759A9} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)

Task: C:\windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\windows\TEMP\{5285490B-6BC3-4FB7-ACE9-03C08195ADC4}.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001Core.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001UA.job => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-06-19 00:37 - 2013-03-19 12:07 - 00696632 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll

2014-06-19 00:37 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Antivirus Free Edition\BDMetrics.dll

2012-11-13 22:53 - 2012-11-13 22:53 - 00139024 ____N () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll

2012-06-18 11:24 - 2012-06-18 11:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

2012-05-03 20:09 - 2011-03-25 21:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2011-06-27 20:26 - 2011-06-27 20:26 - 02022976 ____N () C:\Program Files (x86)\Dell\Stage Remote\StageRemote.exe

2012-12-14 21:14 - 2012-12-14 21:14 - 03093624 ____N () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe

2012-05-03 18:12 - 2012-01-26 22:49 - 02751808 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE

2011-06-29 09:52 - 2011-06-29 09:52 - 00474176 ____N () C:\Program Files (x86)\Dell\Stage Remote\StageRemoteService.exe

2014-01-10 21:50 - 2014-01-06 15:44 - 00064000 ____N () C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe

2012-07-24 15:42 - 2014-04-28 21:40 - 02557976 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe

2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 ____N () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2010-03-16 21:28 - 2010-03-16 21:28 - 01926144 ____N () C:\Program Files (x86)\Dell\Stage Remote\QtCore4.dll

2010-03-22 16:52 - 2010-03-22 16:52 - 06776832 ____N () C:\Program Files (x86)\Dell\Stage Remote\QtGui4.dll

2010-03-16 21:28 - 2010-03-16 21:28 - 00635904 _____ () C:\Program Files (x86)\Dell\Stage Remote\QtNetwork4.dll

2010-03-16 21:28 - 2010-03-16 21:28 - 00326144 ____N () C:\Program Files (x86)\Dell\Stage Remote\QtXml4.dll

2011-06-25 00:20 - 2011-06-25 00:20 - 00565968 _____ () C:\Program Files (x86)\Dell\Stage Remote\sqlite3.dll

2011-06-27 20:25 - 2011-06-27 20:25 - 00058944 _____ () C:\Program Files (x86)\Dell\Stage Remote\DataService.dll

2011-06-25 00:21 - 2011-06-25 00:21 - 00322624 ____N () C:\Program Files (x86)\Dell\Stage Remote\en-US\UI\ManagerUI.dll

2010-03-11 20:52 - 2010-03-11 20:52 - 00028160 ____N () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qgif4.dll

2010-03-05 16:07 - 2010-03-05 16:07 - 00031744 _____ () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qico4.dll

2010-03-05 16:07 - 2010-03-05 16:07 - 00125952 ____N () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qjpeg4.dll

2010-03-11 20:52 - 2010-03-11 20:52 - 00225280 ____N () C:\Program Files (x86)\Dell\Stage Remote\plugins\imageformats\qmng4.dll

2014-04-28 21:40 - 2014-04-28 21:40 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll

2014-02-12 19:09 - 2014-02-12 19:09 - 00169472 ____N () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll

2012-05-03 17:40 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2014-06-13 22:01 - 2014-06-05 09:58 - 00716616 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll

2014-06-13 22:01 - 2014-06-05 09:58 - 00126280 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll

2014-06-13 22:01 - 2014-06-05 09:58 - 04217672 ____N () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll

2014-06-13 22:01 - 2014-06-05 09:58 - 00414536 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

2014-06-13 22:01 - 2014-06-05 09:58 - 01732424 _____ () C:\Users\Daniel\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

2011-12-31 18:04 - 2011-12-31 18:04 - 00251688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.ComponentModel.Composition.dll

2011-12-31 18:04 - 2011-12-31 18:04 - 00891688 _____ () C:\Program Files (x86)\Nero\SyncUP\System.Data.SQLite.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Users\Daniel\Desktop\JRT.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\adwcleaner_3.214.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\cbsidlm-cbsi188-ManageEngine_WiFi_Manager-SEO-10347599.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup 30.0.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0 (1).exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\FreemakeVideoConverterSetup.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\FRST64.com.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\JRT.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\mbar-1.07.0.1012.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\rkill.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\spybot-2.3.exe:BDU

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/04/2014 01:50:38 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/03/2014 11:56:41 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/03/2014 10:09:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8486

 

Error: (07/03/2014 10:09:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8486

 

Error: (07/03/2014 10:09:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/03/2014 10:09:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7472

 

Error: (07/03/2014 10:09:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 7472

 

Error: (07/03/2014 10:09:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/03/2014 10:09:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6474

 

Error: (07/03/2014 10:09:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6474

 

 

System errors:

=============

Error: (07/04/2014 01:51:24 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )

Description: WMPNetworkSvc0x80004005

 

Error: (07/04/2014 01:49:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Hotspot Shield Monitoring Service service failed to start due to the following error: 

%%2

 

Error: (07/04/2014 01:49:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Hotspot Shield Service service failed to start due to the following error: 

%%2

 

Error: (07/03/2014 11:57:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Windows Search service failed to start due to the following error: 

%%1053

 

Error: (07/03/2014 11:57:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

 

Error: (07/03/2014 11:57:24 PM) (Source: DCOM) (EventID: 10005) (User: )

Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

 

Error: (07/03/2014 11:55:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Hotspot Shield Monitoring Service service failed to start due to the following error: 

%%2

 

Error: (07/03/2014 11:55:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Hotspot Shield Service service failed to start due to the following error: 

%%2

 

Error: (07/03/2014 05:01:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: 

%%1053

 

Error: (07/03/2014 05:01:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.

 

 

Microsoft Office Sessions:

=========================

Error: (07/04/2014 01:50:38 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/03/2014 11:56:41 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/03/2014 10:09:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8486

 

Error: (07/03/2014 10:09:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8486

 

Error: (07/03/2014 10:09:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/03/2014 10:09:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7472

 

Error: (07/03/2014 10:09:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 7472

 

Error: (07/03/2014 10:09:28 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second

 

Error: (07/03/2014 10:09:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 6474

 

Error: (07/03/2014 10:09:27 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 6474

 

 

CodeIntegrity Errors:

===================================

  Date: 2014-06-12 21:11:19.909

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-12 21:11:19.906

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-06-12 21:10:31.698

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-05-18 18:33:45.435

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-05-18 18:33:45.431

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2014-05-18 18:32:17.721

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Common Files\mcafee\VSCore\mfeelamk.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 55%

Total physical RAM: 3894.68 MB

Available physical RAM: 1741.02 MB

Total Pagefile: 7787.55 MB

Available Pagefile: 4514.13 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:446.13 GB) (Free:154.64 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 2ACC5C54)

Partition 1: (Not Active) - (Size=100 MB) - (Type=DE)

Partition 2: (Active) - (Size=20 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=446 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

[dman255]

I apologize for the confusion. I was able to post the .txt files as replies up above. I hope you find them to your liking.

[Psychotic]

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.

[dman255]

Hello, Psychotic. As I mentioned in the initial post I have removed all cracked software that I had installed on my computer before hand. It is unfortunate that there is still evidence of cracked software on my machine as I wish to put that behind me. After this incident I don't plan on installing any sort of cracked software again as it has hurt me personally. I would highly appreciate any help given to me at this time. I also thank you for responding.

[dman255]

Hello again. After quickly reviewing some of the logs above I noticed that there is still some questionable software on my PC. However, I mostly only saw them in my downloads folder. Before coming onto the forum and asking for help I attempted to remove an uninstall all known cracked software on my computer. I suceeded in uninstalling the cracked software on my computer. However, there are clearly some pieces left behind such as download files. I will try to remove the rest of the cracked and malicious software that may be on my computer. Also, I have seen the Malwarebytes forum policy on Piracy and fully intend to follow those policies. Once again, I thank you for donating your time to help clean my computer of viruses and malware.

[Psychotic]

Going over your logs I noticed that you have uTorrent installed.

• Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
• They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
• Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
• The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

 

Multiple Antivirus Programs installed!

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time.

The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:

1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.

Therefore please go to add/remove in the control panel and remove either BitDefender or McAfee.

 

 

 

 

Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs
 

Search Protection
ooVoo toolbar, powered by Ask.com Updater

Close the window.

 

 

 

 

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

• Download the attached fixlist.txt and save it to the location where FRST is saved to.
• Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
• The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

• If not existing, please download Malwarebytes Anti-Malware to your desktop.
• Double-click the downloaded setup file and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
• Click Finish.

If the program is already installed:

• Run Malwarebytes Antimalware
• On the Dashboard, click the 'Update Now >>' link
• After the update completes, click the 'Scan Now >>' button.
• Or, on the Dashboard, click the Scan Now >> button.
• If an update is available, click the Update Now button.
• A Threat Scan will begin.
• When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
• In most cases, a restart will be required.
• Wait for the prompt to restart the computer to appear, then click on Yes.

• After the restart once you are back at your desktop, open MBAM once more.
• Click on the History tab > Application Logs.
• Double click on the scan log which shows the Date and time of the scan just performed.
• Click 'Copy to Clipboard'
• Paste the contents of the clipboard into your reply.

 

fixlist.txt

[dman255]

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01

Ran by Daniel at 2014-07-08 21:19:14 Run:1

Running from C:\Users\Daniel\Downloads

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

AlternateDataStreams: C:\Users\Daniel\Desktop\JRT.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\adwcleaner_3.214.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\cbsidlm-cbsi188-ManageEngine_WiFi_Manager-SEO-10347599.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup 30.0.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0 (1).exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\FreemakeVideoConverterSetup.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\FRST64.com.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\JRT.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\mbar-1.07.0.1012.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\rkill.exe:BDU

AlternateDataStreams: C:\Users\Daniel\Downloads\spybot-2.3.exe:BDU

Task: {C0E074E6-09FD-425A-9D86-ED986DE51721} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] () <==== ATTENTION

Task: {90DF00AF-DC12-4DC2-88A8-E8B03D43B5CC} - System32\Tasks\Updater21804.exe => C:\Users\Daniel\AppData\Local\Updater21804\Updater21804.exe <==== ATTENTION

Task: {01401359-084A-453F-892C-553BC4DA35DF} - \Scheduled Update for Ask Toolbar No Task File <==== ATTENTION

Task: {08A763FC-7041-449F-A6C2-04D1E9A87C04} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001Core => C:\Users\Daniel\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {1FFECBD4-885A-4D30-B986-739E5E3BE60B} - \SW-Booster-S-1091471407 No Task File <==== ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File

Toolbar: HKCU - No Name - {BA00B7B1-0351-477A-B948-23E3EE5A73D4} -  No File

Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File

 

C:\Program Files (x86)\Razer\Razer Game Booster

C:\Users\Daniel\AppData\Local\Updater21804

C:\Users\Daniel\jagex_cl_runescape_LIVE.dat

C:\Users\Daniel\jagex_cl_runescape_LIVE1.dat

C:\Users\Daniel\random.dat

C:\Users\Daniel\Downloads

*****************

 

C:\Users\Daniel\Desktop\JRT.exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\adwcleaner_3.214.exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\cbsidlm-cbsi188-ManageEngine_WiFi_Manager-SEO-10347599.exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\Firefox Setup 30.0.exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0 (1).exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\Firefox Setup Stub 30.0.exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\FreemakeVideoConverterSetup.exe => ":BDU" ADS removed successfully.

"C:\Users\Daniel\Downloads\FRST64.com.exe" => ":BDU" ADS not found.

C:\Users\Daniel\Downloads\JRT.exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\mbar-1.07.0.1012.exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\rkill.exe => ":BDU" ADS removed successfully.

C:\Users\Daniel\Downloads\spybot-2.3.exe => ":BDU" ADS removed successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C0E074E6-09FD-425A-9D86-ED986DE51721}' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0E074E6-09FD-425A-9D86-ED986DE51721}' => Key deleted successfully.

C:\Windows\System32\Tasks\Razer_Game_Booster_AutoUpdate => Moved successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Razer_Game_Booster_AutoUpdate' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{90DF00AF-DC12-4DC2-88A8-E8B03D43B5CC}' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90DF00AF-DC12-4DC2-88A8-E8B03D43B5CC}' => Key deleted successfully.

C:\Windows\System32\Tasks\Updater21804.exe => Moved successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater21804.exe' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{01401359-084A-453F-892C-553BC4DA35DF}' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{01401359-084A-453F-892C-553BC4DA35DF}' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{08A763FC-7041-449F-A6C2-04D1E9A87C04}' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{08A763FC-7041-449F-A6C2-04D1E9A87C04}' => Key deleted successfully.

C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001Core => Moved successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-723765448-4241196438-2827874537-1001Core' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1FFECBD4-885A-4D30-B986-739E5E3BE60B}' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1FFECBD4-885A-4D30-B986-739E5E3BE60B}' => Key deleted successfully.

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SW-Booster-S-1091471407' => Key deleted successfully.

'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.

'HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}'=> Key not found.

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{BA00B7B1-0351-477A-B948-23E3EE5A73D4} => value deleted successfully.

'HKCR\CLSID\{BA00B7B1-0351-477A-B948-23E3EE5A73D4}'=> Key not found.

HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value deleted successfully.

'HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}'=> Key not found.

C:\Program Files (x86)\Razer\Razer Game Booster => Moved successfully.

"C:\Users\Daniel\AppData\Local\Updater21804" => File/Directory not found.

C:\Users\Daniel\jagex_cl_runescape_LIVE.dat => Moved successfully.

C:\Users\Daniel\jagex_cl_runescape_LIVE1.dat => Moved successfully.

C:\Users\Daniel\random.dat => Moved successfully.

[dman255]

Malwarebytes Anti-Malware

www.malwarebytes.org

 

 

Protection, 7/8/2014 8:53:14 PM, SYSTEM, DANIEL-PC, Protection, Malware Protection, Starting, 

Protection, 7/8/2014 8:53:14 PM, SYSTEM, DANIEL-PC, Protection, Malware Protection, Started, 

Protection, 7/8/2014 8:53:14 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Starting, 

Protection, 7/8/2014 8:54:57 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Started, 

Protection, 7/8/2014 9:22:57 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 7/8/2014 9:22:57 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 7/8/2014 9:22:57 PM, SYSTEM, DANIEL-PC, Protection, Malware Protection, Stopping, 

Protection, 7/8/2014 9:23:09 PM, SYSTEM, DANIEL-PC, Protection, Malware Protection, Stopped, 

Protection, 7/8/2014 9:25:18 PM, SYSTEM, DANIEL-PC, Protection, Malware Protection, Starting, 

Protection, 7/8/2014 9:25:18 PM, SYSTEM, DANIEL-PC, Protection, Malware Protection, Started, 

Protection, 7/8/2014 9:25:18 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Starting, 

Update, 7/8/2014 9:25:34 PM, SYSTEM, DANIEL-PC, Manual, Rootkit Database, 2014.2.20.1, 2014.7.7.1, 

Update, 7/8/2014 9:25:39 PM, SYSTEM, DANIEL-PC, Manual, Malware Database, 2014.3.4.9, 2014.7.8.12, 

Protection, 7/8/2014 9:25:40 PM, SYSTEM, DANIEL-PC, Protection, Refresh, Starting, 

Protection, 7/8/2014 9:25:53 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Started, 

Protection, 7/8/2014 9:25:54 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Stopping, 

Protection, 7/8/2014 9:25:54 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Stopped, 

Protection, 7/8/2014 9:25:58 PM, SYSTEM, DANIEL-PC, Protection, Refresh, Success, 

Protection, 7/8/2014 9:25:58 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Starting, 

Protection, 7/8/2014 9:25:58 PM, SYSTEM, DANIEL-PC, Protection, Malicious Website Protection, Started, 

 

(end)

[dman255]

Sorry I have posted the wrong logs above. I have posted the correct logs below this post.

[dman255]

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 7/8/2014

Scan Time: 9:26:44 PM

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.07.08.12

Rootkit Database: v2014.07.07.01

License: Trial

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Daniel

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 320508

Time Elapsed: 24 min, 45 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 1

PUP.Optional.CouponCompanion.A, HKU\S-1-5-21-723765448-4241196438-2827874537-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Coupon Companion Plugin, , [694d009c1a613cfa211b1ba861a14eb2], 

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 7

PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker, , [e6d0811b0576f541f2cd32889e64d62a], 

PUP.Optional.Booster.A, C:\ProgramData\WorldAppIt\SW-Booster, , [d7df06966c0fb482db232190c63cd52b], 

PUP.Optional.Booster.A, C:\ProgramData\WorldAppIt\SW-Booster\1091471407, , [d7df06966c0fb482db232190c63cd52b], 

PUP.Optional.CouponCompanion.A, C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj, , [13a3f4a8e59648ee542ce1d2887a9e62], 

PUP.Optional.CouponCompanion.A, C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.25.56_0, , [13a3f4a8e59648ee542ce1d2887a9e62], 

PUP.Optional.CouponCompanion.A, C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.25.56_0\js, , [13a3f4a8e59648ee542ce1d2887a9e62], 

PUP.Optional.CouponCompanion.A, C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jneaojaoiajhnemidnjhoempalnidbhj\1.25.56_0\js\lib, , [13a3f4a8e59648ee542ce1d2887a9e62], 

 

Files: 5

PUP.Optional.SearchProtect.A, C:\Users\Daniel\AppData\Local\Temp\nsd9E76.tmp, , [81357c20700b0a2c17ca801270914db3], 

PUP.Optional.Yontoo.A, C:\Users\Daniel\AppData\Local\Temp\YontooSetup-S.exe, , [36801e7ea7d4f640bacda31621e1758b], 

PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker\yBIC.tlb, , [e6d0811b0576f541f2cd32889e64d62a], 

PUP.Optional.AdBlocker.A, C:\Program Files (x86)\Adblocker\yBIC.dat, , [e6d0811b0576f541f2cd32889e64d62a], 

PUP.Optional.Booster.A, C:\ProgramData\WorldAppIt\SW-Booster\1091471407.ini, , [d7df06966c0fb482db232190c63cd52b], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

[Psychotic]

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

• Turn off the real time scanner of any existing antivirus program while performing the online scan
• Tick the box next to YES, I accept the Terms of Use.
• Click Start
• When asked, allow the activex control to install
• Click Start
• Make sure that the option Remove found threats is unticked
• Click on Advanced Settings and ensure these options are ticked:
  • Scan for potentially unwanted applications
• Scan for potentially unsafe applications
• Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

[dman255]

C:\AdwCleaner\Quarantine\C\Program Files (x86)\save ON\LS5dwB.dll.vir a variant of Win32/AdWare.MultiPlug.N application

C:\FRST\Quarantine\C\Users\Daniel\Downloads\Call Of Duty Black Ops 2 Sniper Quad Feed [Nuketown 2025].mp4.exe Win32/InstalleRex.M potentially unwanted application

C:\FRST\Quarantine\C\Users\Daniel\Downloads\cbsidlm-cbsi188-ManageEngine_WiFi_Manager-SEO-10347599.exe a variant of Win32/CNETInstaller.B potentially unwanted application

C:\FRST\Quarantine\C\Users\Daniel\Downloads\cbsidlm-tr1_10a-Virtual_Audio_Cable-ORG-10067766.exe Win32/DownloadAdmin.G potentially unwanted application

C:\FRST\Quarantine\C\Users\Daniel\Downloads\FreemakeVideoConverterSetup.exe Win32/OpenCandy potentially unsafe application

C:\FRST\Quarantine\C\Users\Daniel\Downloads\Player.exe Win32/OutBrowse.V potentially unwanted application

C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe a variant of Win32/HiddenStart.A potentially unsafe application

C:\Program Files (x86)\Simkl IM CVR\Uninstall.exe probably unknown NewHeur_PE virus

C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe a variant of MSIL/AdvancedSystemProtector.A potentially unwanted application

C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7EMGURGL\spstub[1].exe a variant of Win32/Conduit.SearchProtect.N potentially unwanted application

C:\Users\Daniel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\TLLUYVGS\OptimizerPro[1].exe a variant of Win32/AdWare.SpeedingUpMyPC.L application

C:\Users\Daniel\AppData\Local\Temp\ezLooker-S-Setup_Suite1.exe Win32/Adware.Yontoo application

C:\Users\Daniel\AppData\Local\Temp\YontooSetup-S.exe Win32/Adware.Yontoo application

C:\Users\Daniel\AppData\Local\Temp\{02C295B3-1555-4723-A5C8-5D77D921B745}\Addons\OpProSetup.exe a variant of Win32/AdWare.SpeedingUpMyPC.L application

[Psychotic]

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.

• Run adwcleaner.exe
• Hit Scan and wait for the scan to finish.
• Confirm the message but don´t uncheck anything.
• Hit Clean
• When the run is finished, it will open up a text file
• Please post its contents within your next reply
• You´ll find the log file at C:\AdwCleaner[s1].txt also
  

Delete junk with JRT

Please download Junkware Removal Tool to your desktop.

• Shut down your protection software now to avoid potential conflicts.
• Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete depending on your system's specifications.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next message.
  

SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

• Save it to your desktop, start it and follow the instructions in the window.
• After the scan finished the (checkup.txt) will open. Copy its content to your thread.
  

[dman255]

# AdwCleaner v3.215 - Report created 11/07/2014 at 20:27:05

# Updated 09/07/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Daniel - DANIEL-PC

# Running from : C:\Users\Daniel\Desktop\adwcleaner_3.215.exe

# Option : Clean

 

***** [ Services ] *****

 

[#] Service Deleted : hshld

[#] Service Deleted : hsswd

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Adblocker

Folder Deleted : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\ProgramData\Nico Mak Computing

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hotspot shield

Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector

Folder Deleted : C:\Program Files (x86)\AVG Secure Search

Folder Deleted : C:\Program Files (x86)\WinZip Malware Protector

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Deleted : C:\windows\SysWOW64\hotspot shield

Folder Deleted : C:\Users\Daniel\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Daniel\AppData\Local\Temp\hotspot shield

Folder Deleted : C:\Users\Daniel\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Daniel\AppData\Roaming\Nico Mak Computing

File Deleted : C:\Users\Public\Desktop\eBay.lnk

File Deleted : C:\Users\Daniel\AppData\Roaming\regsvr32.exe_log.txt

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [se]

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B0D33A0D-A78B-517A-5C90-B598372E95AF}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B0D33A0D-A78B-517A-5C90-B598372E95AF}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B0D33A0D-A78B-517A-5C90-B598372E95AF}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B0D33A0D-A78B-517A-5C90-B598372E95AF}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B0D33A0D-A78B-517A-5C90-B598372E95AF}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17207

 

 

-\\ Mozilla Firefox v

 

-\\ Google Chrome v

 

[ File : C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [8780 octets] - [03/07/2014 23:35:52]

AdwCleaner[R1].txt - [5015 octets] - [11/07/2014 20:25:04]

AdwCleaner[s0].txt - [9956 octets] - [03/07/2014 23:51:27]

AdwCleaner[s1].txt - [4888 octets] - [11/07/2014 20:27:05]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [4948 octets] ##########

[dman255]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x64

Ran by Daniel on Fri 07/11/2014 at 20:41:36.40

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Fri 07/11/2014 at 20:49:43.06

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[dman255]

Hello, again. Just finished scanning with security check. For some reason checkup.txt opened in Notepad C++ rather than normal Notepad so it looks a bit different. I post the logs below anyway. Also, if you have any problems with the logs below just tell me.

 

 Results of screen317's Security Check version 0.99.85  

 Windows 7 Service Pack 1 x64 (UAC is enabled)  

 Internet Explorer 11  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

McAfee Anti-Virus and Anti-Spyware   

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Java 7 Update 13  

 Java version out of Date! 

  Adobe Flash Player 11.7.700.169 Flash Player out of Date!  

 Google Chrome 35.0.1916.114  

 Google Chrome 35.0.1916.153  

````````Process Check: objlist.exe by Laurent````````  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 

[dman255]

Just wanted to point out that I am having trouble stopping active protection on Mcafee because my subscription is expired. Once the subscription is expired you cannot access the options to turn the firewall on and off and also other options like active protection. I may just end up deleting the program if it causes an issue cleaning my computer.

[Psychotic]

Your system is clean now!

 

 

 

Java runtime Environment out of date

Your Java runtime environment is outdated. We will fix this.

• Get the actual JRE from here
• Save jxpiinstall.exe to your desktop
• Close all running programs, especially your browser(s)
• Run jxpiinstall.exe. This will download the newest JRE installer and install the software
• when finished, go to
  Start-->control panel-->add/remove programs and remove all older Java versions. (if existing)
• When finished, reboot your computer.

After the reboot

• Open control panel again and click the java symbol.
• Click Settings under Temporary Internet Files.
  The Temporary Files Settings dialog box appears.
• Click Delete Files.
  The Delete Temporary Files dialog box appears
• Click OK on Delete Temporary Files window.
• Click OK again.

 

 

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

• Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
• Click upon Start-->control panel-->add/remove programs.
• Search for and remove any older reader versions.
  

 

 

 

 

Defrag your hard drive
 
Your hard drive is heavily fragmented. This may result in performance losses. If it is NOT an SSD drive, use a tool like Auslogic DiskDefrag to defrag the drive.

 

 

 

If you run into trouble when uninstalling McAfee, see this link: http://service.mcafee.com/FAQDocument.aspx?id=TS101331

 

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
3. In any case please download delfix to your desktop.
   
   • Close all other programms and start delfix.
   • Please check all the boxes and run the tool.
   • delfix will now delete all found traces of our removal process
     

[*] If there is still something left please delete it manualy.

Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.




Temp File Cleaner

We need to download Temp File Cleaner (TFC) by OldTimer:

• Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
• Save and close all running applications
• Double-click on TFC.exe to run the program
• Click on Start to begin the cleaning process note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
• When the scan is complete, if you were not asked to reboot the computer, please do so now

More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

 

 

 

 

Recommendations: How to protect yourself

• System Updates
  Please ensure to have automatic updates activated in your control panel.
  For further information and a tutorial, see this Microsoft Support article.
• Protection
  What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
  Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
  
  • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
    It will filter unwanted advertising out of the website´s content.
  • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
    It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
    In addition, before accessing a dangerous classified web site, a warning screen is displayed.
    

  [*]Up to date Software
  Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:
  

  • Secunia Personal Software Inspector - checks if your software has updates available.
  • SecurityCheck (by screen317) - scans your computer for most vulnerable outdated software.
  • Mozilla: Check your plugins - The webpage will tell you if you have outdated plugins running in your Firefox browser.
    

  [*]Backup
  Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
  The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.
  

  • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
  • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
  • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
    They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
    

  
  
  

[dman255]

Hello again Psycotic. I have some good news everything worked out great and it appears my computer is now free of viruses and malicious software. I thank you for your help this past week or so and I plan on donating to your Paypal just as soon as I get some money in my own Paypal account. Once again, I thank you for helping me! And I will take your advice on internet behavior.

[Psychotic]

Nice to hear that, thank you!

[AdvancedSetup]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!