Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-04-2014 03
Ran by roxio (administrator) on XERAPHIEM on 01-05-2014 00:50:10
Running from C:\Users\roxio\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Duplex Secure Ltd.) C:\Windows\System32\Microsoft.com
() C:\Users\Anjing\Saved Games\League of Legends\Garena Messenger\Garena Plus\ggdllhost.exe
(BitTorrent Inc.) C:\Users\Guest\AppData\Roaming\uTorrent\uTorrent.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\Users\Anjing\Downloads\RogueKiller.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Neuber Software) C:\Program Files\Security Task Manager\TaskMan.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files\IObit\Advanced SystemCare 7\ASCTray.exe" /auto
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [430080 2008-04-25] (TOSHIBA)
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\Run: [uTorrent] => C:\Users\Guest\AppData\Roaming\uTorrent\uTorrent.exe [1077584 2013-10-26] (BitTorrent Inc.)
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1355892921-4227396954-4140540508-1000\...\MountPoints2: {78696f77-03dc-11df-b616-00225fe823cb} - F:\AutoRun.exe
GroupPolicyUsers\S-1-5-21-1355892921-4227396954-4140540508-1002\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/tempcleaner/{72ADF531-4C9B-4D9B-97BA-BE9D5AD97E7D}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TSHB&bmod=TSHB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://securityresponse.symantec.com/avcenter/fix_homepage/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html
URLSearchHook: HKCU - (No Name) - {7b13ec3e-999a-4b70-b9cb-2617b8323822} -  No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1656F4A4-0D29-4F1F-B638-8EDBA7747F52} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSHB
SearchScopes: HKCU - DefaultScope {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browser/tempcleaner/{72ADF531-4C9B-4D9B-97BA-BE9D5AD97E7D}?q={searchTerms}
SearchScopes: HKCU - ToolbarSearchProviderProgress {96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
SearchScopes: HKCU - {1656F4A4-0D29-4F1F-B638-8EDBA7747F52} URL = 
SearchScopes: HKCU - {75F6B1A3-672B-4884-A208-8F8A2B1D60CC} URL = http://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b2ie7
SearchScopes: HKCU - {96bd48dd-741b-41ae-ac4a-aff96ba00f7e} URL = http://www.bigseekpro.com/search/browser/tempcleaner/{72ADF531-4C9B-4D9B-97BA-BE9D5AD97E7D}?q={searchTerms}
SearchScopes: HKCU - {F7786CEC-E78A-4CAD-8F33-63726841E9AC} URL = http://ph.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=937811&p={searchTerms}
BHO: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: No Name - {a4fe94c0-5c8c-a4af-3270-c5972680cc02} -  No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File
Toolbar: HKCU - No Name - {E6570CD8-9978-4621-B1F9-6A62436F0466} -  No File
Toolbar: HKCU - No Name - {7B13EC3E-999A-4B70-B9CB-2617B8323822} -  No File
Toolbar: HKCU - No Name - {CD90BF73-20F6-44EF-993D-BB920303BD2E} -  No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKCU - No Name - {338B4DFE-2E2C-4338-9E41-E176D497299E} -  No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks:  - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} -  No File [ ]
Hosts: 127.0.0.1	localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\roxio\AppData\Roaming\Mozilla\Firefox\Profiles\zdm7fgcc.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Yahoo
FF Keyword.URL: hxxp://search.yahoo.com/search?fr=panda&type=panda2_0yatb&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Picasa2\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin: @real.com/nppl3260;version=6.0.11.2852 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.1662 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @t.garena.com/garenatalk - C:\Users\Anjing\Saved Games\League of Legends\Garena Messenger\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.4.21 - C:\Users\roxio\AppData\Local\Yahoo!\BrowserPlus\2.4.21\Plugins\npybrowserplus_2.4.21.dll No File
FF Extension: Microsoft .NET Framework Assistant - C:\Users\roxio\AppData\Roaming\Mozilla\Firefox\Profiles\zdm7fgcc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2010-12-07]
FF Extension: Panda Security Toolbar - C:\Users\roxio\AppData\Roaming\Mozilla\Firefox\Profiles\zdm7fgcc.default\Extensions\{B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} [2011-01-27]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-02-14]

Chrome: 
=======
CHR DefaultSearchKeyword: google.com.ph
CHR Extension: (Google Docs) - C:\Users\roxio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-30]
CHR Extension: (Google Drive) - C:\Users\roxio\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-30]
CHR Extension: (YouTube) - C:\Users\roxio\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-30]
CHR Extension: (Paghahanap sa Google) - C:\Users\roxio\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-30]
CHR Extension: (Skype Click to Call) - C:\Users\roxio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-04-30]
CHR Extension: (Google Wallet) - C:\Users\roxio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-30]
CHR Extension: (Gmail) - C:\Users\roxio\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-30]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-10-02]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]

========================== Services (Whitelisted) =================

S3 Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [0 ] (Symantec Corporation)
S4 ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2008-04-17] (TOSHIBA CORPORATION)
S4 Globe Tattoo Broadband. RunOuc; C:\Program Files\Globe Tattoo Broadband\UpdateDog\ouc.exe [657504 2012-11-12] ()
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [0 ] (Symantec Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S3 npggsvc; C:\Windows\system32\GameMon.des [5132656 2013-11-21] (INCA Internet Co., Ltd.)
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3064000 2012-10-02] (Skype Technologies S.A.)
S4 SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [73728 2008-04-25] (Toshiba)
S4 TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [46392 2008-08-05] (TOSHIBA Corporation)
S3 TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [126976 2007-12-04] (TOSHIBA Corporation)
S3 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-24] (Ulead Systems, Inc.)

==================== Drivers (Whitelisted) ====================

S3 1394hub; C:\Windows\System32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2013-03-22] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKslfd157767; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{DE883F91-B297-46C2-8EBC-FD5C9369CBDF}\MpKslfd157767.sys [39464 2014-04-30] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\NPF.sys [50704 2010-01-27] (CACE Technologies, Inc.)
R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347648 2009-06-10] (Realtek Semiconductor Corporation                           )
S3 SVRPEDRV; C:\Windows\System32\sysprep\PEDrv.sys [9216 2008-01-19] (Inventec Corporation)
U3 TrueSight; C:\Windows\system32\TrueSight.sys [26624 2014-04-30] ()
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [18432 2007-12-18] (Chicony Electronics Co., Ltd.)
S3 EagleNT; \??\C:\Users\Anjing\AppData\Local\Temp\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 GGSAFERDriver; \??\C:\Users\Anjing\Saved Games\Garena Messenger\Room\safedrv.sys [X]
S3 GT680xNT; system32\drivers\gt680x.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S3 IO_Memory; \??\C:\WINDOWS\SYSTEM32\SYSPREP\Drivers\ioport.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 Netaapl; system32\DRIVERS\netaapl.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
R2 PfFilter; \??\C:\Program Files\IObit\Protected Folder\pffilter.sys [X]
S1 SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [X]
S1 SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [X]
U0 sr; 
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-05] () <===== ATTENTION Necurs Rootkit?
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
U2 wuaserv; 

========================== Drivers MD5 =======================


==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-01 00:43 - 2014-05-01 00:50 - 00017280 _____ () C:\Users\roxio\Downloads\FRST.txt
2014-05-01 00:42 - 2014-05-01 00:50 - 00000000 ___DC () C:\FRST
2014-05-01 00:42 - 2014-05-01 00:42 - 01050624 _____ (Farbar) C:\Users\roxio\Downloads\FRST.exe
2014-04-30 22:25 - 2014-04-30 22:25 - 00513136 _____ () C:\Users\roxio\Desktop\Silent Runners.vbs
2014-04-30 22:12 - 2014-04-30 22:12 - 00071228 _____ () C:\Users\roxio\Downloads\SPTDinst-v186-x86.exe
2014-04-30 21:50 - 2014-04-30 21:50 - 00013561 _____ () C:\Users\roxio\Downloads\[kickass.to]malwarebytes.anti.malware.pro.1.75.0.1300.final.multilanguage.incl.serial.scenedl.torrent
2014-04-30 21:49 - 2014-04-30 21:52 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-04-30 21:49 - 2014-04-30 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
2014-04-30 21:49 - 2014-04-30 21:49 - 00000000 ____D () C:\Program Files\Security Task Manager
2014-04-30 21:46 - 2014-04-30 21:48 - 02365840 _____ () C:\Users\roxio\Downloads\SecurityTaskManager_Setup.exe
2014-04-30 21:40 - 2014-04-30 21:40 - 00026624 _____ () C:\Windows\system32\TrueSight.sys
2014-04-30 21:38 - 2014-04-30 22:44 - 00000000 ____D () C:\Users\roxio\Desktop\RK_Quarantine
2014-04-30 21:21 - 2014-04-30 22:36 - 00000000 ____D () C:\Users\roxio\Desktop\Collection of Movies
2014-04-30 21:07 - 2014-04-30 21:27 - 00000000 ____D () C:\Users\roxio\Desktop\Roxio Files
2014-04-30 20:51 - 2014-04-30 20:56 - 00000000 ____D () C:\Program Files\Unlocker
2014-04-30 20:51 - 2014-04-30 20:51 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-04-30 20:14 - 2014-04-30 21:18 - 00002462 _____ () C:\Windows\PFRO.log
2014-04-30 20:13 - 2014-04-30 21:16 - 00023583 _____ () C:\Windows\Partizan.log
2014-04-30 19:23 - 2014-04-30 19:27 - 05459368 _____ () C:\Users\Anjing\Downloads\Unconfirmed 875106.crdownload
2014-04-30 19:23 - 2014-04-30 19:25 - 03972608 _____ () C:\Users\Anjing\Downloads\RogueKiller.exe
2014-04-30 19:23 - 2014-04-30 19:25 - 01678013 _____ () C:\Users\Anjing\Downloads\pc-decrapifier-2.3.1.exe
2014-04-30 19:23 - 2014-04-30 19:24 - 01153912 _____ (Emsi Software GmbH) C:\Users\Anjing\Downloads\BlitzBlank.exe
2014-04-30 19:21 - 2014-04-30 19:27 - 09096848 _____ (SurfRight B.V.) C:\Users\Anjing\Downloads\Unconfirmed 901997.crdownload
2014-04-30 19:07 - 2014-04-30 19:07 - 05654888 _____ (Microsoft Corporation) C:\Users\Anjing\Downloads\msxml4-KB941833-enu.exe
2014-04-30 19:01 - 2014-04-30 19:01 - 00929416 _____ (CNET Download.com) C:\Users\Anjing\Downloads\cbsidlm-cbsi188-Unlocker-ORG-10493998.exe
2014-04-30 18:46 - 2014-04-30 18:46 - 00000000 _____ () C:\Windows\system32\rd
2014-04-30 18:43 - 2014-04-30 18:43 - 00000000 ____C () C:\Users\Anjing\del
2014-04-30 18:25 - 2014-04-30 18:25 - 00000000 ____D () C:\ProgramData\LHService
2014-04-30 18:17 - 2014-04-30 18:17 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\LockHunter
2014-04-30 18:15 - 2014-04-30 18:16 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\Anjing\Downloads\lockhuntersetup_3-1-1.exe
2014-04-30 18:09 - 2014-04-30 18:09 - 00000082 _____ () C:\Users\Anjing\Documents\cc_20140430_180902.reg
2014-04-30 17:55 - 2014-04-30 18:01 - 92115656 _____ (Sophos Limited) C:\Users\Anjing\Downloads\Sophos Virus Removal Tool.exe
2014-04-30 17:32 - 2014-04-30 19:16 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-04-30 16:10 - 2014-04-30 16:11 - 01016261 _____ () C:\Users\Anjing\Downloads\JRT.exe
2014-04-30 15:42 - 2014-04-30 15:46 - 00000000 ____D () C:\Users\Anjing\Documents\RegRun2
2014-04-30 15:42 - 2014-04-30 15:42 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-04-30 15:40 - 2014-04-30 15:42 - 00000000 ____D () C:\Users\Anjing\Downloads\unhackme
2014-04-30 14:56 - 2014-04-30 14:56 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\SUPERAntiSpyware.com
2014-04-30 14:56 - 2014-04-30 14:56 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-04-30 14:45 - 2014-04-30 14:46 - 12569408 _____ (IObit) C:\Users\Anjing\Downloads\iobituninstaller.exe
2014-04-30 13:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-04-30 13:55 - 2014-04-29 22:18 - 00452608 __RSH (Duplex Secure Ltd.) C:\Windows\system32\Microsoft.com
2014-04-30 12:45 - 2014-04-30 20:16 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-04-30 12:45 - 2014-04-29 22:18 - 00452608 __RSH (Duplex Secure Ltd.) C:\ProgramData\Microsoft.com
2014-04-30 03:41 - 2014-04-30 03:41 - 00011637 _____ () C:\Users\Anjing\Downloads\1A5BF48AA25FE94D71FB2CD18847F5E28C8BF486.torrent
2014-04-30 03:21 - 2014-04-30 13:52 - 00000971 _____ () C:\Users\roxio\Desktop\New Text Document.txt
2014-04-30 02:48 - 2014-04-30 02:48 - 00014850 _____ () C:\Users\Anjing\Downloads\[kickass.to]hoshino.yoshii.xv.1061.jav.censored.dvdrip.xvid.mottto.torrent
2014-04-30 02:45 - 2014-04-30 02:45 - 00020213 _____ () C:\Users\Anjing\Downloads\[JAVTORRENT.BIZ]0815-XV1061.torrent
2014-04-29 22:06 - 2013-11-21 03:10 - 05132656 _____ (INCA Internet Co., Ltd.) C:\Windows\system32\GameMon.des
2014-04-29 04:21 - 2014-04-29 04:21 - 00000000 ___DC () C:\Users\Anjing\AppData\Local\Razer_Inc
2014-04-29 04:21 - 2014-04-29 04:21 - 00000000 ____D () C:\Users\Anjing\Documents\Razer
2014-04-29 03:51 - 2014-04-30 13:19 - 00000000 ___DC () C:\Users\Anjing\AppData\Local\Razer
2014-04-28 23:48 - 2014-04-28 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-04-28 23:48 - 2014-04-28 23:48 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-28 23:48 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2014-04-28 23:37 - 2014-04-28 23:37 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-04-28 23:37 - 2014-04-28 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2014-04-28 23:37 - 2014-04-28 23:37 - 00000000 ____D () C:\Program Files\Folder Size
2014-04-28 23:34 - 2014-04-29 00:07 - 00000000 ____D () C:\Program Files\Recuva
2014-04-27 23:56 - 2014-04-27 23:56 - 00000787 _____ () C:\Users\roxio\Desktop\League of Legends.lnk
2014-04-19 21:46 - 2014-04-19 21:46 - 00000000 ___DC () C:\SBLauncher
2014-04-19 00:21 - 2014-04-19 00:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2014-04-19 00:15 - 2014-04-28 22:03 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-04-18 18:53 - 2014-04-18 18:53 - 00000132 _____ () C:\Users\Anjing\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-04-18 16:46 - 2014-04-18 16:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 16:46 - 2014-04-18 16:46 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 16:46 - 2014-04-18 16:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 16:46 - 2014-04-18 16:46 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-14 22:30 - 2014-04-14 22:30 - 00000005 _____ () C:\Users\Anjing\AppData\Roaming\mbam.context.scan
2014-04-13 19:58 - 2014-04-21 21:55 - 00000000 ____D () C:\Users\roxio\Documents\Video
2014-04-12 14:19 - 2014-04-12 14:19 - 00005959 _____ () C:\Users\roxio\Documents\My Favorite Theme.theme
2014-04-10 19:27 - 2014-04-10 19:31 - 12632044 _____ () C:\Users\Anjing\Downloads\Calligraphy.themepack
2014-04-10 06:23 - 2014-02-06 09:56 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-05 18:49 - 2014-04-23 21:01 - 00000000 ____D () C:\Program Files\SMART BRO
2014-04-05 18:49 - 2014-04-05 18:53 - 00000000 ____D () C:\Windows\system32\SupportAppXL
2014-04-05 18:49 - 2009-10-10 16:41 - 00105088 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbvoice.sys
2014-04-05 18:49 - 2009-10-10 16:40 - 00114688 _____ (ZTE Corporation) C:\Windows\system32\Drivers\ZTEusbnet.sys
2014-04-05 18:49 - 2009-10-10 16:40 - 00105088 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2014-04-05 18:49 - 2009-10-10 16:40 - 00105088 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmeaext.sys
2014-04-05 18:49 - 2009-10-10 16:40 - 00105088 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2014-04-05 18:49 - 2009-10-10 16:39 - 00105088 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys

==================== One Month Modified Files and Folders =======

2014-05-01 00:50 - 2014-05-01 00:43 - 00017280 _____ () C:\Users\roxio\Downloads\FRST.txt
2014-05-01 00:50 - 2014-05-01 00:42 - 00000000 ___DC () C:\FRST
2014-05-01 00:42 - 2014-05-01 00:42 - 01050624 _____ (Farbar) C:\Users\roxio\Downloads\FRST.exe
2014-04-30 23:18 - 2006-11-02 20:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-30 23:18 - 2006-11-02 20:47 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-30 22:59 - 2011-07-09 16:28 - 00000932 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1355892921-4227396954-4140540508-1002UA.job
2014-04-30 22:56 - 2009-10-20 16:43 - 00077312 _____ () C:\Users\roxio\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-30 22:44 - 2014-04-30 21:38 - 00000000 ____D () C:\Users\roxio\Desktop\RK_Quarantine
2014-04-30 22:36 - 2014-04-30 21:21 - 00000000 ____D () C:\Users\roxio\Desktop\Collection of Movies
2014-04-30 22:25 - 2014-04-30 22:25 - 00513136 _____ () C:\Users\roxio\Desktop\Silent Runners.vbs
2014-04-30 22:12 - 2014-04-30 22:12 - 00071228 _____ () C:\Users\roxio\Downloads\SPTDinst-v186-x86.exe
2014-04-30 21:52 - 2014-04-30 21:49 - 00000000 ____D () C:\ProgramData\SecTaskMan
2014-04-30 21:50 - 2014-04-30 21:50 - 00013561 _____ () C:\Users\roxio\Downloads\[kickass.to]malwarebytes.anti.malware.pro.1.75.0.1300.final.multilanguage.incl.serial.scenedl.torrent
2014-04-30 21:49 - 2014-04-30 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
2014-04-30 21:49 - 2014-04-30 21:49 - 00000000 ____D () C:\Program Files\Security Task Manager
2014-04-30 21:48 - 2014-04-30 21:46 - 02365840 _____ () C:\Users\roxio\Downloads\SecurityTaskManager_Setup.exe
2014-04-30 21:43 - 2014-02-11 18:42 - 01477098 _____ () C:\Windows\WindowsUpdate.log
2014-04-30 21:40 - 2014-04-30 21:40 - 00026624 _____ () C:\Windows\system32\TrueSight.sys
2014-04-30 21:34 - 2012-10-27 18:33 - 00000000 ___DC () C:\Users\roxio\Desktop\Stuff
2014-04-30 21:27 - 2014-04-30 21:07 - 00000000 ____D () C:\Users\roxio\Desktop\Roxio Files
2014-04-30 21:18 - 2014-04-30 20:14 - 00002462 _____ () C:\Windows\PFRO.log
2014-04-30 21:18 - 2012-02-26 07:40 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-30 21:18 - 2006-11-02 21:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-30 21:16 - 2014-04-30 20:13 - 00023583 _____ () C:\Windows\Partizan.log
2014-04-30 21:16 - 2006-11-02 21:01 - 00032602 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-30 21:07 - 2009-12-28 10:26 - 00000000 ____D () C:\Users\roxio\AppData\Roaming\vlc
2014-04-30 20:56 - 2014-04-30 20:51 - 00000000 ____D () C:\Program Files\Unlocker
2014-04-30 20:51 - 2014-04-30 20:51 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-04-30 20:50 - 2010-02-21 12:42 - 00000000 ____D () C:\Windows\pss
2014-04-30 20:49 - 2014-01-17 21:10 - 00002057 _____ () C:\Windows\epplauncher.mif
2014-04-30 20:17 - 2013-12-14 22:38 - 00000000 ___RD () C:\Users\roxio\Desktop\System Care
2014-04-30 20:16 - 2014-04-30 12:45 - 00000000 __SHD () C:\ProgramData\Windows Manager
2014-04-30 20:14 - 2009-11-10 15:45 - 00000000 ____D () C:\Program Files\Yahoo!
2014-04-30 19:27 - 2014-04-30 19:23 - 05459368 _____ () C:\Users\Anjing\Downloads\Unconfirmed 875106.crdownload
2014-04-30 19:27 - 2014-04-30 19:21 - 09096848 _____ (SurfRight B.V.) C:\Users\Anjing\Downloads\Unconfirmed 901997.crdownload
2014-04-30 19:25 - 2014-04-30 19:23 - 03972608 _____ () C:\Users\Anjing\Downloads\RogueKiller.exe
2014-04-30 19:25 - 2014-04-30 19:23 - 01678013 _____ () C:\Users\Anjing\Downloads\pc-decrapifier-2.3.1.exe
2014-04-30 19:24 - 2014-04-30 19:23 - 01153912 _____ (Emsi Software GmbH) C:\Users\Anjing\Downloads\BlitzBlank.exe
2014-04-30 19:16 - 2014-04-30 17:32 - 00000000 __SHD () C:\Program Files\Windows Manager
2014-04-30 19:07 - 2014-04-30 19:07 - 05654888 _____ (Microsoft Corporation) C:\Users\Anjing\Downloads\msxml4-KB941833-enu.exe
2014-04-30 19:01 - 2014-04-30 19:01 - 00929416 _____ (CNET Download.com) C:\Users\Anjing\Downloads\cbsidlm-cbsi188-Unlocker-ORG-10493998.exe
2014-04-30 18:46 - 2014-04-30 18:46 - 00000000 _____ () C:\Windows\system32\rd
2014-04-30 18:43 - 2014-04-30 18:43 - 00000000 ____C () C:\Users\Anjing\del
2014-04-30 18:43 - 2009-11-10 15:31 - 00000000 __RDC () C:\Users\Anjing
2014-04-30 18:30 - 2009-11-14 11:39 - 00000000 ____D () C:\ProgramData\Skype
2014-04-30 18:25 - 2014-04-30 18:25 - 00000000 ____D () C:\ProgramData\LHService
2014-04-30 18:17 - 2014-04-30 18:17 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\LockHunter
2014-04-30 18:16 - 2014-04-30 18:15 - 03029032 _____ (Crystal Rich Ltd ) C:\Users\Anjing\Downloads\lockhuntersetup_3-1-1.exe
2014-04-30 18:09 - 2014-04-30 18:09 - 00000082 _____ () C:\Users\Anjing\Documents\cc_20140430_180902.reg
2014-04-30 18:07 - 2014-03-18 15:06 - 00000000 ____D () C:\Program Files\CCleaner
2014-04-30 18:01 - 2014-04-30 17:55 - 92115656 _____ (Sophos Limited) C:\Users\Anjing\Downloads\Sophos Virus Removal Tool.exe
2014-04-30 18:01 - 2009-11-14 10:52 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\uTorrent
2014-04-30 17:57 - 2009-11-15 08:56 - 00221184 _____ () C:\Users\Anjing\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-30 16:43 - 2010-12-04 14:28 - 00000000 ____D () C:\Users\Guest
2014-04-30 16:43 - 2009-10-16 15:18 - 00000000 ____D () C:\Users\roxio
2014-04-30 16:43 - 2006-11-02 19:18 - 00000000 ____D () C:\Windows\registration
2014-04-30 16:43 - 2006-11-02 18:22 - 49807360 _____ () C:\Windows\system32\config\software_previous
2014-04-30 16:43 - 2006-11-02 18:22 - 47185920 _____ () C:\Windows\system32\config\system_previous
2014-04-30 16:43 - 2006-11-02 18:22 - 35651584 _____ () C:\Windows\system32\config\components_previous
2014-04-30 16:43 - 2006-11-02 18:22 - 01310720 _____ () C:\Windows\system32\config\default_previous
2014-04-30 16:43 - 2006-11-02 18:22 - 00262144 _____ () C:\Windows\system32\config\security_previous
2014-04-30 16:43 - 2006-11-02 18:22 - 00131072 _____ () C:\Windows\system32\config\sam_previous
2014-04-30 16:21 - 2013-05-16 08:05 - 00000000 ____D () C:\Program Files\WordWeb
2014-04-30 16:11 - 2014-04-30 16:10 - 01016261 _____ () C:\Users\Anjing\Downloads\JRT.exe
2014-04-30 15:46 - 2014-04-30 15:42 - 00000000 ____D () C:\Users\Anjing\Documents\RegRun2
2014-04-30 15:42 - 2014-04-30 15:42 - 00000002 RSHOT () C:\Windows\winstart.bat
2014-04-30 15:42 - 2014-04-30 15:40 - 00000000 ____D () C:\Users\Anjing\Downloads\unhackme
2014-04-30 15:42 - 2006-11-02 18:23 - 00002577 _____ () C:\Windows\system32\config.nt
2014-04-30 15:42 - 2006-11-02 18:23 - 00001688 _____ () C:\Windows\system32\autoexec.nt
2014-04-30 15:33 - 2013-10-17 19:29 - 00000000 ___DC () C:\AdwCleaner
2014-04-30 15:25 - 2012-12-02 21:19 - 00000000 ____D () C:\Users\roxio\Downloads\Torrents
2014-04-30 14:56 - 2014-04-30 14:56 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\SUPERAntiSpyware.com
2014-04-30 14:56 - 2014-04-30 14:56 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2014-04-30 14:46 - 2014-04-30 14:45 - 12569408 _____ (IObit) C:\Users\Anjing\Downloads\iobituninstaller.exe
2014-04-30 14:18 - 2009-11-20 18:03 - 00000424 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{14B97343-1BF9-4B21-A8B4-5B9C1DB42638}.job
2014-04-30 13:56 - 2013-05-22 18:12 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\Macromedia
2014-04-30 13:52 - 2014-04-30 03:21 - 00000971 _____ () C:\Users\roxio\Desktop\New Text Document.txt
2014-04-30 13:48 - 2012-07-09 16:22 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-30 13:45 - 2012-02-26 07:40 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-30 13:19 - 2014-04-29 03:51 - 00000000 ___DC () C:\Users\Anjing\AppData\Local\Razer
2014-04-30 13:13 - 2011-03-31 21:23 - 00000000 ____D () C:\ProgramData\GarenaMessenger
2014-04-30 03:41 - 2014-04-30 03:41 - 00011637 _____ () C:\Users\Anjing\Downloads\1A5BF48AA25FE94D71FB2CD18847F5E28C8BF486.torrent
2014-04-30 02:48 - 2014-04-30 02:48 - 00014850 _____ () C:\Users\Anjing\Downloads\[kickass.to]hoshino.yoshii.xv.1061.jav.censored.dvdrip.xvid.mottto.torrent
2014-04-30 02:45 - 2014-04-30 02:45 - 00020213 _____ () C:\Users\Anjing\Downloads\[JAVTORRENT.BIZ]0815-XV1061.torrent
2014-04-29 23:50 - 2012-07-09 16:22 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-04-29 23:50 - 2012-03-08 10:24 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-04-29 22:18 - 2014-04-30 13:55 - 00452608 __RSH (Duplex Secure Ltd.) C:\Windows\system32\Microsoft.com
2014-04-29 22:18 - 2014-04-30 12:45 - 00452608 __RSH (Duplex Secure Ltd.) C:\ProgramData\Microsoft.com
2014-04-29 20:53 - 2011-09-30 09:24 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\GarenaPlus
2014-04-29 20:00 - 2011-07-09 16:27 - 00000910 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1355892921-4227396954-4140540508-1002Core.job
2014-04-29 16:51 - 2010-12-06 14:38 - 00000000 ____D () C:\Users\Guest\AppData\Roaming\uTorrent
2014-04-29 12:22 - 2011-03-31 21:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garena
2014-04-29 04:21 - 2014-04-29 04:21 - 00000000 ___DC () C:\Users\Anjing\AppData\Local\Razer_Inc
2014-04-29 04:21 - 2014-04-29 04:21 - 00000000 ____D () C:\Users\Anjing\Documents\Razer
2014-04-29 00:07 - 2014-04-28 23:34 - 00000000 ____D () C:\Program Files\Recuva
2014-04-28 23:54 - 2013-12-14 16:32 - 00000000 ____D () C:\Program Files\IObit
2014-04-28 23:48 - 2014-04-28 23:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2014-04-28 23:48 - 2014-04-28 23:48 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-04-28 23:37 - 2014-04-28 23:37 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-04-28 23:37 - 2014-04-28 23:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Folder Size
2014-04-28 23:37 - 2014-04-28 23:37 - 00000000 ____D () C:\Program Files\Folder Size
2014-04-28 22:10 - 2009-12-28 16:32 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-28 22:03 - 2014-04-19 00:15 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2014-04-28 22:03 - 2011-02-06 06:40 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-04-28 02:42 - 2010-11-29 21:46 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\vlc
2014-04-27 23:56 - 2014-04-27 23:56 - 00000787 _____ () C:\Users\roxio\Desktop\League of Legends.lnk
2014-04-27 21:11 - 2013-05-26 01:10 - 00001902 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-27 17:11 - 2012-07-15 06:34 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-04-27 17:07 - 2012-07-15 06:45 - 00000000 ____D () C:\Program Files\Common Files\Sony Shared
2014-04-23 22:40 - 2009-12-26 04:55 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\dvdcss
2014-04-23 21:05 - 2006-11-02 18:33 - 00780582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 21:04 - 2011-11-22 19:01 - 00000000 ____D () C:\Users\Anjing\Collection of Movies
2014-04-23 21:01 - 2014-04-05 18:49 - 00000000 ____D () C:\Program Files\SMART BRO
2014-04-21 21:55 - 2014-04-13 19:58 - 00000000 ____D () C:\Users\roxio\Documents\Video
2014-04-19 21:46 - 2014-04-19 21:46 - 00000000 ___DC () C:\SBLauncher
2014-04-19 21:17 - 2012-07-15 06:36 - 00000000 ____D () C:\Users\Anjing\AppData\Local\Downloaded Installations
2014-04-19 00:21 - 2014-04-19 00:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_netaapl_01009.Wdf
2014-04-18 18:53 - 2014-04-18 18:53 - 00000132 _____ () C:\Users\Anjing\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-04-18 16:46 - 2014-04-18 16:46 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-04-18 16:46 - 2014-04-18 16:46 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-04-18 16:46 - 2014-04-18 16:46 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-04-18 16:46 - 2014-04-18 16:46 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-04-18 15:02 - 2006-11-02 19:18 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-04-18 14:38 - 2009-11-14 15:37 - 00000000 ___DC () C:\Users\Anjing\AppData\Local\Adobe
2014-04-16 15:26 - 2012-07-15 07:44 - 00000000 ____D () C:\Users\Anjing\Podcasts
2014-04-15 23:36 - 2013-11-25 18:40 - 00000000 ____D () C:\Users\roxio\Documents\pics
2014-04-15 18:16 - 2009-11-10 15:33 - 00000000 ____D () C:\Users\Anjing\AppData\Roaming\Adobe
2014-04-14 22:30 - 2014-04-14 22:30 - 00000005 _____ () C:\Users\Anjing\AppData\Roaming\mbam.context.scan
2014-04-12 14:19 - 2014-04-12 14:19 - 00005959 _____ () C:\Users\roxio\Documents\My Favorite Theme.theme
2014-04-10 19:31 - 2014-04-10 19:27 - 12632044 _____ () C:\Users\Anjing\Downloads\Calligraphy.themepack
2014-04-10 11:28 - 2009-08-16 00:03 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-10 11:14 - 2013-09-24 23:16 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 11:14 - 2006-11-02 18:24 - 88028728 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-04-09 20:04 - 2014-01-22 22:30 - 00000000 ___RD () C:\Users\Anjing\Documents\The Big Bang Theory
2014-04-07 22:51 - 2014-03-18 15:08 - 00000000 ____D () C:\Program Files\Auslogics Disk Defrag Professional
2014-04-06 17:21 - 2014-01-31 16:55 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-04-06 15:55 - 2013-05-26 01:01 - 00000000 ___DC () C:\Users\Anjing\AppData\Local\Macromedia
2014-04-05 18:53 - 2014-04-05 18:49 - 00000000 ____D () C:\Windows\system32\SupportAppXL
2014-04-05 18:49 - 2010-09-25 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SMART BRO
2014-04-03 20:28 - 2013-10-15 16:19 - 00001576 _____ () C:\Users\roxio\Desktop\Wallpapers.lnk

Files to move or delete:
====================
C:\Users\Anjing\AppData\Roaming\swk.ini


Some content of TEMP:
====================
C:\Users\Anjing\AppData\Local\Temp\msvcp110.dll
C:\Users\Anjing\AppData\Local\Temp\msvcr110.dll
C:\Users\Anjing\AppData\Local\Temp\pc-decrapifier.exe
C:\Users\Anjing\AppData\Local\Temp\sqlite3.dll
C:\Users\roxio\AppData\Local\Temp\ntdll_dump.dll


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  partition=C:
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {404e1355-6d4e-11dd-aa99-001e33463af1}
displayorder            {current}
toolsdisplayorder       {572bcd56-ffa7-11d9-aae0-0007e994107d}
                        {memdiag}
timeout                 30
resume                  No
customactions           0x1000000720001
                        0x54000001
custom:54000001         {572bcd56-ffa7-11d9-aae0-0007e994107d}

Windows Boot Loader
-------------------
identifier              {current}
device                  partition=C:
path                    \Windows\system32\winload.exe
description             Microsoft Windows Vista
locale                  en-US
inherit                 {bootloadersettings}
recoverysequence        {572bcd56-ffa7-11d9-aae0-0007e994107d}
recoveryenabled         Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {404e1355-6d4e-11dd-aa99-001e33463af1}
nx                      OptIn

Windows Boot Loader
-------------------
identifier              {572bcd56-ffa7-11d9-aae0-0007e994107d}
device                  ramdisk=[\Device\HarddiskVolume1]\Sources\boot.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
path                    \windows\system32\boot\winload.exe
description             Windows Recovery Environment
osdevice                ramdisk=[\Device\HarddiskVolume1]\Sources\boot.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes

Resume from Hibernate
---------------------
identifier              {404e1355-6d4e-11dd-aa99-001e33463af1}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
pae                     Yes
debugoptionenabled      No

Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes

Windows Legacy OS Loader
------------------------
identifier              {ntldr}
device                  unknown
path                    \ntldr
description             Earlier Version of Windows

EMS Settings
------------
identifier              {emssettings}
bootems                 Yes

Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200

RAM Defects
-----------
identifier              {badmemory}

Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}

Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}

Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}

Device options
--------------
identifier              {ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
description             Ramdisk Device Options
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \boot.sdi



LastRegBack: 2014-04-30 22:39

==================== End Of Log ============================