start
CloseProcesses:
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
C:\ProgramData\IePluginServices
() C:\Program Files (x86)\RocketTab\Client.exe
C:\Program Files (x86)\RocketTab
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
C:\Program Files (x86)\Application Updater
() C:\Program Files\005\cyycfhtzro64.exe
C:\Program Files\005
() C:\Program Files\DnsSignal\barelysignal.exe
() C:\Program Files\DnsSignal\barelysignal.exe
() C:\Program Files\DnsSignal\barelysignal2.exe
C:\Program Files\DnsSignal
(YTDownloader) C:\Program Files (x86)\YTDownloader\YTDownloader.exe
C:\Program Files (x86)\YTDownloader
() C:\Users\Jon Lowry\AppData\Local\PennyBee\PennyBeeW.exe
C:\Users\Jon Lowry\AppData\Local\PennyBee
() C:\Users\Jon Lowry\AppData\Local\WSE_Astromenda\BRS\brs.exe
C:\Users\Jon Lowry\AppData\Local\WSE_Astromenda
(MyPCBackup.com) C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
C:\Program Files (x86)\MyPC Backup
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(Spigot Inc) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
C:\Program Files (x86)\Common Files\Spigot
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
C:\Program Files (x86)\Mobogenie
HKLM-x32\...\Run: [fst_us_178] => [X]
HKLM-x32\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2014-08-25] (YTDownloader)
C:\Program Files (x86)\YTDownloader
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1608000 2014-08-22] (Spigot, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start http://www.avg.com/w...&"ver=10.0.1427
HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Run: [iLivid] => "C:\Users\Jon Lowry\AppData\Local\iLivid\iLivid.exe" -autorun
C:\Users\Jon Lowry\AppData\Local\iLivid
HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Run: [YTDownloader] => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [1988968 2014-08-25] (YTDownloader)
C:\Program Files (x86)\YTDownloader
HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Run: [PeenyBee] => C:\Users\Jon Lowry\AppData\Local\PennyBee\PennyBeeW.exe [408584 2014-08-18] ()
C:\Users\Jon Lowry\AppData\Local\PennyBee
HKU\S-1-5-21-538650268-2924358156-1730836174-1000\...\Run: [BRS] => C:\Users\Jon Lowry\AppData\Local\WSE_Astromenda\BRS\brs.exe [1074688 2014-09-11] ()
C:\Users\Jon Lowry\AppData\Local\WSE_Astromenda
Startup: C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
BootExecute: ä* //www.bleepingcomputer.com/combofix/how-to-use-combofix~n~nnote: you may be infected with a file patching virus 'virut't'
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyServer: http=127.0.0.1:49191;https=127.0.0.1:49191
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://astromenda.co...=1259392873&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istart123...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istart123...q={searchTerms}
URLSearchHook: HKCU - Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.7\vuzeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.7\vuzeToolbarIE.dll (Spigot, Inc.)
C:\Program Files (x86)\Vuze Remote Toolbar
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {4C6AB4BD-96D7-4335-97AB-C4588C2427C2} URL = http://en.wikipedia....h={searchTerms}
SearchScopes: HKLM - {4FDD993D-F656-4134-8E18-AFCCC84F8912} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-search.ne...q={searchTerms}
SearchScopes: HKLM - {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = 
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKCU - DefaultScope {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKCU - F12BAB76371E486CBA05A93378B22524 URL = http://search.condui...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = https://search.yahoo...p={searchTerms}
SearchScopes: HKCU - {39D8810E-1A9F-462E-8029-266DFD9E8606} URL = http://www.dnssignal...s={searchTerms}
SearchScopes: HKCU - {446260B0-A943-4C26-AFBC-72E2A2E12756} URL = http://start.mysearc...=1820541918&ir=
SearchScopes: HKCU - {4C6AB4BD-96D7-4335-97AB-C4588C2427C2} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://astromenda.co...=1259392873&ir=
SearchScopes: HKCU - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-search.ne...q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKCU - {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL = http://www.trovi.com...rchTerms}&SSPV=
BHO: Object Browser -> {11111111-1111-1111-1111-110311281150} -> C:\Program Files (x86)\Object Browser\Object Browser-bho64.dll (Object Browser)
C:\Program Files (x86)\Object Browser
BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO-x32: Vuze Remote Toolbar -> {05478A66-EDB6-4A22-A870-A5987F80A7DA} -> C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.7\vuzeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Object Browser -> {11111111-1111-1111-1111-110311281150} -> C:\Program Files (x86)\Object Browser\Object Browser-bho.dll (Object Browser)
BHO-x32: AllDaySavings -> {fbdff406-2c4c-5d35-8469-34bb67ea3353} -> C:\Program Files\B021CBBD-E38E-4F8C-8E93-6624B0597A23\kzhxnitccw.dll ()
C:\Program Files\B021CBBD-E38E-4F8C-8E93-6624B0597A23
Toolbar: HKLM - Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.7\vuzeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - Vuze Remote Toolbar - {05478A66-EDB6-4A22-A870-A5987F80A7DA} - C:\Program Files (x86)\Vuze Remote Toolbar\IE\9.7\vuzeToolbarIE.dll (Spigot, Inc.)
Winsock: Catalog5 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5-x64 01 %SystemRoot%\System32\mswsock.dll [327168] (Microsoft Corporation) ATTENTION: The LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
FF Keyword.URL: https://search.yahoo...94519&ilc=12&p=
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
C:\Program Files (x86)\globalUpdate
FF user.js: detected! => C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\user.js
FF SearchPlugin: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\Mysearchdial.xml
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\Mysearchdial.xml
FF SearchPlugin: C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\yahoo_ff.xml
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\scenicreflectionstb.xml
C:\Program Files (x86)\mozilla firefox\searchplugins\scenicreflectionstb.xml
FF Extension: Object Browser - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com [2014-09-10]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\9321b276-2c2e-4c5f-bd04-b8118e512707@c0c8a2d6-3275-4cac-a0b2-52e936311db9.com
FF Extension: {{EXT_NAME}} - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\pbupload@photobucket.com [2014-09-13]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\pbupload@photobucket.com
FF Extension: Slick Savings - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\savingsslider@mybrowserbar.com [2014-01-15]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\savingsslider@mybrowserbar.com
FF Extension: Websteroids - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\support@websteroidsapp.com [2013-12-23]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\support@websteroidsapp.com
FF Extension: Start Page - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362} [2014-01-15]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}
FF Extension: MySearchDial NewTab - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-01-15]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
FF Extension: AllDaySavings - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\j005-bwqhdvbmcimdkh@jetpack.xpi [2014-07-28]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\Extensions\j005-bwqhdvbmcimdkh@jetpack.xpi
FF HKLM\...\Firefox\Extensions: [{C4CFC0DE-134F-4466-B2A2-FF7C59A8BFAD}] - C:\Program Files\Updater By SweetPacks\Firefox
C:\Program Files\Updater By SweetPacks
FF HKCU\...\FireFox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
C:\Program Files (x86)\Wajam
FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC} [Not Found]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{2A47DBFD-567F-4159-AD6A-B0D9CF6CCDFC}
FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919} [Not Found]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\{8f02605d-be4e-41ba-bd00-c39a59c46919}
FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\927571a5c34c476fbf9f2ed9e@8e7e940e6a314c63a357ced35576d.com [Not Found]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\927571a5c34c476fbf9f2ed9e@8e7e940e6a314c63a357ced35576d.com
FF Extension: No Name - C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\herman.thorne45@outlook.com [Not Found]
C:\Users\Jon Lowry\AppData\Roaming\Mozilla\Firefox\Profiles\8mzbhq3r.default\extensions\herman.thorne45@outlook.com
CHR HomePage: Default -> hxxp://astromenda.com/?f=1&a=ast_secureddownload_14_37_ch&cd=2XzuyEtN2Y1L1Qzu0A0CzztCtCtBtC0CtDyCyD0Czy0FtBtCtN0D0Tzu0SzyzzyCtN1L2XzutAtFtBtFyDtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyD0DzztDzz0C0DzztGzyyD0DyEtGtDtByCtCtGyBtC0ByCtGtBtBtD0FyD0AtCyCtA0A0FtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyCyD0ByC0A0D0A0AtG0C0C0EtAtGyE0BtBtAtGzy0AtCyEtG0FzytAtBtD0DyCyDtBtCzy0E2Q&cr=1259392873&ir=
CHR DefaultSuggestURL: Default -> https://ff.search.ya...d={searchTerms}
CHR Extension: (Google Search) - C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-21]
C:\Users\Jon Lowry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
CHR HKCU\...\Chrome\Extension: [dnmlhhbehhdmajijfenoldcajelckpmn] - C:\Users\Jon Lowry\AppData\Local\CRE\dnmlhhbehhdmajijfenoldcajelckpmn.crx []
CHR HKCU\...\Chrome\Extension: [kepfgejmidkmoiimkfdjocdjhbcpmlmg] - C:\Users\Jon Lowry\AppData\Local\CRE\kepfgejmidkmoiimkfdjocdjhbcpmlmg.crx []
CHR HKCU\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Jon Lowry\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx []
CHR HKCU\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Jon Lowry\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx []
CHR HKCU\...\Chrome\Extension: [njljkdinboobkmkihgcohanchjnjpgjk] - C:\Users\Jon Lowry\AppData\Local\CRE\njljkdinboobkmkihgcohanchjnjpgjk.crx []
C:\Users\Jon Lowry\AppData\Local\CRE
CHR HKCU\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\JONLOW~1\AppData\Local\mysearchdial-speeddial.crx [2014-01-15]
C:\Users\JONLOW~1\AppData\Local\mysearchdial-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [dfkfeemgjcjcednnaoemnjdiakmjbbbh] - C:\ProgramData\ADDICT-THING\dfkfeemgjcjcednnaoemnjdiakmjbbbh.crx [2014-01-15]
C:\ProgramData\ADDICT-THING
CHR HKLM-x32\...\Chrome\Extension: [dnmlhhbehhdmajijfenoldcajelckpmn] - C:\Users\Jon Lowry\AppData\Local\CRE\dnmlhhbehhdmajijfenoldcajelckpmn.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
C:\Program Files (x86)\Common Files\Spigot
CHR HKLM-x32\...\Chrome\Extension: [icdlfehblmklkikfigmjhbmmpmkmpooj] - C:\Program Files (x86)\Common Files\Spigot\GC\ErrorAssistant_1.3.crx [2013-12-27]
CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\Jon Lowry\AppData\Local\Wajam\Chrome\wajam.crx [2012-09-14]
C:\Users\Jon Lowry\AppData\Local\Wajam
CHR HKLM-x32\...\Chrome\Extension: [kepfgejmidkmoiimkfdjocdjhbcpmlmg] - C:\Users\Jon Lowry\AppData\Local\CRE\kepfgejmidkmoiimkfdjocdjhbcpmlmg.crx [2012-09-14]
CHR HKLM-x32\...\Chrome\Extension: [klibnahbojhkanfgaglnlalfkgpcppfi] - C:\Users\Jon Lowry\AppData\Local\CRE\klibnahbojhkanfgaglnlalfkgpcppfi.crx [2012-09-14]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Jon Lowry\AppData\Local\Slick Savings\coupons.crx [2014-01-15]
C:\Users\Jon Lowry\AppData\Local\Slick Savings
CHR HKLM-x32\...\Chrome\Extension: [nemfjadlboooiffmcelkafilagddogim] - C:\Users\Jon Lowry\AppData\Local\CRE\nemfjadlboooiffmcelkafilagddogim.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [njljkdinboobkmkihgcohanchjnjpgjk] - C:\Users\Jon Lowry\AppData\Local\CRE\njljkdinboobkmkihgcohanchjnjpgjk.crx [2014-01-15]
CHR HKLM-x32\...\Chrome\Extension: [npffmjkglbnioaoncpfmdbmehnbcldfh] - C:\Program Files (x86)\LyricSing\130.crx [2011-02-07]
C:\Program Files (x86)\LyricSing
CHR HKLM-x32\...\Chrome\Extension: [pflphaooapbgpeakohlggbpidpppgdff] - C:\Users\JONLOW~1\AppData\Local\mysearchdial-speeddial.crx [2014-01-15]
C:\Users\JONLOW~1\AppData\Local\mysearchdial-speeddial.crx
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
C:\Program Files (x86)\Common Files\Spigot
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-03] (Just Develop It)
C:\Program Files (x86)\MyPC Backup
R2 cyycfhtzro64; C:\Program Files\005\cyycfhtzro64.exe [709120 2014-07-25] () [File not signed]
C:\Program Files\005
R2 DnsSignal Service; C:\Program Files\DnsSignal\barelysignal.exe [67584 2014-05-20] () [File not signed]
C:\Program Files\DnsSignal
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-10] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-10] (globalUpdate) [File not signed]
C:\Program Files (x86)\globalUpdate
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [702344 2014-07-25] (Cherished Technololgy LIMITED)
C:\ProgramData\IePluginServices
R2 sbmntr; C:\Program Files (x86)\YTDownloader\sbmntr.sys [58728 2014-08-25] (YTDownloader)
C:\Program Files (x86)\YTDownloader
R1 {9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64; C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys [61120 2014-07-24] (StdLib)
C:\Windows\System32\drivers\{9a9157bb-003e-4fef-8bd1-c09bc4586a28}Gw64.sys
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
C:\ComboFix\catchme.sys
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
C:\Windows\system32\drivers\EagleX64.sys
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]
C:\Program Files\Common Files\Goobzo
S1 ssnfd; system32\drivers\ssnfd.sys [X]
U2 TMAgent; No ImagePath
2014-09-16 07:58 - 2014-09-16 07:58 - 00000165 ____H () C:\Users\Jon Lowry\Desktop\~$Garb for Faire.xlsx
2014-09-13 12:47 - 2014-09-11 10:47 - 00000306 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-09-13 12:40 - 2014-09-10 00:26 - 00003464 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-6.job
2014-09-13 12:31 - 2014-09-10 00:26 - 00003128 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-3.job
2014-09-13 12:31 - 2014-09-10 00:26 - 00000964 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-13 12:27 - 2014-09-10 00:27 - 00002766 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-1.job
2014-09-13 12:27 - 2014-09-10 00:27 - 00002440 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5_user.job
2014-09-13 12:27 - 2014-09-10 00:27 - 00002440 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5.job
2014-09-13 12:27 - 2014-09-10 00:27 - 00002104 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-2.job
2014-09-13 12:26 - 2014-09-10 00:26 - 00004490 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-11.job
2014-09-13 12:26 - 2014-09-10 00:26 - 00003808 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-4.job
2014-09-13 12:26 - 2014-09-10 00:26 - 00003128 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-7.job
2014-09-13 11:56 - 2014-09-10 00:26 - 00000960 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-13 11:56 - 2011-06-10 18:33 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-11 11:00 - 2014-09-11 11:00 - 00004162 _____ () C:\Windows\System32\Tasks\RocketTab Update Task
2014-09-11 11:00 - 2014-09-11 11:00 - 00003376 _____ () C:\Windows\System32\Tasks\RocketTab
2014-09-11 11:00 - 2014-09-11 11:00 - 00001848 _____ () C:\Users\Public\Desktop\Vuze.lnk
2014-09-11 11:00 - 2014-09-11 11:00 - 00001848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk
2014-09-11 11:00 - 2014-09-11 11:00 - 00000000 ____D () C:\Program Files (x86)\RocketTab
2014-09-11 10:58 - 2014-01-17 00:35 - 00000000 ____D () C:\Program Files (x86)\Vuze
2014-09-11 10:47 - 2014-09-13 12:47 - 00000306 _____ () C:\Windows\Tasks\WSE_Astromenda.job
2014-09-11 10:47 - 2014-09-11 10:47 - 00003264 _____ () C:\Windows\System32\Tasks\WSE_Astromenda
2014-09-11 10:47 - 2014-09-11 10:47 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\WSE_Astromenda
2014-09-11 10:47 - 2014-09-11 10:47 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\WSE_Astromenda
2014-09-11 10:47 - 2014-09-11 10:47 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\PennyBee
2014-09-11 10:47 - 2014-09-11 10:47 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Local\ICSharpCode.net
2014-09-11 10:47 - 2014-09-11 10:45 - 00071824 _____ (Azureus Software, Inc.) C:\Users\Jon Lowry\Downloads\vuze.exe
2014-09-11 10:45 - 2014-09-11 10:45 - 00800960 _____ ( ) C:\Users\Jon Lowry\Downloads\vuze_setup.exe
2014-09-11 10:44 - 2014-09-10 00:33 - 00000000 ____D () C:\Program Files\DnsSignal
2014-09-11 10:44 - 2014-09-01 23:28 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-09-10 00:41 - 2014-06-05 11:08 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-09-10 00:35 - 2014-09-10 00:33 - 00000000 ____D () C:\ProgramData\DnsSignal
2014-09-10 00:33 - 2014-09-11 10:44 - 00000000 ____D () C:\Program Files\DnsSignal
2014-09-10 00:33 - 2014-09-10 00:33 - 00000000 _____ () C:\ProgramData\2b2821382e352b272c272e2237302d_c
2014-09-10 00:27 - 2014-09-13 12:27 - 00002766 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-1.job
2014-09-10 00:27 - 2014-09-13 12:27 - 00002440 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5_user.job
2014-09-10 00:27 - 2014-09-13 12:27 - 00002440 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5.job
2014-09-10 00:27 - 2014-09-13 12:27 - 00002104 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-2.job
2014-09-10 00:27 - 2014-09-10 00:27 - 00005796 _____ () C:\Windows\System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-1
2014-09-10 00:27 - 2014-09-10 00:27 - 00005470 _____ () C:\Windows\System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5
2014-09-10 00:27 - 2014-09-10 00:27 - 00005134 _____ () C:\Windows\System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-2
2014-09-10 00:27 - 2014-09-10 00:27 - 00003562 _____ () C:\Windows\System32\Tasks\FFMPEGUpd
2014-09-10 00:27 - 2014-09-10 00:27 - 00000000 ____D () C:\ProgramData\Video Accelerator
2014-09-10 00:27 - 2014-09-10 00:27 - 00000000 ____D () C:\Program Files (x86)\FFMPEG
2014-09-10 00:27 - 2014-09-10 00:25 - 00000000 ____D () C:\Program Files (x86)\Object Browser
2014-09-10 00:26 - 2014-09-13 12:40 - 00003464 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-6.job
2014-09-10 00:26 - 2014-09-13 12:31 - 00003128 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-3.job
2014-09-10 00:26 - 2014-09-13 12:31 - 00000964 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-09-10 00:26 - 2014-09-13 12:26 - 00004490 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-11.job
2014-09-10 00:26 - 2014-09-13 12:26 - 00003808 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-4.job
2014-09-10 00:26 - 2014-09-13 12:26 - 00003128 _____ () C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-7.job
2014-09-10 00:26 - 2014-09-13 11:56 - 00000960 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-09-10 00:26 - 2014-09-10 00:26 - 06753656 _____ (ParetoLogic, Inc.) C:\Users\Jon Lowry\Downloads\RegCureProSetup.exe
2014-09-10 00:26 - 2014-09-10 00:26 - 06753656 _____ (ParetoLogic, Inc.) C:\Users\Jon Lowry\Downloads\RegCureProSetup (1).exe
2014-09-10 00:26 - 2014-09-10 00:26 - 00007520 _____ () C:\Windows\System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-11
2014-09-10 00:26 - 2014-09-10 00:26 - 00006838 _____ () C:\Windows\System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-4
2014-09-10 00:26 - 2014-09-10 00:26 - 00006492 _____ () C:\Windows\System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-6
2014-09-10 00:26 - 2014-09-10 00:26 - 00006158 _____ () C:\Windows\System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-7
2014-09-10 00:26 - 2014-09-10 00:26 - 00006158 _____ () C:\Windows\System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-3
2014-09-10 00:26 - 2014-09-10 00:26 - 00003962 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-09-10 00:26 - 2014-09-10 00:26 - 00003708 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-09-10 00:26 - 2014-09-10 00:26 - 00003594 _____ () C:\Windows\System32\Tasks\YTDownloaderUpd
2014-09-10 00:26 - 2014-09-10 00:26 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2014-09-10 00:26 - 2014-09-10 00:25 - 00000000 ____D () C:\Program Files (x86)\YTDownloader
2014-09-10 00:26 - 2014-07-25 00:18 - 00003744 _____ () C:\Windows\System32\Tasks\SMupdate1
2014-09-10 00:26 - 2014-07-25 00:18 - 00003604 _____ () C:\Windows\System32\Tasks\YTDownloader
2014-09-10 00:26 - 2014-07-25 00:16 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-10 00:25 - 2014-09-10 00:27 - 00000000 ____D () C:\Program Files (x86)\Object Browser
2014-09-10 00:25 - 2014-09-10 00:25 - 00004048 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-09-10 00:25 - 2014-09-10 00:25 - 00001969 _____ () C:\Users\Jon Lowry\Desktop\Sync Folder.lnk
2014-09-10 00:25 - 2014-09-10 00:25 - 00001087 _____ () C:\Users\Jon Lowry\Desktop\MyPC Backup.lnk
2014-09-10 00:25 - 2014-09-10 00:25 - 00000000 ____D () C:\Users\Jon Lowry\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-09-10 00:25 - 2014-09-10 00:25 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-09-04 10:54 - 2014-09-04 10:54 - 01527000 _____ () C:\Users\Jon Lowry\Downloads\flash_player_14_plugin.exe
2014-09-04 10:54 - 2014-09-04 10:54 - 00144760 _____ (Premium Installer ) C:\Users\Jon Lowry\Downloads\Setup (2).exe
2014-08-29 21:13 - 2014-08-29 21:13 - 00000165 ____H () C:\Users\Jon Lowry\Desktop\~$TV Shows.xlsx
2014-08-27 12:57 - 2014-08-27 12:57 - 00000000 ____D () C:\Program Files (x86)\Vuze Remote Toolbar
2014-08-27 12:57 - 2014-08-27 12:57 - 00000000 ____D () C:\Program Files (x86)\Application Updater
C:\Users\Jon Lowry\jagex_cl_loginapplet_LIVE.dat
C:\Users\Jon Lowry\jagex_cl_runescape_LIVE.dat
C:\Users\Jon Lowry\jagex_cl_runescape_LIVE1.dat
C:\Users\Jon Lowry\jagex_cl_runescape_LIVE2.dat
C:\Users\Jon Lowry\jagex_runescape_preferences.dat
C:\Users\Jon Lowry\jagex_runescape_preferences2.dat
C:\Users\Jon Lowry\random.dat
C:\Users\Jon Lowry\AppData\Local\Temp\GPUpd5418514B1.exe
C:\Users\Jon Lowry\AppData\Local\Temp\i4jd8938456812418365063.exe
Task: {026F61A6-1E79-4C96-B077-DE27CC432D7D} - \BrowserDefendert No Task File <==== ATTENTION
Task: {1A3CE392-422E-47DC-9602-789171E5B529} - System32\Tasks\Test TimeTrigger => C:\Users\JONLOW~1\AppData\Local\Temp\Runner.exe <==== ATTENTION
C:\Users\JONLOW~1\AppData\Local\Temp\Runner.exe
Task: {35FBB754-7A87-43F1-B9A6-8446DFB6A6C2} - System32\Tasks\WSE_Astromenda => C:\Users\Jon Lowry\AppData\Roaming\WSE_Astromenda\UpdateProc\UpdateTask.exe [2014-09-11] ()
C:\Users\Jon Lowry\AppData\Roaming\WSE_Astromenda
Task: {38212487-8142-46E0-8D4E-31B74C431837} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe [2014-08-25] (YTDownloader) <==== ATTENTION
C:\Program Files (x86)\YTDownloader
Task: {3DB4A2F8-0448-459B-A135-FEE9BBAD4ADB} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-3 => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-3.exe [2014-09-10] (Object Browser)
C:\Program Files (x86)\Object Browser
Task: {4146542E-A9F0-49D6-9185-95A76109A52D} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe [2014-08-25] (Goobzo) <==== ATTENTION
Task: {55ABD00A-4220-4F78-A0D7-AEC713771BC6} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-2 => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-2.exe [2014-09-10] (Object Browser)
Task: {5CCDBEE0-159F-4BF5-88B1-44DE44C0189A} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {602F9486-75D6-415D-B537-F3BDBDE110A1} - System32\Tasks\ParetoLogic Update Version3_triggeronce => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
c:\program files (x86)\common files\paretologic
Task: {74F1B5C4-50C4-49CF-925C-911287FD19DC} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5_user => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5.exe [2014-09-10] (Object Browser)
Task: {979BBFF1-A320-4D44-9572-43CCF72014E2} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-11 => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-11.exe [2014-09-10] (Object Browser)
Task: {97F04E5C-4950-428A-9DFC-CA53C569C462} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-4 => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-4.exe [2014-09-10] (Object Browser)
Task: {9E671BF1-E82A-48C6-BF41-2DD13DEFBDD2} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION
C:\Program Files (x86)\Optimizer Pro
Task: {A1352A50-436B-4071-B228-0B8E2D79784F} - System32\Tasks\RocketTab => C:\Windows\system32\cmd.exe [2010-11-20] (Microsoft Corporation) <==== ATTENTION
Task: {A669AEF8-A05B-44A1-9833-CD4A0CF0501C} - \Desk 365 RunAsStdUser No Task File <==== ATTENTION
Task: {A7D18C7A-90C7-4E57-9DEB-730834176E5D} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-1 => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe [2014-09-10] (Object Browser)
Task: {A8C40EB6-7527-4B16-8F5C-BE889C95886A} - System32\Tasks\SMupdate1 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update1 <==== ATTENTION
Task: {AC2629A3-16AD-4E7D-9589-FF4CF978C9CF} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-6 => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-6.exe [2014-09-10] (Object Browser)
Task: {BF3B2CB2-AC8C-4F8C-B436-468B7780F37A} - System32\Tasks\TidyNetwork Update => C:\Users\Jon Lowry\AppData\Local\TidyNetwork.com\tidy2update.exe
C:\Users\Jon Lowry\AppData\Local\TidyNetwork.com
Task: {C97C403B-723B-47B3-8A75-9A0D5FAA93E1} - System32\Tasks\RocketTab Update Task => C:\Program Files (x86)\RocketTab\uninstall.exe [2014-09-11] () <==== ATTENTION
C:\Program Files (x86)\RocketTab
Task: {D8A78881-603A-4045-A49C-70FFD91033DA} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5 => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5.exe [2014-09-10] (Object Browser)
Task: {E7F27CA2-7095-46A3-B555-CA1986F8895D} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {E8CDB12B-32AD-4023-9476-14E9C4D0CED7} - System32\Tasks\FFMPEGUpd => C:\Program Files (x86)\FFMPEG\FFMPEGUpdate.exe [2013-08-08] (Goobzo)
C:\Program Files (x86)\FFMPEG
Task: {EB6FA16A-998E-4019-8C5E-BCABA47F746A} - System32\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-7 => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-7.exe [2014-09-10] (Object Browser)
Task: {F5AD7045-11F7-42B6-B4E3-BC8CFE550AF1} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-10] (globalUpdate) <==== ATTENTION
C:\Program Files (x86)\globalUpdate
Task: {F97BD074-2550-4AF3-90DA-6A2CBDF39C03} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-09-03] (MyPC Backup) <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
Task: {FEC81997-A122-47DA-AA7B-828690A77499} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-10] (globalUpdate) <==== ATTENTION
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-1.job => C:\Program Files (x86)\Object Browser\Object Browser-codedownloader.exe
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-11.job => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-11.exe
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-2.job => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-2.exe
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-3.job => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-3.exe
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-4.job => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-4.exe
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5.job => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5.exe
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5_user.job => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-5.exe
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-6.job => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-6.exe
Task: C:\Windows\Tasks\a43d8f61-a231-4945-aae1-b5af94ff9ff9-7.job => C:\Program Files (x86)\Object Browser\a43d8f61-a231-4945-aae1-b5af94ff9ff9-7.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\ParetoLogic Update Version3_triggeronce.job => c:\program files (x86)\common files\paretologic\uus3\Pareto_Update3.exe
Task: C:\Windows\Tasks\WSE_Astromenda.job => C:\Users\JONLOW~1\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
C:\Users\JONLOW~1\AppData\Roaming\WSE_AS~1\UPDATE~1\UPDATE~1.EXE
2014-09-11 11:00 - 2014-09-11 11:00 - 01420520 _____ () C:\Program Files (x86)\RocketTab\Client.exe
2014-09-10 00:33 - 2014-09-10 00:35 - 00565760 _____ () C:\Program Files\DnsSignal\dnssignal.dll
2014-07-25 00:20 - 2014-07-25 00:20 - 00709120 _____ () C:\Program Files\005\cyycfhtzro64.exe
2014-09-10 00:33 - 2014-05-20 20:48 - 00067584 _____ () C:\Program Files\DnsSignal\barelysignal.exe
2014-09-10 00:33 - 2014-05-20 20:48 - 00054784 _____ () C:\Program Files\DnsSignal\barelysignal2.exe
2014-08-18 07:51 - 2014-08-18 07:51 - 00408584 _____ () C:\Users\Jon Lowry\AppData\Local\PennyBee\PennyBeeW.exe
2014-09-11 10:47 - 2014-09-11 10:47 - 01074688 _____ () C:\Users\Jon Lowry\AppData\Local\WSE_Astromenda\BRS\brs.exe
2014-09-03 10:39 - 2014-09-03 10:39 - 00012288 _____ () C:\Program Files (x86)\MyPC Backup\GetText.dll
2014-09-03 10:34 - 2014-09-03 10:34 - 01102336 _____ () C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll
2014-09-10 00:33 - 2014-09-10 00:35 - 00496640 _____ () C:\Program Files\DnsSignal\dnssignal2.dll
2014-08-18 07:51 - 2014-08-18 07:51 - 00311816 _____ () C:\Users\Jon Lowry\AppData\Local\PennyBee\DealplyInstallerHelper.dll
2014-09-11 10:47 - 2014-09-11 10:47 - 00599419 _____ () C:\Users\Jon Lowry\AppData\Local\WSE_Astromenda\BRS\sqlite3.dll
AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:BF3D62E7
EmptyTemp:
end