Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Something is setting my homepage to sweet-page.com (and does other stu


  • This topic is locked This topic is locked

#1
EuphoricSektor

EuphoricSektor

    New Member

  • Member
  • Pip
  • 4 posts
I've read something about sweet-page.com being a result of having some sort of spyware in my PC.

Besides the fact that sweet-page.com is my homepage now, and I can't rid of it, some words in texts turn into popups with ads, and my chrome extension list features stuff named "IcoValiad 5.3", "ssavvianigitoyou 2.1", "RightSurf 1.0.0" and "New Tab Search 0.5" (at least those are the ones I'm suspicious about)

Microsoft Security Essentials found nothing with Fast Scan, and Complete Scan is running right now.

If you excuse the expression, wat do?

Edit1: Sweet-page.com applies to IE and Firefox as well apparently (and oh god, I just noticed the title)

Attached Thumbnails

  • not suspicious at all.png

Edited by EuphoricSektor, 15 February 2014 - 05:38 PM.

  • 0

Advertisements


#2
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello EuphoricSektor

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.

Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

I would like you to run this program for me.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Gringo
  • 0

#3
EuphoricSektor

EuphoricSektor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by Dimitri (administrator) on BANANPAJ on 16-02-2014 11:59:53
Running from C:\Users\Dimitri\Desktop
Windows 7 Enterprise Service Pack 1 (X64) OS Language: Swedish
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Validity Sensors, Inc.) C:\Windows\system32\vcsFPService.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(ArcSoft, Inc.) C:\Windows\SysWow64\ArcVCapRender\uArcCapture.exe
() C:\Program Files (x86)\RightSurf\updateRightSurf.exe
() C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe
(Microsoft Corporation) c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(IObit) C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
(Don HO [email protected]) C:\Program Files (x86)\Notepad++\notepad++.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Chucklefish LTD) C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\launcher.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1436736 2011-06-15] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] - C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [LogMeIn GUI] - "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
HKLM\...\Run: [THXCfg64] - C:\Windows\system32\THXCfg64.dll [25600 2010-09-14] (Creative Technology Ltd.)
HKLM-x32\...\Run: [QLBController] - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [318520 2011-05-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [NUSB3MON] - c:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [SwitchBoard] - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073352 2012-06-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ApnUpdater] - "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
HKLM-x32\...\Run: [DDS] - C:\Program Files (x86)\Digital Desktop Stickers\Digital Desktop Stickers.exe
HKLM-x32\...\Run: [THX Audio Control Panel] - C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1374720 2010-11-01] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] - C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [MyStart Anti-phishing Domain Advisor] - C:\ProgramData\MyStart Anti-phishing Domain Advisor\MyStart_antiphishing.exe [235072 2013-08-30] (Visicom Media Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] - C:\Program Files (x86)\BlueStacks\HD-Agent.exe [811792 2014-01-20] (BlueStack Systems, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\Run: [OfficeSyncProcess] - C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [718720 2011-07-21] (Microsoft Corporation)
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\Run: [DAEMON Tools Pro Agent] - C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\Run: [Google Update] - C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-05-21] (Google Inc.)
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\Run: [ManyCam] - "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\MountPoints2: {172233f7-4399-11e1-a1f4-d0df9a91d433} - E:\AutoRunMorrowind.exe
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\MountPoints2: {620ac38d-58ea-11e2-9bb8-d0df9a91d433} - E:\autorun.exe
HKU\S-1-5-21-2020277178-3668421013-2679300876-1001\...\MountPoints2: {b2061473-ec3a-11e0-b6a1-d0df9a91d433} - F:\CD_Start.exe
AppInit_DLLs: C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [4380488 2014-01-22] ()
AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll [4061000 2013-10-29] ()
Startup: C:\Users\Dimitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...5Y4BXX71S4D5Y4B
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://se.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x162FFFCA6E83CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...5Y4BXX71S4D5Y4B
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-pag...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...5Y4BXX71S4D5Y4B
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...5Y4BXX71S4D5Y4B
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-pag...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.sweet-pag...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.sweet-pag...5Y4BXX71S4D5Y4B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.sweet-pag...5Y4BXX71S4D5Y4B
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.sweet-pag...q={searchTerms}
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.sweet-pag...5Y4BXX71S4D5Y4B
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://www.sweet-pag...q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: RightSurf - {88be1aa9-6740-461c-9e3e-f35eb8fa741c} - C:\Program Files (x86)\RightSurf\RightSurfbho.dll (RightSurf)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll No File
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll ()
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll No File
Toolbar: HKLM - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll No File
Toolbar: HKLM-x32 - DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll No File
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM-x32 - MyStart Toolbar - {ccb24e92-62c4-4c53-95d2-65f9eed476bc} - C:\Program Files (x86)\mystarttb\mystartDx.dll ()
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...director/sw.cab
DPF: HKLM-x32 {BAD4FE2C-503B-45CC-88CD-4B0574057D11} http://clients.futur.../FMSI_v4120.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=928
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\5rrkb3oe.default
FF NewTab: hxxp://www.sweet-page.com/newtab/?type=nt&ts=1390414160&from=cor&uid=TOSHIBAXMK3261GSYN_71S4D5Y4BXX71S4D5Y4B
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Ask.com
FF Homepage: hxxp://www.sweet-page.com/?type=hp&ts=1390414160&from=cor&uid=TOSHIBAXMK3261GSYN_71S4D5Y4BXX71S4D5Y4B
FF Keyword.URL: hxxp://www.mystart.com/results.php?pr=manycam&id=manycamtb&v=5_0&ent=bs____campaignID___&q=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect - C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKCU: @eximion.com/KalydoPlayer - C:\Users\Dimitri\AppData\Roaming\Kalydo\KalydoPlayer\bin1\npkalydo.dll (Eximion B.V.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Dimitri\AppData\Local\Roblox\Versions\version-9ae7cc04e47a4b12\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Dimitri\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Dimitri\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Dimitri\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Users\Dimitri\AppData\Roaming\mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\5rrkb3oe.default\searchplugins\askcom.xml
FF Extension: IcoValiad - C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\5rrkb3oe.default\Extensions\[email protected] [2014-02-14]
FF Extension: ssavvianigitoyou - C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\5rrkb3oe.default\Extensions\[email protected] [2014-02-14]

Chrome:
=======
CHR DefaultSearchKeyword: sweet-page
CHR DefaultSearchProvider: sweet-page
CHR DefaultSearchURL: http://www.sweet-pag...q={searchTerms}

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by Dimitri at 2014-02-16 12:03:27
Running from C:\Users\Dimitri\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Enabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

µTorrent (HKCU Version: 3.3.2.30303 - BitTorrent Inc.)
7-Zip 9.20 (x32 Version: - )
Adobe AIR (x32 Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Creative Suite 6 Master Collection (x32 Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Professional CS5.5 (x32 Version: 11.5 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) - Svenska (x32 Version: 10.1.1 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (x32 Version: 11.6.8.638 - Adobe Systems, Inc.)
Adobe® Content Viewer (x32 Version: 3.0.0 - Adobe Systems Incorporated)
Adobe® Content Viewer (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
AdobeCS6MC (Version: 1.2.0000 - Adobe Systems Incorporated) Hidden
Aff Packages (HKCU Version: - ) <==== ATTENTION
Allods Online 3.0.05.38 (x32 Version: 3.0.05.38 - gPotato)
Amnesia - The Dark Descent (x32 Version: 1.0.0 - Frictional Games)
ArcSoft WebCam Companion 4 (x32 Version: 4.0.20.365 - ArcSoft)
ArcSoft Webcam Sharing Manager (x32 Version: 2.0.0.30 - ArcSoft)
ArtRage Studio Pro (x32 Version: 3.5.4 - Ambient Design)
ASIO4ALL (x32 Version: 2.10 - Michael Tippach)
Ask Toolbar (x32 Version: 1.15.9.0 - Ask.com) <==== ATTENTION
Atheros Driver Installation Program (x32 Version: 9.0 - Atheros)
Audiosurf (x32 Version: - Dylan Fitterer)
Autodesk Backburner 2012.0.0 (x32 Version: 2012.0.0 - Autodesk, Inc.)
Autodesk MatchMover 2012 64-bit (Version: 14.00.0000 - Autodesk)
Avernum (x32 Version: 1.0.0 - Spiderweb Software)
Baldur's Gate™ II - Shadows of Amn™ (x32 Version: - )
Bandisoft MPEG-1 Decoder (x32 Version: - )
Bastion (x32 Version: - )
BattlEye for OA Uninstall (x32 Version: - )
Blender (Version: 2.67b - Blender Foundation)
Bloodline Champions (x32 Version: 2.4.1.0 - Stunlock Studios)
BlueStacks App Player (x32 Version: 0.8.5.3042 - BlueStack Systems, Inc.)
BlueStacks Notification Center (x32 Version: 0.8.5.3042 - BlueStack Systems, Inc.)
Bluetooth Win7 Suite (64) (Version: 7.02.000.55 - Atheros Communications)
Borderlands 2 (x32 Version: - )
Camersoft Fake Webcam 3.1.08 (x32 Version: - Camersoft Studio)
Camersoft Webcam Recorder (x32 Version: v3.1.08 - Tom_Da_Man)
CCleaner (Version: 3.21 - Piriform)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Cheat Engine 6.2 (x32 Version: - Dark Byte)
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Composite 2012 64-bit (Version: 7.0.0 - Autodesk)
Curse Client (HKCU Version: 5.1.1.792 - Curse)
DAEMON Tools Pro (x32 Version: 5.2.0.0348 - DT Soft Ltd)
DarkBloodOnline (x32 Version: 1.00.0000 - Outspark)
Dead Pixels (x32 Version: - CSR-Studios)
Deadlight (x32 Version: - )
Deckadance 2 (x32 Version: 2.0 - Image-Line)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
Defy Gravity (x32 Version: - )
Diablo II (x32 Version: - )
Disciples 2 Gold Gallean (x32 Version: - )
Disciples II Rise of the Elves (x32 Version: - )
DLC Quest (x32 Version: - Going Loud Studios)
Don't Starve (x32 Version: - Klei Entertainment)
DoomRL version 0.9.9.7 (x32 Version: 0.9.9.7 - ChaosForge)
Dota 2 (x32 Version: - Valve)
Dragon Age II (x32 Version: 1.04 - Electronic Arts, Inc.)
Dragons Prophet (x32 Version: - Infernum Productions AG)
Droid Assault (x32 Version: - Puppygames)
Droplitz (x32 Version: - Blitz Games Studio, Ltd.)
Dungeon Siege 2 (x32 Version: - Microsoft)
DUNGEONS - Steam Special Edition (x32 Version: - Realmforge Studios)
DUNGEONS - The Dark Lord (Steam Special Edition) (x32 Version: - Realmforge Studios)
Endless.Space (x32 Version: - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
EVE Online (remove only) (x32 Version: - CCP Games Ltd.)
EVEMon (x32 Version: 1.8.3.4116 - battleclinic.com)
Fallout 3 - Unofficial Fallout 3 Patch (x32 Version: v1.2.0 - Quarn ([email protected]))
Fallout Mod Manager 0.13.21 (x32 Version: - Q, Timeslip)
FileZilla Client 3.5.3 (x32 Version: 3.5.3 - FileZilla Project)
FlashDevelop 4.0.3 (x32 Version: 4.0.3-RTM - FlashDevelop.org)
Fraps (remove only) (x32 Version: - )
FTL version 1.01 (x32 Version: 1.01 - Subset Games)
Futuremark SystemInfo (x32 Version: 4.12.0 - Futuremark Corporation)
Game Booster 3 (x32 Version: 3.4 - IObit)
Game Dev Tycoon version 1.3.9 (x32 Version: 1.3.9 - Greenheart Games Pty. Ltd.)
Game Scanner (x32 Version: 2.0.27 - GameScanner)
GameMaker 8.1 (x32 Version: - )
Garry's Mod (x32 Version: - Team Garry)
GeoGebra (x32 Version: 4.0.16.0 - International GeoGebra Institute)
Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)
Google SketchUp 8 (x32 Version: 3.0.4811 - Google, Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (x32 Version: 7.0.1710.2246 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.111 - Google Inc.) Hidden
Gothic 2 Gold (x32 Version: - GOG.com)
Graphviz 2.28 (x32 Version: 2.28.0 - AT&T Research Labs)
Gunpoint (x32 Version: 2.0.0.0 - )
Hack, Slash, Loot (x32 Version: - David Williamson)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (x32 Version: - Opus )
Half-Life (x32 Version: - Valve)
Hi-Rez Studios Authenticate and Update Service (x32 Version: 3.0.0.0 - Hi-Rez Studios)
Home Plan Pro version 5.2.25.10 (x32 Version: - Home Plan Software)
Hotline Miami (x32 Version: 2.0.0.4 - GOG.com)
HP 3D DriveGuard (Version: 4.1.7.1 - Hewlett-Packard Company)
HP HotKey Support (Version: 4.0.18.1 - Hewlett-Packard Company)
HP Webcam Driver (x32 Version: 5.8.50060.0 - Sonix)
IL Shared Libraries (x32 Version: - Image-Line)
Intel® Management Engine Components (x32 Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (x32 Version: 8.15.10.2342 - Intel Corporation)
Intel® Rapid Storage Technology (x32 Version: 10.1.2.1004 - Intel Corporation)
ioquake3 (x32 Version: - )
Jamestown (x32 Version: - Final Form Games)
Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 31 (x32 Version: 6.0.310 - Oracle)
Java™ 7 Update 5 (64-bit) (Version: 7.0.50 - Oracle)
JavaFX 2.1.1 (x32 Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (x32 Version: 1.0.57.2 - JMicron Technology Corp.)
JungleTimer (HKCU Version: 4.0.0.4 - JungleTimer)
KAG 0.95A (x32 Version: - Michal Marcinkowski THD)
Kalydo Player 4.06.04 (HKCU Version: 4.06.04 - Eximion B.V.)
Katawa Shoujo (x32 Version: - )
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
La-Mulana (x32 Version: - ASTERIZM CO., LTD.)
League of Legends (x32 Version: 1.3 - Riot Games)
Legend of Grimrock (x32 Version: - GOG.com)
Loadout (x32 Version: - Edge of Reality)
Logitech SetPoint (x32 Version: 4.80 - Logitech)
Magic: The Gathering — Duels of the Planeswalkers 2012 (x32 Version: - Stainless Games Ltd)
ManyCam 3.1.60 (x32 Version: 3.1.60 - ManyCam LLC)
Mass Effect (x32 Version: 1.00 - Electronic Arts, Inc.)
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile Language Pack - SVE (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile SVE Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended Language Pack - SVE (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended SVE Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation)
Microsoft Antimalware (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Antimalware Service SV-SE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (x32 Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft)
Microsoft Office 2010 Service Pack 1 (SP1) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Finnish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Swedish) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Swedish) 2010 (x32 Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Client SV-SE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (Version: 2.1.1116.0 - Microsoft Corporation)
Microsoft Silverlight (x32 Version: 4.1.10111.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (Version: - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (x32 Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x32 Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x32 Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - ENU (x32 Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (x32 Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (x32 Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (Version: 10.0.30319 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (x32 Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (x32 Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (ARP entry) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Redists) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Shared Components) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (Visual Studio) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Game Studio 4.0 (XnaLiveProxy) (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio 4.0 Documentation (x32 Version: 4.0.20823.0 - Microsoft Corporation) Hidden
Microsoft XNA Game Studio Platform Tools (x32 Version: 1.3.0.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Minimizor 1.8 (x32 Version: - Mathijs "Lightning" Hoekstra - www.idcation.com)
mIRC (x32 Version: 7.32 - mIRC Co. Ltd.)
MirrorMoon EP (x32 Version: - Santa Ragione)
Morrowind (x32 Version: - )
Mozilla Firefox 26.0 (x86 en-US) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
Mumble 1.2.3 (x32 Version: 1.2.3 - Thorvald Natvig)
My Game Long Name (Version: - Epic Games, Inc.)
MyStart Anti-phishing Domain Advisor (x32 Version: 1.0.1.108 - Visicom Media Inc. (Powered by Panda Security))
MyStart Toolbar (x32 Version: 5.0.2.1 - Visicom Media Inc.)
Name Generator (HKCU Version: 1.0.0.1 - PC)
Notepad++ (x32 Version: 5.9.3 - )
NVIDIA PhysX (x32 Version: 9.12.1031 - NVIDIA Corporation)
Oblivion (x32 Version: 1.00.0000 - Bethesda Softworks)
Oblivion mod manager 1.1.12 (x32 Version: - Timeslip)
OpenAL (x32 Version: - )
Optimizer Pro v3.2 (x32 Version: - PC Utilities Software Limited) <==== ATTENTION
Overwolf (x32 Version: 0.25.153 - Overwolf)
Painkiller Black (x32 Version: 1.0.0 - JoWood)
Painkiller Overdose (x32 Version: 84.4 - JoWooD)
Papers, Please (x32 Version: - 3909)
Path of Exile (x32 Version: - Grinding Gear Games)
Path of Exile (x32 Version: 0.11.6.28352 - Grinding Gear Games)
Pidgin (x32 Version: 2.10.7 - )
Poser Pro 2012 (Version: 9.0.0 - Smith Micro Software, Inc.)
Primordia (x32 Version: 2.0.0.2 - GOG.com)
ProtectDisc Driver, Version 11 (x32 Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (x32 Version: 0.991 - Even Balance, Inc.)
Python 3.2 pygame-1.9.2a0 (x32 Version: 1.9.2 - Pete Shinners, Rene Dudfield, Marcus von Appen, Bob Pendleton, others...)
Python 3.2.2 (64-bit) (Version: 3.2.2150 - Python Software Foundation)
Python 3.2.2 (x32 Version: 3.2.2150 - Python Software Foundation)
Python 3.3.2 (64-bit) (Version: 3.3.2150 - Python Software Foundation)
Quake Live Internet Explorer Plugin (x32 Version: 1.0.520 - id Software)
Quake Live Mozilla Plugin (x32 Version: 1.0.520 - id Software)
Realtek Ethernet Controller All-In-One Windows Driver (x32 Version: 1.12.0016 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Reus (x32 Version: - Abbey Games)
RGSS-RTP Standard (x32 Version: 1.04 - Enterbrain)
Ricochet (x32 Version: - Valve)
RightSurf (Version: 2014.01.10.205925 - RightSurf) <==== ATTENTION
Risen (x32 Version: 1.00.0000 - Deep Silver)
Risk of Rain (x32 Version: - )
ROBLOX Player for Dimitri (HKCU Version: - ROBLOX Corporation)
Rogue Legacy version 0.0.0.9 (x32 Version: 0.0.0.9 - WaLMaRT)
Sanctum 2 (x32 Version: - Coffee Stain Studios)
Scribblenauts Unlimited (x32 Version: - )
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (Version: 10.1.2531.0 - Microsoft Corporation)
Shark Attack (HKCU Version: - )
Shatter (x32 Version: - Sidhe)
Sine Mora (x32 Version: - Digital Reality)
Skype Click to Call (x32 Version: 6.3.11079 - Skype Technologies S.A.)
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Space Pirates and Zombies (x32 Version: - MinMax Games Ltd.)
SpaceChem (x32 Version: 1012 - Zachtronics Industries)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Starbound (x32 Version: - )
StarCraft II (x32 Version: - Blizzard Entertainment)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Steinberg Drum Loop Expansion 01 (x32 Version: 1.0.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (x32 Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (x32 Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (x32 Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (x32 Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (x32 Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (x32 Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (x32 Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (x32 Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content (x32 Version: 1.0.0.005 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (x32 Version: 1.0.0.006 - Steinberg Media Technologies GmbH)
Sublime Text 2.0.1 (Version: - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 15.2.11.1 - Synaptics Incorporated)
TeamSpeak 3 Client (HKCU Version: 3.0.13 - TeamSpeak Systems GmbH)
TES Construction Set (x32 Version: - )
The Elder Scroll V - Skyrim version Patch 1.3 (x32 Version: Patch 1.3 - Bethesda Studios)
The Mighty Quest For Epic Loot version 1.229871 (x32 Version: 1.229871 - )
THX TruStudio Pro (x32 Version: TAMB-CVS1D-1-LB R07 - Creative Technology Limited)
Titan Attacks (x32 Version: - Puppygames)
TmNationsForever (x32 Version: - Nadeo)
Torchlight II © Runic Games version 1 (x32 Version: 1 - )
Towns V8 (x32 Version: - )
Tunngle beta (x32 Version: - Tunngle.net GmbH)
Two Worlds II (x32 Version: 1.0.0 - )
UE3Redist (HKCU Version: 1.00.0000 - Epic Games)
UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
Ultratron (x32 Version: - Puppygames)
Unity (x32 Version: - Unity Technologies ApS)
Unity Web Player (HKCU Version: - Unity Technologies ApS)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553092) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition (x32 Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32 Version: - Microsoft)
Wacom (Version: 5.3.2-1 - Wacom Technology Corp.)
Validity Fingerprint Sensor Driver (Version: 4.3.126.0 - Validity Sensors, Inc.)
Warcraft III (x32 Version: - Blizzard Entertainment)
Warcraft III: All Products (HKCU Version: - )
Warframe (x32 Version: 1.0.0 - Digital Extremes)
Warsow 1.02 (x32 Version: 1.02 - Chasseur de bots)
WebTablet FB Plugin 32 bit (x32 Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0 - Microsoft Corporation)
Wing IDE 101 4.0.4-1 (x32 Version: - )
WinRAR 4.01 (64-bit) (Version: 4.01.0 - win.rar GmbH)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (x32 Version: 4.0.8080.0 - Microsoft Corporation)
VLC media player 1.1.11 (x32 Version: 1.1.11 - VideoLAN)
World of Tanks (x32 Version: - Wargaming.net)
WPM17.8.0.3325 (x32 Version: 17.8.0.3325 - Cherished Technololgy LIMITED) <==== ATTENTION
Xvid 1.2.2 final uninstall (x32 Version: 1.2 - Xvid team (Koepi))
Ys I (x32 Version: - Nihon Falcom)

==================== Restore Points =========================

14-02-2014 15:53:16 Removed Crysis® 2

==================== Scheduled Tasks (whitelisted) =============

Task: {059BEEC6-774E-417A-A514-B02FBF43749B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {1ABF5786-F0BE-47F0-B881-77318682A1D2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {2B1EE66D-A431-439F-9A77-7BED54BB0431} - System32\Tasks\Game_Booster_Startup => C:\Program Files (x86)\IObit\Game Booster 3\gbtray.exe [2012-04-23] (IObit)
Task: {37BF648C-AA1D-4DDD-B012-9439B7591C42} - System32\Tasks\{CE424CFF-D934-4DA0-A96F-6E5DBDFEE5B5} => C:\Games\Mass Effect\Binaries\MassEffectConfig.exe
Task: {4E275AFA-C7D1-4ECA-82E1-C710E63F9461} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe [2011-04-27] (Microsoft Corporation)
Task: {5AA6BA2B-C142-4D43-B3E3-25E2B36BA19E} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-08] ()
Task: {60DBA9D1-8446-4797-A8BC-33460855FFF8} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {61AC0911-7E84-45DF-AD6C-CFAEA253427F} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {6763C8BC-9E20-4F0B-A239-A8CC900A7BDA} - System32\Tasks\{B46F16BB-148B-41B5-B1A0-E7F74D8320B2} => C:\Games\Mass Effect\Binaries\MassEffectConfig.exe
Task: {6B9E084A-1700-4AEE-B44B-C77CED4CF20F} - System32\Tasks\{03D0F46B-4A1A-460C-93A0-0603ADDE7842} => C:\Games\Mass Effect\Binaries\MassEffectConfig.exe
Task: {6DFA9C4D-F8CC-4700-A374-578350D0B8D6} - \WPD\SqmUpload_S-1-5-21-2020277178-3668421013-2679300876-1000 No Task File
Task: {705478BA-8967-48CA-9815-A9FC8002F0EC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2020277178-3668421013-2679300876-1001Core => C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-21] (Google Inc.)
Task: {750826F4-A1DC-4F02-B878-3A9C25456F7C} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe <==== ATTENTION
Task: {8C671E4C-2EE5-4F83-A200-4CA18BDD7D79} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2020277178-3668421013-2679300876-1001UA => C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe [2012-05-21] (Google Inc.)
Task: {90157CDC-2DE8-4EF8-BC84-76916E9EB24A} - System32\Tasks\{9761A360-0FBD-48E2-8073-E15AAD8516B0} => C:\Program Files (x86)\Strategy First\Etherlords II\Etherlords2.exe
Task: {916F65F3-BB07-4AB2-A7D0-EE2107EE9DA0} - System32\Tasks\{4340422F-C213-4F1E-A10A-E17382044678} => C:\Program Files (x86)\Strategy First\Etherlords II\Etherlords2.exe
Task: {A0CB473C-564A-47AF-A21E-D0F8231211DE} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {A92C96F1-0AE6-4E62-B2AE-79049C016C42} - System32\Tasks\{8FDBD877-5DEF-4E2A-B006-A12B1BC6D291} => Iexplore.exe http://ui.skype.com/...e=tsProgressBar
Task: {BB604C22-6717-47E4-B29A-705BD0B8ADC5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {D591B4C7-F359-41D4-9152-33C36ECE2D21} - System32\Tasks\{A3F30FBE-0188-49AB-BEDD-0A4832D208BF} => C:\Program Files (x86)\Strategy First\Etherlords II\Etherlords2.exe
Task: {DAA001F0-03EF-4276-A1ED-F238681F3A64} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {F9959C19-64DA-4A88-9ED2-44BAD5EA83FC} - System32\Tasks\RunAsStdUser Task => C:\Users\Dimitri\AppData\Local\RavenBleuSA\bin\1.0.11.0\RavenBleuSA.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2020277178-3668421013-2679300876-1001Core.job => C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2020277178-3668421013-2679300876-1001UA.job => C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-16 23:07 - 2011-03-16 23:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2011-09-30 07:59 - 2011-05-28 21:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2013-12-15 20:19 - 2012-12-11 13:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-01-22 19:09 - 2014-01-22 19:09 - 04380488 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll
2013-05-01 15:59 - 2010-11-12 11:38 - 00241152 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2011-03-26 07:28 - 2011-03-26 07:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-03-18 17:04 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2012-03-18 17:04 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2014-01-22 19:09 - 2013-10-29 14:08 - 04061000 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll
2014-01-22 19:09 - 2014-01-22 19:09 - 00191640 _____ () C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll
2012-01-18 00:05 - 2012-01-18 00:05 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-10 22:01 - 2014-02-13 10:33 - 00080672 _____ () C:\Program Files (x86)\RightSurf\updateRightSurf.exe
2014-01-22 21:40 - 2014-02-13 10:00 - 00080672 _____ () C:\Program Files (x86)\RightSurf\bin\utilRightSurf.exe
2012-02-17 10:34 - 2012-02-17 10:34 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\717bc129b29a2f6299fe221ef19b91ba\IsdiInterop.ni.dll
2011-07-08 08:39 - 2011-01-12 16:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-03-16 23:11 - 2011-03-16 23:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-07-18 22:07 - 2011-07-18 22:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2011-07-18 22:07 - 2012-02-12 18:08 - 01673728 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
2014-01-17 16:24 - 2013-12-12 23:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-17 16:24 - 2013-11-05 02:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-12 17:10 - 2014-01-11 00:33 - 00717312 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-04-16 19:52 - 2014-01-27 20:02 - 01138088 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-04-16 19:52 - 2014-01-11 00:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-04-16 19:52 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-04-16 19:52 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-04-16 19:52 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2014-02-05 10:01 - 2014-02-05 10:01 - 16287624 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
2014-01-22 20:12 - 2014-01-22 20:12 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-07 12:17 - 2014-02-07 12:21 - 00544817 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\libgcc_s_dw2-1.dll
2014-02-07 12:17 - 2014-02-07 12:20 - 00989805 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\libstdc++-6.dll
2014-02-07 12:17 - 2014-02-07 12:20 - 03369922 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\icuin51.dll
2014-02-07 12:17 - 2014-02-07 12:20 - 01978690 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\icuuc51.dll
2014-02-07 12:17 - 2014-02-07 12:21 - 22378434 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\icudt51.dll
2014-02-07 12:17 - 2014-02-07 12:20 - 00887612 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\mgwhelp.dll
2014-02-07 12:17 - 2014-02-07 12:20 - 01269760 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\platforms\qwindows.dll
2014-02-07 12:20 - 2014-02-07 12:20 - 00052224 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\imageformats\qico.dll
2014-02-07 12:19 - 2014-02-07 12:19 - 00261120 _____ () C:\Program Files (x86)\Steam\steamapps\common\Starbound\win32\launcher\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
AlternateDataStreams: C:\Users\Dimitri\Cookies:n5JFHkKFz1rXr1V6RIbq9K3y7n2aY
AlternateDataStreams: C:\Users\Dimitri\Lokala inställningar:CcvzrWf2YaIZ3awD5kWe4
AlternateDataStreams: C:\Users\Dimitri\AppData\Local:CcvzrWf2YaIZ3awD5kWe4
AlternateDataStreams: C:\Users\Dimitri\AppData\Local\Programdata:CcvzrWf2YaIZ3awD5kWe4
AlternateDataStreams: C:\Users\Dimitri\AppData\Local\Temp:19tlPYo2p2wKKpFuG9FV
AlternateDataStreams: C:\Users\Dimitri\AppData\Local\Temporary Internet Files:yBStsl0a7nBMCJdAZqDO

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: BambooCore => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MSCONFIG\startupreg: GarenaMessenger => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\Dimitri\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Faulty Device Manager Devices =============

Name: BlueStacks Hypervisor
Description: BlueStacks Hypervisor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BstHdDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: LogMeIn Kernel Information Provider
Description: LogMeIn Kernel Information Provider
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: LMIInfo
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2014 04:42:48 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för imaging1. Det finns ett fel i manifest- eller principfilen imaging2 på rad imaging3.
Elementet imaging är ett underelement för urn:schemas-microsoft-com:asm.v1^assembly och detta stöds inte av den här Windows-versionen.

Error: (02/15/2014 11:52:43 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för imaging1. Det finns ett fel i manifest- eller principfilen imaging2 på rad imaging3.
Elementet imaging är ett underelement för urn:schemas-microsoft-com:asm.v1^assembly och detta stöds inte av den här Windows-versionen.

Error: (02/15/2014 00:13:45 AM) (Source: Application Error) (User: )
Description: Felet uppstod i programmet med namn: chrome.exe, version 32.0.1700.107, tidsstämpel 0x52ed6c62
, felet uppstod i modulen med namn: mystart_antiphishing.dll_unloaded, version 0.0.0.0, tidsstämpel 0x51bb60e6
Undantagskod: 0xc0000005
Felförskjutning: 0x1003a889
Process-ID: 0x1300
Programmets starttid: 0xchrome.exe0
Sökväg till program: chrome.exe1
Sökväg till modul: chrome.exe2
Rapport-ID: chrome.exe3

Error: (02/14/2014 04:42:46 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/14/2014 04:39:03 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (02/14/2014 07:06:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 02:34:57 AM) (Source: SideBySide) (User: )
Description: Det gick inte att skapa aktiveringskontext för imaging1. Det finns ett fel i manifest- eller principfilen imaging2 på rad imaging3.
Elementet imaging är ett underelement för urn:schemas-microsoft-com:asm.v1^assembly och detta stöds inte av den här Windows-versionen.

Error: (02/13/2014 03:46:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2014 03:37:03 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2014 10:13:27 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall


System errors:
=============
Error: (02/16/2014 11:43:40 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.

Error: (02/16/2014 11:43:38 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.

Error: (02/16/2014 11:43:37 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.

Error: (02/16/2014 11:43:37 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.

Error: (02/16/2014 11:43:29 AM) (Source: Service Control Manager) (User: )
Description: En timeout (30000 ms) inträffade vid väntan på transaktionssvar från tjänsten hpqwmiex.

Error: (02/16/2014 06:18:13 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.

Error: (02/16/2014 05:18:12 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.

Error: (02/16/2014 04:18:11 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.

Error: (02/16/2014 03:18:11 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.

Error: (02/16/2014 02:18:10 AM) (Source: Microsoft-Windows-DNS-Client) (User: NT instans)
Description: Det uppstod ett fel när det gjordes ett försök att läsa den lokala hosts-filen.


Microsoft Office Sessions:
=========================
Error: (02/16/2014 04:42:48 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (02/15/2014 11:52:43 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (02/15/2014 00:13:45 AM) (Source: Application Error)(User: )
Description: chrome.exe32.0.1700.10752ed6c62mystart_antiphishing.dll_unloaded0.0.0.051bb60e6c00000051003a889130001cf299e82d85ce5C:\Users\Dimitri\AppData\Local\Google\Chrome\Application\chrome.exemystart_antiphishing.dlla67a5b1f-95cd-11e3-b044-d0df9a91d433

Error: (02/14/2014 04:42:46 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/14/2014 04:39:03 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (02/14/2014 07:06:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/14/2014 02:34:57 AM) (Source: SideBySide)(User: )
Description: imagingurn:schemas-microsoft-com:asm.v1^assemblyc:\program files\microsoft security client\MSESysprep.dllc:\program files\microsoft security client\MSESysprep.dll10

Error: (02/13/2014 03:46:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/13/2014 03:37:03 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (02/12/2014 10:13:27 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall


==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 4030.37 MB
Available physical RAM: 1528.56 MB
Total Pagefile: 8058.93 MB
Available Pagefile: 4285.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:52.83 GB) NTFS
Drive e: (Dragon Age II) (CDROM) (Total:6.6 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 40D9F9C2)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================


("Please do not attach logs or use code boxes, just copy and paste the text" and "The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply." kind of contradict)
  • 0

#4
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello EuphoricSektor

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.





-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

When they are complete let me have the two reports and let me know how things are running.

Gringo
  • 0

#5
EuphoricSektor

EuphoricSektor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
# AdwCleaner v3.018 - Report created 16/02/2014 at 23:13:40
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Enterprise Service Pack 1 (64 bits)
# Username : Dimitri - BANANPAJ
# Running from : C:\Users\Dimitri\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[!] Folder Deleted : C:\Program Files (x86)\optimizer pro
Folder Deleted : C:\Users\Dimitri\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Users\Dimitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
Shortcut Disinfected : C:\Users\Dimitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Dimitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Dimitri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Dimitri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Dimitri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk
Shortcut Disinfected : C:\Users\Dimitri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Dimitri\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ed9956521f9f2a39\Google Chrome.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DealScout.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho
Key Deleted : HKLM\SOFTWARE\Classes\BabylonIEPI.BabylonIEBho.1
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Deleted : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho
Key Deleted : HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoods_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_digital-desktop-stickers_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_digital-desktop-stickers_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_sumotori-dreams_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_windows-movie-maker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E288F79-03E4-4983-A48E-0D879B51FF19}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9CFACCB6-2F3F-4177-94EA-0D2B72D384C1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{F72841F0-4EF1-4DF5-BCE5-B3AC8ACF5478}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5F339F0B-716F-408F-A627-DEEB5DEB4020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\APN
Key Deleted : HKCU\Software\Ask.com
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\APN
Key Deleted : HKLM\Software\AskToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16421

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Dimitri\AppData\Roaming\Mozilla\Firefox\Profiles\5rrkb3oe.default\prefs.js ]

Line Deleted : user_pref("browser.newtab.url", "hxxp://www.sweet-page.com/newtab/?type=nt&ts=1390414160&from=cor&uid=TOSHIBAXMK3261GSYN_71S4D5Y4BXX71S4D5Y4B");
Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");
Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");
Line Deleted : user_pref("browser.search.order.1", "Ask.com");
Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://www.sweet-page.com/?type=hp&ts=1390414160&from=cor&uid=TOSHIBAXMK3261GSYN_71S4D5Y4BXX71S4D5Y4B");
Line Deleted : user_pref("extensions.LSd7pPB1Z.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.match(/ressbar.com[^f]+fid=6501[...]
Line Deleted : user_pref("extensions.aZhkP.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"onduit\")>-1||url.match(/[...]
Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "");
Line Deleted : user_pref("keyword.URL", "hxxp://www.mystart.com/results.php?pr=manycam&id=manycamtb&v=5_0&ent=bs____campaignID___&q=");

-\\ Google Chrome v

[ File : C:\Users\Dimitri\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url
Deleted : suggest_url
Deleted : search_url
Deleted : keyword

*************************

AdwCleaner[R0].txt - [25280 octets] - [16/02/2014 23:09:38]
AdwCleaner[R1].txt - [17431 octets] - [16/02/2014 23:12:58]
AdwCleaner[S0].txt - [2009 octets] - [16/02/2014 23:12:20]
AdwCleaner[S1].txt - [14989 octets] - [16/02/2014 23:13:40]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [15050 octets] ##########
  • 0

#6
EuphoricSektor

EuphoricSektor

    New Member

  • Topic Starter
  • Member
  • Pip
  • 4 posts
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Enterprise x64
Ran by Dimitri on 2014-02-16 at 23:45:56,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] 70e6ca8c
Successfully deleted: [Service] 70e6ca8c
Successfully stopped: [Service] Update RightSurf
Successfully deleted: [Service] Update RightSurf



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optimizerpro_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\optprostart_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{88be1aa9-6740-461c-9e3e-f35eb8fa741c}
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Dimitri\AppData\Roaming\cleanmypc software"
Successfully deleted: [Folder] "C:\Users\Dimitri\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Users\Dimitri\AppData\Roaming\getrighttogo"
Failed to delete: [Folder] "C:\Program Files (x86)\RightSurf"



~~~ FireFox

Emptied folder: C:\Users\Dimitri\AppData\Roaming\mozilla\firefox\profiles\5rrkb3oe.default\minidumps [78 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014-02-16 at 23:54:08,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#7
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello EuphoricSektor

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.
Link 1
Link 2
Link 3
1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"

  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?

Gringo
  • 0

#8
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Hello

48 Hour bump

It has been more than 48 hours since my last post.

  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!

Gringo
  • 0

#9
gringo_pr

gringo_pr

    Trusted Helper

  • Malware Removal
  • 7,268 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP