Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Slowest This Thing HAS EVER BEEN [Closed]


  • This topic is locked This topic is locked

#1
moe313

moe313

    Member

  • Member
  • PipPip
  • 11 posts

I have Sony VIAO and it so slow now.. I remember i didnt take a half a hour to load windows or when it didnt freeze so much while surfing the web.... I need some help please..


  • 0

Advertisements


#2
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Hello and welcome to Geeks to Go! My nickname is Pystryker :) , and I will be helping you with your issue today.


Before we get started, I have a few things I need to go over with you
 

  • Please do not install any new software during the cleaning process other than the tools I provide for you.  This can hinder the cleaning process.
  • At the top of your post, please click on the "Follow this topic" button and make sure that the "Received notification" box is checked and set to "Instantly"  This will send an email to you as soon as I reply to your topic,  allowing us to solve your problem faster.
  • If any of your security programs give you a warning about any tool I ask you to use, please do not worry.  All the links and tools I provide to you will be safe.
     
  • Please read through my instructions carefully and completely before executing them.
  • Please make sure that all the programs I ask you to download are downloaded to and run from your Desktop.
  • Please make sure you print out these instructions so that you will be able to refer to them while working on your machine.  Part of the solution(s) to your problem may involve us working in Safe Mode and you will need them to go by.  
  • Please do not run any tools other than the ones I ask you to, when I ask you to.  Some of these tools can be very dangerous if used improperly.  Also, if you use a tool that I have not requested you use, it can cause false positives, thereby delaying the complete cleaning of your machine.
  • Please read through my instructions carefully and make sure you complete them from start to finish. I will make sure that I lay the instructions out in a step by step order to make them easy to follow
  • This is a complicated process.  It requires several steps, patience, and careful following of my instructions in the order they are given to diagnose your problems to get your machine back in working order.
  • Please stay with me until the end of all steps and procedures and I declare your system clean.  Just because there is a lack of symptoms does not indicate a clean machine. I promise to do the same for you.
  • Please make sure you reply within 3 days to my responses, if there is no reply within 3 days, the topic will be closed and you will need to request the topic be reopened.
  • Before we get started, please remember we will do our best to get your machine repaired.  However, there are some cases where the only solution is a reformat and reinstall of the operating system.  This is a worst case scenario though.
  • It is impossible for me to know what interactions may happen between your computer's software and the tools we will use to clean your machine.  Therefore, I highly recommend you backup any critical personal files on your machine before we start.
  • If possible, please have your original Windows installation disks handy, just in case.
  • If you have any questions at all, please don't hesitate to ask.  There's no such thing as a stupid question when dealing with malware.
  • If you are unsure of an instruction I give you, or if something unexepected occurs, Do NOT proceed!  Stop and ask for clarification of the instruction or tell me what occurred.
  • Please copy and paste the contents of any requested logs in your replies.  Do not attach the log files in your replies unless requested to do so.
  • Please remember, the fixes are for your machine and your machine ONLY!



Once we have cleaned your machine, we'll have some cleanup and prevention steps to go through. We will also provide you with some information about how to reduce your chances of infection and get some protections in place to help defend you against this in the future

Please be patient while I am analyzing your logs.  I know you are probably scared and very frustrated with this problem, but I am a volunteer and sometimes life does get in the way. :)

Now, let's get started, shall we? :thumbsup:


Please disable your antivirus for the duration of my instructions.  Don't forget to re-enable them after you have completed the steps.


Step 1:  Scan with FRST


Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.



  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


Step 2:  Scan with aswMBR

 

  • Please download aswMBR.exe to your desktop.
  • Double click the file to run it.
  • It will ask if you want to download the latest Avast! virus definitions, please answer yes.

aswmbrscan_zpsdc05b0f9.jpg



  • Click the Scan button to begin the scan.

aswmbrsavelog_zps1aeef48e.jpg



  • Once the scan has finished, click on Save Log, save it to your desktop as asw.txt, and please post it in your next reply.
  • Click Exit


Things I need to see in your next post:

FRST Log

Additions.txt Log

aswMBR Scan Log

 

 


  • 0

#3
moe313

moe313

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

here is my first log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by vaio (administrator) on VAIO-PC on 27-03-2014 12:05:44
Running from C:\Users\vaio\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(AMD) C:\Windows\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Parallel Lines Development, LLC) C:\ProgramData\InternetUpdater\InternetUpdaterService.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
(Quiknowledge) C:\Program Files (x86)\Quiknowledge\Service\qksvc.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Users\vaio\AppData\Local\LPT\srptm.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Updater) C:\ProgramData\Updater\updater.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
() C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\20.0.1387.82\opera.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [ShopAtHomeWatcher] - C:\Users\vaio\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-15] (AVAST Software)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\Updater.exe [486264 2013-12-18] (Updater)
HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2014-01-22] (LeapFrog Enterprises, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\e64d1d4c-141a-42a0-ad9b-c043d164db0c.exe /check [181136 2014-03-25] (AVAST Software)
HKU\.DEFAULT\...\Run: [SearchProtect] - \SearchProtect\bin\cltmng.exe
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [ManyCam] - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe [2099064 2012-04-20] (ManyCam LLC)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [Facebook Update] - C:\Users\vaio\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-07-13] (Facebook Inc.)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [HP Photosmart 5510 series (NET)] - C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe [2676584 2011-09-16] (Hewlett-Packard Co.)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [Messenger (Yahoo!)] - C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [TBHostSupport] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\vaio\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin <===== ATTENTION
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [SearchProtection] - C:\Users\vaio\AppData\Roaming\Search Protection\SearchProtection.EXE [832360 2013-09-03] (Spigot, Inc.)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [GoogleChromeAutoLaunch_C9F53FA431EBBDFE3A86E30C895D00E1] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [866584 2014-01-11] (Google Inc.)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [Browser Infrastructure Helper] - C:\Users\vaio\AppData\Local\Smartbar\Application\Muvic.exe [28192 2014-02-25] (Smartbar)
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\MountPoints2: {97f788f3-b1ae-11e2-8d3b-dc803913930c} - F:\windows\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.A10B02 PID_0083
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
AppInit_DLLs:  C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2013-11-04] ()
AppInit_DLLs:  C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL => C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetyldr.dll [23560 2014-02-05] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
AppInit_DLLs-x32:  C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] ()
AppInit_DLLs-x32:  C:\PROGRA~2\MOVIES~1\SAFETY~1\SAFETY~2.DLL => C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetyldr.dll [19976 2014-02-05] ()
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - .lnk
ShortcutTarget: Monitor Ink Alerts - .lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk
ShortcutTarget: Monitor Ink Alerts - HP Photosmart 5510 series (Network).lnk -> C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts App.lnk
ShortcutTarget: Severe Weather Alerts App.lnk -> C:\Users\vaio\AppData\Local\SevereWeatherAlerts\SevereWeatherAlertsApp.exe ()
Startup: C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Severe Weather Alerts.lnk
ShortcutTarget: Severe Weather Alerts.lnk -> C:\Users\vaio\AppData\Local\SevereWeatherAlerts\SevereWeatherAlerts.exe (Weather Notifications, LLC)
Startup: C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (No File)
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll [486408 2014-02-05] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll [658952 2014-02-05] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
ProxyServer:
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperba...0dxwF7gMawk9Raw,
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x3F2A2287A4A6CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?ilc=8
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?ilc=8
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmood...E&cr=1797656733
SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmood...E&cr=1797656733
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {B6CFFE22-3D74-4843-8410-CE6E0E7EC9D3}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
BHO: Plus-HD-9.5 - {11111111-1111-1111-1111-110511311166} - C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-bho64.dll (Plus HD)
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Quiknowledge - {323C6E6D-1621-470F-8A52-4FDEC4E75E40} - C:\Program Files\Quiknowledge\IE\QuiknowledgeClientIE.dll (Quiknowledge)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: Plus-HD-9.5 - {11111111-1111-1111-1111-110511311166} - C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-bho.dll (Plus HD)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Quiknowledge - {323C6E6D-1621-470F-8A52-4FDEC4E75E40} - C:\Program Files (x86)\Quiknowledge\IE\QuiknowledgeClientIE.dll (Quiknowledge)
BHO-x32: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Muvic - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Muvic - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
Chrome: 
=======
CHR HomePage: hxxp://feed.helperbar.com/?p=mKO_AwFzXIpYRbQlzfY2uPTYeQjAjEDkq4w6O7BEwWot70sldsFqghGWL_tj4X0NzmKDsdl0kYWUbZo30BI6T56F7In3Dm2h7_7R2fXkrxUC_8bzjWNws5wLWE0Lw9DT3CoDJdNcDBWwhJyywpiFT-lWIL6wq79aHGSYgmvIedvfj8a0dxwF7gMawk9Raw,,
CHR Extension: (Movies Toolbar) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic [2014-03-23]
CHR Extension: (Funmoods Chat) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh [2014-03-23]
CHR Extension: (Funmoods) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2014-02-06]
CHR Extension: (avast! Online Security) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-06]
CHR Extension: (Websteroids) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb [2014-03-23]
CHR Extension: (Skype Click to Call) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-23]
CHR Extension: (Google Wallet) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR Extension: (Plus-HD-9.5) - C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnkgiapbjhdboldbhkagdodklkphaip [2014-03-23]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\vaio\AppData\Local\funmoods.crx [2012-10-10]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\vaio\AppData\Local\funmoods-speeddial_sf.crx [2012-10-10]
CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\vaio\AppData\Local\funmoods.crx [2012-10-10]
CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\vaio\AppData\Local\funmoods-speeddial_sf.crx [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\vaio\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\vaio\AppData\Local\funmoods.crx [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\vaio\AppData\Local\funmoods-speeddial_sf.crx [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-15]
CHR HKLM-x32\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\Websteroids\Chrome\common.crx [2013-12-18]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-03-03]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-15] (AVAST Software)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1363584 2014-03-03] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1748608 2014-03-03] (Microsoft Corporation)
R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-14] (Parallel Lines Development, LLC)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [36384 2014-02-25] ()
R2 NewPlayerUpdaterService; C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-03-10] ()
R2 qksvc; C:\Program Files (x86)\Quiknowledge\Service\qksvc.exe [273000 2014-02-05] (Quiknowledge)
R2 SafetyNutManager2; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3449864 2014-02-05] (SafetyNut Inc.)
 
==================== Drivers (Whitelisted) ====================
 
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-15] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-15] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-15] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-15] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-15] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-15] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-15] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-15] ()
S3 HWHandSet; C:\Windows\System32\DRIVERS\hw_quusbmdm.sys [223232 2011-10-24] (Huawei Technologies Co., Ltd.)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2011-10-23] (Huawei Technologies Co., Ltd.)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [34304 2012-01-11] (ManyCam LLC)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [28160 2012-02-22] (ManyCam LLC)
R1 qknfd; C:\Windows\System32\drivers\qknfd.sys [58256 2014-02-05] (Quiknowledge)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-27 12:06 - 2014-03-27 12:06 - 04745728 _____ (AVAST Software) C:\Users\vaio\Downloads\aswmbr.exe
2014-03-27 12:05 - 2014-03-27 12:06 - 00023436 _____ () C:\Users\vaio\Desktop\FRST.txt
2014-03-27 12:05 - 2014-03-27 12:05 - 00000000 ____D () C:\FRST
2014-03-27 12:03 - 2014-03-27 12:03 - 02157056 _____ (Farbar) C:\Users\vaio\Desktop\FRST64.exe
2014-03-26 21:13 - 2014-03-26 21:14 - 00624128 _____ () C:\Users\vaio\Downloads\flashplayerpro-setup.exe
2014-03-26 19:50 - 2014-03-26 19:50 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Unity
2014-03-26 19:24 - 2014-03-26 19:24 - 00000000 ____D () C:\Users\vaio\AppData\Local\Unity
2014-03-26 19:23 - 2014-03-26 19:23 - 01070496 _____ (Unity Technologies ApS) C:\Users\vaio\Downloads\UnityWebPlayer (4).exe
2014-03-26 13:14 - 2014-03-26 13:14 - 00131714 _____ () C:\Users\vaio\Desktop\OTL.Txt
2014-03-26 10:21 - 2014-03-26 10:21 - 00602112 _____ (OldTimer Tools) C:\Users\vaio\Downloads\OTL (1).exe
2014-03-24 15:53 - 2014-03-24 15:53 - 00003412 _____ () C:\Windows\System32\Tasks\{FB9CB125-ACAF-4268-A0FC-1BFC3105CB1D}
2014-03-23 12:45 - 2014-03-23 12:45 - 00863144 _____ (Download Manager Cert ) C:\Users\vaio\Downloads\Setup (1).exe
2014-03-22 22:03 - 2014-03-22 22:05 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-03-22 22:00 - 2014-03-27 12:01 - 00000276 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-03-22 22:00 - 2014-03-27 10:00 - 00001506 _____ () C:\Windows\Tasks\Plus-HD-9.5-updater.job
2014-03-22 22:00 - 2014-03-27 10:00 - 00001468 _____ () C:\Windows\Tasks\Plus-HD-9.5-codedownloader.job
2014-03-22 22:00 - 2014-03-27 10:00 - 00001366 _____ () C:\Windows\Tasks\Plus-HD-9.5-enabler.job
2014-03-22 22:00 - 2014-03-22 22:00 - 00004536 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-updater
2014-03-22 22:00 - 2014-03-22 22:00 - 00004498 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-codedownloader
2014-03-22 22:00 - 2014-03-22 22:00 - 00004396 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-enabler
2014-03-22 22:00 - 2014-03-22 22:00 - 00003210 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-03-22 22:00 - 2014-03-22 22:00 - 00002498 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-03-22 22:00 - 2014-03-22 22:00 - 00001969 _____ () C:\Users\vaio\Desktop\Sync Folder.lnk
2014-03-22 22:00 - 2014-03-22 22:00 - 00001113 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\Tuguu_SL
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\Smartbar
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\newplayer
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\LPT
2014-03-22 21:59 - 2014-03-27 10:00 - 00002330 _____ () C:\Windows\Tasks\Plus-HD-9.5-firefoxinstaller.job
2014-03-22 21:59 - 2014-03-25 18:51 - 00000270 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-03-22 21:59 - 2014-03-22 21:59 - 00001087 _____ () C:\Users\vaio\Desktop\MyPC Backup.lnk
2014-03-22 21:59 - 2014-03-22 21:59 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-22 21:58 - 2014-03-27 09:58 - 00003090 _____ () C:\Windows\Tasks\Plus-HD-9.5-chromeinstaller.job
2014-03-22 21:58 - 2014-03-22 22:00 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.5
2014-03-22 21:58 - 2014-03-22 22:00 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-03-22 21:58 - 2014-03-22 21:58 - 00001165 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-03-22 21:58 - 2014-03-22 21:58 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Uniblue
2014-03-22 21:58 - 2014-03-22 21:58 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-03-22 21:57 - 2014-03-26 11:12 - 00000000 ____D () C:\Users\vaio\AppData\Local\SevereWeatherAlerts
2014-03-22 21:57 - 2014-03-22 21:58 - 00000000 ____D () C:\Users\vaio\AppData\Local\Weather_Notifications,_LL
2014-03-22 21:57 - 2014-03-22 21:57 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts
2014-03-22 21:55 - 2014-03-22 21:55 - 00517104 _____ () C:\Users\vaio\Downloads\Setup.exe
2014-03-14 12:44 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 12:44 - 2014-03-01 01:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 12:44 - 2014-03-01 01:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-14 12:44 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 12:44 - 2014-03-01 00:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-14 12:44 - 2014-03-01 00:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-14 12:44 - 2014-03-01 00:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 12:44 - 2014-03-01 00:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-14 12:44 - 2014-03-01 00:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-14 12:44 - 2014-03-01 00:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 12:44 - 2014-03-01 00:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-14 12:44 - 2014-03-01 00:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-14 12:44 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-14 12:44 - 2014-03-01 00:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-14 12:44 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-14 12:44 - 2014-03-01 00:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-14 12:44 - 2014-03-01 00:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-14 12:44 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 12:44 - 2014-02-28 23:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-14 12:44 - 2014-02-28 23:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-14 12:44 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-14 12:44 - 2014-02-28 23:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-14 12:44 - 2014-02-28 23:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-14 12:44 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 12:44 - 2014-02-28 23:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-14 12:44 - 2014-02-28 23:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-14 12:44 - 2014-02-28 23:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-14 12:44 - 2014-02-28 23:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 12:44 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 12:44 - 2014-02-28 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-14 12:44 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-14 12:44 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 12:44 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-14 12:44 - 2014-02-28 23:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-14 12:44 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-14 12:44 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 12:44 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-14 12:44 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-14 12:44 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-14 12:44 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-14 12:44 - 2014-02-06 21:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-14 12:44 - 2014-01-28 22:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-14 12:44 - 2014-01-28 22:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-14 12:44 - 2014-01-27 22:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-14 12:42 - 2014-02-03 22:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-14 12:42 - 2014-02-03 22:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-14 12:42 - 2014-02-03 22:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-14 12:42 - 2014-02-03 22:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-14 12:27 - 2014-03-16 02:54 - 00000876 _____ () C:\Users\vaio\AppData\Roaming\com.zoosk.Desktop_state.xml
2014-03-11 00:04 - 2014-03-11 00:11 - 72511233 _____ () C:\Users\vaio\Downloads\BB_2-(DatPiff.com) (1).zip
2014-03-08 15:52 - 2014-03-08 15:53 - 07886336 _____ () C:\Users\vaio\Downloads\setup (3).msi
2014-03-08 15:52 - 2014-03-08 15:52 - 00221480 _____ (Premium Installer ) C:\Users\vaio\Downloads\Flash_Player_Pro_Setup.exe
2014-03-08 15:08 - 2014-03-08 15:10 - 07886336 _____ () C:\Users\vaio\Downloads\setup (2).msi
2014-03-08 01:13 - 2014-03-08 01:14 - 07886336 _____ () C:\Users\vaio\Downloads\setup (1).msi
2014-03-07 23:49 - 2014-03-07 23:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-03-07 23:48 - 2014-03-07 23:49 - 00000492 _____ () C:\NSI_DriverInstall.log
2014-03-07 23:48 - 2014-03-07 23:49 - 00000000 ____D () C:\Program Files (x86)\Handset WinDriver
2014-03-07 23:48 - 2011-10-24 00:04 - 00223232 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_quusbmdm.sys
2014-03-07 23:48 - 2011-10-23 23:51 - 00116864 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\hw_usbdev.sys
2014-03-07 23:48 - 2010-02-18 19:00 - 01533512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFUpdate_01007.dll
2014-03-07 23:48 - 2010-02-18 19:00 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2014-03-07 23:48 - 2010-02-18 19:00 - 01490656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfCoInstaller01007.dll
2014-03-07 23:48 - 2010-02-18 19:00 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2014-03-07 23:48 - 2010-02-18 19:00 - 00708168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WinUSBCoInstaller.dll
2014-03-07 23:46 - 2014-03-07 23:47 - 07886336 _____ () C:\Users\vaio\Downloads\setup.msi
2014-03-07 23:44 - 2012-12-26 14:16 - 268435456 _____ () C:\Users\vaio\Desktop\Pokemon Black.nds
2014-03-07 23:28 - 2014-03-07 23:28 - 00000000 ____D () C:\Program Files\Quiknowledge
2014-03-07 23:28 - 2014-03-07 23:28 - 00000000 ____D () C:\Program Files (x86)\Quiknowledge
2014-03-07 23:26 - 2014-03-07 23:43 - 109068563 _____ () C:\Users\vaio\Downloads\Pokemon Black.zip
2014-03-07 23:25 - 2014-03-07 23:25 - 00606136 _____ ( ) C:\Users\vaio\Downloads\CR_Downloader_for_pokemon-black.exe
2014-03-03 20:50 - 2014-03-03 20:50 - 00013929 _____ () C:\Users\vaio\Downloads\[kickass.to]adobe.photoshop.cc.14.1.2.final.repack.updated.12.12.13.torrent
2014-03-03 20:46 - 2014-03-03 20:46 - 00017135 _____ () C:\Users\vaio\Downloads\[kickass.to]photoshop.cc.essential.skills.a.begginers.guide.to.master.image.editing.techniques.and.achieve.professional.level.results.torrent
2014-03-03 20:17 - 2014-03-03 20:17 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\WinRAR
2014-03-03 20:14 - 2014-03-03 20:14 - 01977432 _____ () C:\Users\vaio\Downloads\winrar-x64-501.exe
2014-03-03 20:14 - 2014-03-03 20:14 - 01769680 _____ () C:\Users\vaio\Downloads\wrar501.exe
2014-03-03 20:14 - 2014-03-03 20:14 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-03 20:14 - 2014-03-03 20:14 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-03-03 20:13 - 2014-03-03 20:13 - 00930952 _____ (CNET Download.com) C:\Users\vaio\Downloads\cbsidlm-cbsi183-Free_RAR_Extractor-ORG-76084614.exe
2014-03-03 19:39 - 2014-03-03 19:39 - 01852496 _____ (BitTorrent Inc.) C:\Users\vaio\Downloads\uTorrent (2).exe
2014-03-03 19:31 - 2014-03-03 19:31 - 01852496 _____ (BitTorrent Inc.) C:\Users\vaio\Downloads\uTorrent (1).exe
2014-03-01 22:14 - 2014-03-01 22:15 - 00000000 ____D () C:\Windows\08BFB9128D714E299A8018BFB385F19B.TMP
2014-03-01 20:06 - 2014-03-01 20:06 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2014-03-01 20:06 - 2014-03-01 20:06 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-01 20:06 - 2014-03-01 20:06 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-02-28 21:51 - 2014-02-28 21:51 - 00274288 _____ () C:\Windows\Minidump\022814-20919-01.dmp
2014-02-25 09:37 - 2014-02-25 09:37 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-25 09:36 - 2014-03-01 20:06 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-02-25 09:33 - 2014-02-25 09:33 - 01069920 _____ (Solid State Networks) C:\Users\vaio\Downloads\install_reader11_en_chra_aaa_aih.exe
 
==================== One Month Modified Files and Folders =======
 
2014-03-27 12:06 - 2014-03-27 12:06 - 04745728 _____ (AVAST Software) C:\Users\vaio\Downloads\aswmbr.exe
2014-03-27 12:06 - 2014-03-27 12:05 - 00023436 _____ () C:\Users\vaio\Desktop\FRST.txt
2014-03-27 12:05 - 2014-03-27 12:05 - 00000000 ____D () C:\FRST
2014-03-27 12:03 - 2014-03-27 12:03 - 02157056 _____ (Farbar) C:\Users\vaio\Desktop\FRST64.exe
2014-03-27 12:01 - 2014-03-22 22:00 - 00000276 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-03-27 11:55 - 2012-11-13 22:41 - 00000336 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-03-27 11:55 - 2012-06-05 23:33 - 01962205 _____ () C:\Windows\WindowsUpdate.log
2014-03-27 11:52 - 2012-10-10 01:11 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-27 11:52 - 2012-06-11 02:39 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-165920356-1716568962-1869577169-1000UA.job
2014-03-27 10:27 - 2014-01-31 10:58 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job
2014-03-27 10:10 - 2013-11-29 20:47 - 00000342 _____ () C:\Windows\Tasks\bench-sys.job
2014-03-27 10:00 - 2014-03-22 22:00 - 00001506 _____ () C:\Windows\Tasks\Plus-HD-9.5-updater.job
2014-03-27 10:00 - 2014-03-22 22:00 - 00001468 _____ () C:\Windows\Tasks\Plus-HD-9.5-codedownloader.job
2014-03-27 10:00 - 2014-03-22 22:00 - 00001366 _____ () C:\Windows\Tasks\Plus-HD-9.5-enabler.job
2014-03-27 10:00 - 2014-03-22 21:59 - 00002330 _____ () C:\Windows\Tasks\Plus-HD-9.5-firefoxinstaller.job
2014-03-27 09:58 - 2014-03-22 21:58 - 00003090 _____ () C:\Windows\Tasks\Plus-HD-9.5-chromeinstaller.job
2014-03-27 09:24 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-27 09:24 - 2009-07-14 00:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-27 08:58 - 2014-02-05 16:11 - 00000000 ____D () C:\ProgramData\SafetyNut
2014-03-27 08:57 - 2012-10-10 01:11 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-26 21:14 - 2014-03-26 21:13 - 00624128 _____ () C:\Users\vaio\Downloads\flashplayerpro-setup.exe
2014-03-26 20:47 - 2012-06-11 02:39 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-165920356-1716568962-1869577169-1000Core.job
2014-03-26 19:50 - 2014-03-26 19:50 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Unity
2014-03-26 19:24 - 2014-03-26 19:24 - 00000000 ____D () C:\Users\vaio\AppData\Local\Unity
2014-03-26 19:23 - 2014-03-26 19:23 - 01070496 _____ (Unity Technologies ApS) C:\Users\vaio\Downloads\UnityWebPlayer (4).exe
2014-03-26 15:53 - 2013-12-11 22:25 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\vlc
2014-03-26 15:52 - 2013-12-24 05:19 - 00040448 ___SH () C:\Users\vaio\Documents\Thumbs.db
2014-03-26 13:14 - 2014-03-26 13:14 - 00131714 _____ () C:\Users\vaio\Desktop\OTL.Txt
2014-03-26 13:01 - 2013-11-15 11:44 - 00131714 _____ () C:\Users\vaio\Downloads\OTL.Txt
2014-03-26 11:12 - 2014-03-22 21:57 - 00000000 ____D () C:\Users\vaio\AppData\Local\SevereWeatherAlerts
2014-03-26 10:21 - 2014-03-26 10:21 - 00602112 _____ (OldTimer Tools) C:\Users\vaio\Downloads\OTL (1).exe
2014-03-25 18:51 - 2014-03-22 21:59 - 00000270 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-03-25 18:42 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-25 18:42 - 2009-07-14 00:51 - 00060212 _____ () C:\Windows\setupact.log
2014-03-25 18:01 - 2013-11-15 07:42 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-25 18:00 - 2010-11-20 23:47 - 00180948 _____ () C:\Windows\PFRO.log
2014-03-25 17:59 - 2013-11-29 20:47 - 00000000 ____D () C:\Program Files (x86)\Bench
2014-03-24 20:30 - 2009-07-14 01:13 - 00782510 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-24 17:12 - 2013-12-11 16:41 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-24 16:01 - 2013-12-31 11:19 - 00000000 ____D () C:\Users\vaio\AppData\Local\WebPlayer
2014-03-24 15:53 - 2014-03-24 15:53 - 00003412 _____ () C:\Windows\System32\Tasks\{FB9CB125-ACAF-4268-A0FC-1BFC3105CB1D}
2014-03-24 15:51 - 2013-12-20 20:51 - 00000396 __RSH () C:\ProgramData\ntuser.pol
2014-03-23 12:45 - 2014-03-23 12:45 - 00863144 _____ (Download Manager Cert ) C:\Users\vaio\Downloads\Setup (1).exe
2014-03-22 22:05 - 2014-03-22 22:03 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-03-22 22:00 - 2014-03-22 22:00 - 00004536 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-updater
2014-03-22 22:00 - 2014-03-22 22:00 - 00004498 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-codedownloader
2014-03-22 22:00 - 2014-03-22 22:00 - 00004396 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-enabler
2014-03-22 22:00 - 2014-03-22 22:00 - 00003210 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-03-22 22:00 - 2014-03-22 22:00 - 00002498 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-03-22 22:00 - 2014-03-22 22:00 - 00001969 _____ () C:\Users\vaio\Desktop\Sync Folder.lnk
2014-03-22 22:00 - 2014-03-22 22:00 - 00001113 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\Tuguu_SL
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\Smartbar
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\newplayer
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\LPT
2014-03-22 22:00 - 2014-03-22 21:58 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.5
2014-03-22 22:00 - 2014-03-22 21:58 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-03-22 22:00 - 2013-08-02 19:41 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-03-22 21:59 - 2014-03-22 21:59 - 00001087 _____ () C:\Users\vaio\Desktop\MyPC Backup.lnk
2014-03-22 21:59 - 2014-03-22 21:59 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-22 21:59 - 2012-06-05 23:38 - 00000000 ___RD () C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-22 21:58 - 2014-03-22 21:58 - 00001165 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-03-22 21:58 - 2014-03-22 21:58 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Uniblue
2014-03-22 21:58 - 2014-03-22 21:58 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-03-22 21:58 - 2014-03-22 21:57 - 00000000 ____D () C:\Users\vaio\AppData\Local\Weather_Notifications,_LL
2014-03-22 21:57 - 2014-03-22 21:57 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Severe Weather Alerts
2014-03-22 21:57 - 2013-11-29 20:47 - 00003238 _____ () C:\Windows\System32\Tasks\bench-sys
2014-03-22 21:56 - 2013-03-04 18:52 - 00000000 _____ () C:\END
2014-03-22 21:55 - 2014-03-22 21:55 - 00517104 _____ () C:\Users\vaio\Downloads\Setup.exe
2014-03-22 14:29 - 2013-08-14 19:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-22 14:23 - 2012-06-05 21:26 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-16 03:21 - 2013-11-15 08:30 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-03-16 03:19 - 2013-11-15 23:37 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\uTorrent
2014-03-16 02:54 - 2014-03-14 12:27 - 00000876 _____ () C:\Users\vaio\AppData\Roaming\com.zoosk.Desktop_state.xml
2014-03-15 03:22 - 2009-07-14 00:45 - 00413312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 03:02 - 2012-06-05 20:44 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-14 12:29 - 2012-09-18 20:13 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-11 05:27 - 2013-11-29 20:49 - 00829264 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100.dll
2014-03-11 05:27 - 2013-11-29 20:49 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2014-03-11 00:11 - 2014-03-11 00:04 - 72511233 _____ () C:\Users\vaio\Downloads\BB_2-(DatPiff.com) (1).zip
2014-03-10 18:13 - 2012-09-18 20:13 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Skype
2014-03-08 15:53 - 2014-03-08 15:52 - 07886336 _____ () C:\Users\vaio\Downloads\setup (3).msi
2014-03-08 15:52 - 2014-03-08 15:52 - 00221480 _____ (Premium Installer ) C:\Users\vaio\Downloads\Flash_Player_Pro_Setup.exe
2014-03-08 15:10 - 2014-03-08 15:08 - 07886336 _____ () C:\Users\vaio\Downloads\setup (2).msi
2014-03-08 01:14 - 2014-03-08 01:13 - 07886336 _____ () C:\Users\vaio\Downloads\setup (1).msi
2014-03-07 23:49 - 2014-03-07 23:49 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-03-07 23:49 - 2014-03-07 23:48 - 00000492 _____ () C:\NSI_DriverInstall.log
2014-03-07 23:49 - 2014-03-07 23:48 - 00000000 ____D () C:\Program Files (x86)\Handset WinDriver
2014-03-07 23:47 - 2014-03-07 23:46 - 07886336 _____ () C:\Users\vaio\Downloads\setup.msi
2014-03-07 23:43 - 2014-03-07 23:26 - 109068563 _____ () C:\Users\vaio\Downloads\Pokemon Black.zip
2014-03-07 23:28 - 2014-03-07 23:28 - 00000000 ____D () C:\Program Files\Quiknowledge
2014-03-07 23:28 - 2014-03-07 23:28 - 00000000 ____D () C:\Program Files (x86)\Quiknowledge
2014-03-07 23:25 - 2014-03-07 23:25 - 00606136 _____ ( ) C:\Users\vaio\Downloads\CR_Downloader_for_pokemon-black.exe
2014-03-06 19:55 - 2012-09-18 20:13 - 00000000 ____D () C:\ProgramData\Skype
2014-03-05 04:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-03 20:50 - 2014-03-03 20:50 - 00013929 _____ () C:\Users\vaio\Downloads\[kickass.to]adobe.photoshop.cc.14.1.2.final.repack.updated.12.12.13.torrent
2014-03-03 20:46 - 2014-03-03 20:46 - 00017135 _____ () C:\Users\vaio\Downloads\[kickass.to]photoshop.cc.essential.skills.a.begginers.guide.to.master.image.editing.techniques.and.achieve.professional.level.results.torrent
2014-03-03 20:17 - 2014-03-03 20:17 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\WinRAR
2014-03-03 20:14 - 2014-03-03 20:14 - 01977432 _____ () C:\Users\vaio\Downloads\winrar-x64-501.exe
2014-03-03 20:14 - 2014-03-03 20:14 - 01769680 _____ () C:\Users\vaio\Downloads\wrar501.exe
2014-03-03 20:14 - 2014-03-03 20:14 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-03-03 20:14 - 2014-03-03 20:14 - 00000000 ____D () C:\Program Files (x86)\WinRAR
2014-03-03 20:13 - 2014-03-03 20:13 - 00930952 _____ (CNET Download.com) C:\Users\vaio\Downloads\cbsidlm-cbsi183-Free_RAR_Extractor-ORG-76084614.exe
2014-03-03 19:39 - 2014-03-03 19:39 - 01852496 _____ (BitTorrent Inc.) C:\Users\vaio\Downloads\uTorrent (2).exe
2014-03-03 19:31 - 2014-03-03 19:31 - 01852496 _____ (BitTorrent Inc.) C:\Users\vaio\Downloads\uTorrent (1).exe
2014-03-01 22:17 - 2014-01-21 20:06 - 00000000 ____D () C:\Users\Public\Documents\LeapFrog
2014-03-01 22:15 - 2014-03-01 22:14 - 00000000 ____D () C:\Windows\08BFB9128D714E299A8018BFB385F19B.TMP
2014-03-01 22:14 - 2014-01-21 20:04 - 00010322 _____ () C:\Windows\DPINST.LOG
2014-03-01 20:06 - 2014-03-01 20:06 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\com.zoosk.Desktop.096E6A67431258A508A2446A847B240591D2C99B.1
2014-03-01 20:06 - 2014-03-01 20:06 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-03-01 20:06 - 2014-03-01 20:06 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-03-01 20:06 - 2014-02-25 09:36 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-03-01 20:06 - 2012-10-10 01:06 - 00000000 ____D () C:\ProgramData\Adobe
2014-03-01 20:05 - 2012-10-11 17:46 - 00000000 ____D () C:\Users\vaio\AppData\Local\Adobe
2014-03-01 20:05 - 2012-06-08 15:34 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Adobe
2014-03-01 02:05 - 2014-03-14 12:44 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 01:17 - 2014-03-14 12:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 01:16 - 2014-03-14 12:44 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 00:58 - 2014-03-14 12:44 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:52 - 2014-03-14 12:44 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 00:51 - 2014-03-14 12:44 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 00:42 - 2014-03-14 12:44 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 00:40 - 2014-03-14 12:44 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 00:37 - 2014-03-14 12:44 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 00:33 - 2014-03-14 12:44 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 00:33 - 2014-03-14 12:44 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 00:32 - 2014-03-14 12:44 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 00:30 - 2014-03-14 12:44 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:23 - 2014-03-14 12:44 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 00:17 - 2014-03-14 12:44 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 00:11 - 2014-03-14 12:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 00:02 - 2014-03-14 12:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-28 23:54 - 2014-03-14 12:44 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:52 - 2014-03-14 12:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-28 23:51 - 2014-03-14 12:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-28 23:47 - 2014-03-14 12:44 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:43 - 2014-03-14 12:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-28 23:43 - 2014-03-14 12:44 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-28 23:42 - 2014-03-14 12:44 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:40 - 2014-03-14 12:44 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-28 23:38 - 2014-03-14 12:44 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-28 23:37 - 2014-03-14 12:44 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-28 23:35 - 2014-03-14 12:44 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-28 23:18 - 2014-03-14 12:44 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:16 - 2014-03-14 12:44 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-28 23:14 - 2014-03-14 12:44 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-14 12:44 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-14 12:44 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 23:00 - 2014-03-14 12:44 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-28 22:57 - 2014-03-14 12:44 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-14 12:44 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-14 12:44 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-14 12:44 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-14 12:44 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-14 12:44 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-28 21:51 - 2014-02-28 21:51 - 00274288 _____ () C:\Windows\Minidump\022814-20919-01.dmp
2014-02-28 21:51 - 2012-11-24 14:40 - 398356460 _____ () C:\Windows\MEMORY.DMP
2014-02-28 21:51 - 2012-11-24 14:40 - 00000000 ____D () C:\Windows\Minidump
2014-02-28 07:17 - 2013-01-20 22:47 - 00775124 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-27 18:48 - 2013-11-30 20:53 - 00000000 ____D () C:\Program Files\ScorpionSaver Services
2014-02-25 09:37 - 2014-02-25 09:37 - 00002019 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-02-25 09:33 - 2014-02-25 09:33 - 01069920 _____ (Solid State Networks) C:\Users\vaio\Downloads\install_reader11_en_chra_aaa_aih.exe
 
Some content of TEMP:
====================
C:\Users\vaio\AppData\Local\Temp\27050uninstall.exe
C:\Users\vaio\AppData\Local\Temp\7za.exe
C:\Users\vaio\AppData\Local\Temp\BackupSetup.exe
C:\Users\vaio\AppData\Local\Temp\bi_cleaner.exe
C:\Users\vaio\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\vaio\AppData\Local\Temp\Delta.exe
C:\Users\vaio\AppData\Local\Temp\DeltaTB.exe
C:\Users\vaio\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\vaio\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe
C:\Users\vaio\AppData\Local\Temp\mgsqlite3.dll
C:\Users\vaio\AppData\Local\Temp\MoviesToolbarSetup_Somoto.exe
C:\Users\vaio\AppData\Local\Temp\MybabylonTB.exe
C:\Users\vaio\AppData\Local\Temp\nsb218B.exe
C:\Users\vaio\AppData\Local\Temp\nsg9BD5.exe
C:\Users\vaio\AppData\Local\Temp\nsgBB3A.exe
C:\Users\vaio\AppData\Local\Temp\nshFB56.exe
C:\Users\vaio\AppData\Local\Temp\nslF54A.exe
C:\Users\vaio\AppData\Local\Temp\nsmEEA8.exe
C:\Users\vaio\AppData\Local\Temp\nsq50AF.exe
C:\Users\vaio\AppData\Local\Temp\nsq8DE0.exe
C:\Users\vaio\AppData\Local\Temp\nsr592B.exe
C:\Users\vaio\AppData\Local\Temp\nsr6730.exe
C:\Users\vaio\AppData\Local\Temp\nssEF8F.exe
C:\Users\vaio\AppData\Local\Temp\setup{03BC6369-231A-435E-8631-EAE9BC692E8F}.exe
C:\Users\vaio\AppData\Local\Temp\setup{068A3648-EEE9-42D1-997F-86DD5F8077AF}.exe
C:\Users\vaio\AppData\Local\Temp\setup{089487A6-68B1-4EC5-A8CE-71F610F2FAEE}.exe
C:\Users\vaio\AppData\Local\Temp\setup{0D3D3734-3B5A-423A-8792-FB03A7A3640E}.exe
C:\Users\vaio\AppData\Local\Temp\setup{22E73E62-7579-40E3-9081-3844E5FEC921}.exe
C:\Users\vaio\AppData\Local\Temp\setup{3A2C04FB-7E84-4EF2-9C4A-C97EB8B00A8C}.exe
C:\Users\vaio\AppData\Local\Temp\setup{3A9181FA-9643-4A09-9F13-642421B2D992}.exe
C:\Users\vaio\AppData\Local\Temp\setup{3C80BBE3-D266-4D5B-A7E0-7FAAF08FD41A}.exe
C:\Users\vaio\AppData\Local\Temp\setup{4A0C0FB0-592A-4B1D-98F1-44FE5B8A94FA}.exe
C:\Users\vaio\AppData\Local\Temp\setup{4D976E54-9B5E-43D4-B177-FC555F287E63}.exe
C:\Users\vaio\AppData\Local\Temp\setup{4DBC2428-2F68-48B2-AC2E-F19ED361F81B}.exe
C:\Users\vaio\AppData\Local\Temp\setup{534A2CD4-8FC4-4826-B336-6C8672F482B4}.exe
C:\Users\vaio\AppData\Local\Temp\setup{704C2BB5-AE2D-45F3-9B23-7EA4EA2ADBFA}.exe
C:\Users\vaio\AppData\Local\Temp\setup{738B9B40-7C43-40FE-B4C4-A992B1868CAE}.exe
C:\Users\vaio\AppData\Local\Temp\setup{79F1CEDF-5A84-4C82-8ED4-1B4AE5C114B3}.exe
C:\Users\vaio\AppData\Local\Temp\setup{7E077AE3-DA05-4B14-98F4-8D13A487A068}.exe
C:\Users\vaio\AppData\Local\Temp\setup{7E565774-1C67-4FF9-A987-8ABC80DAF63C}.exe
C:\Users\vaio\AppData\Local\Temp\setup{82D4C6E0-7730-46F3-A2B3-45FFF392ADED}.exe
C:\Users\vaio\AppData\Local\Temp\setup{8ECF011C-24AA-47F8-9663-B1C4FED21F83}.exe
C:\Users\vaio\AppData\Local\Temp\setup{95F1BC45-68C8-4A58-91E1-BEC108EF8244}.exe
C:\Users\vaio\AppData\Local\Temp\setup{9AD42158-5631-4122-A16F-3A8B3E5101ED}.exe
C:\Users\vaio\AppData\Local\Temp\setup{A1341E1F-5384-4FA2-8646-ED376E4CC3FA}.exe
C:\Users\vaio\AppData\Local\Temp\setup{A7333E0E-3803-4A4A-A052-649678648DDE}.exe
C:\Users\vaio\AppData\Local\Temp\setup{B257454F-3442-4350-AD8E-F90F8AEE79CB}.exe
C:\Users\vaio\AppData\Local\Temp\setup{BAD52C9C-38E5-4CCD-A330-9328F160BCAD}.exe
C:\Users\vaio\AppData\Local\Temp\setup{BC850627-C346-45D8-BA89-B1E9A1049AA4}.exe
C:\Users\vaio\AppData\Local\Temp\setup{D820EBEA-CC6E-4FED-A6E7-BE41C288C09C}.exe
C:\Users\vaio\AppData\Local\Temp\setup{D95A2C03-686C-4876-A12C-3DE20EF75A2B}.exe
C:\Users\vaio\AppData\Local\Temp\setup{E76B0823-CD93-4148-8C61-37824DE20289}.exe
C:\Users\vaio\AppData\Local\Temp\setup{EC52A0A0-2096-4144-8055-299C3AE9717D}.exe
C:\Users\vaio\AppData\Local\Temp\setup{EF1B3693-46DB-46B8-B730-50ABC70AA7A9}.exe
C:\Users\vaio\AppData\Local\Temp\setup{F1E52789-BDB7-4072-8E60-DC8E6503F655}.exe
C:\Users\vaio\AppData\Local\Temp\setup{FB242B9F-3D57-44EA-B255-0D5A54651EB1}.exe
C:\Users\vaio\AppData\Local\Temp\setup{FCAB1D5F-88CE-490D-8EEB-494C66D7447A}.exe
C:\Users\vaio\AppData\Local\Temp\Shortcut_bundlesweetimsetup.exe
C:\Users\vaio\AppData\Local\Temp\SpOrder.dll
C:\Users\vaio\AppData\Local\Temp\SPStub.exe
C:\Users\vaio\AppData\Local\Temp\tbapp0.dll
C:\Users\vaio\AppData\Local\Temp\tbappm.dll
C:\Users\vaio\AppData\Local\Temp\ToolbarHelper.exe
C:\Users\vaio\AppData\Local\Temp\uninst1.exe
C:\Users\vaio\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\vaio\AppData\Local\Temp\vcredist_x64.exe
C:\Users\vaio\AppData\Local\Temp\WSSetup.exe
C:\Users\vaio\AppData\Local\Temp\YontooIEClient.dll
C:\Users\vaio\AppData\Local\Temp\YontooSetup-Silent.exe
C:\Users\vaio\AppData\Local\Temp\_9EC7.exe
C:\Users\vaio\AppData\Local\Temp\?odec Performer803975.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-03-22 15:08
 
==================== End Of Log ============================
 
 
 
The addition log:
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by vaio at 2014-03-27 12:09:14
Running from C:\Users\vaio\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Angry Birds (HKLM-x32\...\{7CBE9636-B985-4ACB-9CC7-D7E79FDADEA8}) (Version: 2.3.0 - Rovio)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2008 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version:  - ) <==== ATTENTION
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 32.0.1700.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Handset WinDriver 1.02.02.00 (HKLM-x32\...\Handset WinDriver) (Version: 1.02.02.00 - Huawei technologies Co., Ltd.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12412 - HP Photo Creations)
HP Photosmart 5510 series Basic Device Software (HKLM\...\{424E8E17-A7B7-45B5-8C79-D58F04D9D920}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Photosmart 5510 series Help (HKLM-x32\...\{E02964EA-0E1B-4620-A26E-CBAB0341B1BB}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photosmart 5510 series Product Improvement Study (HKLM\...\{1AE1848C-D592-4222-8048-AEE1694D2959}) (Version: 25.0.621.0 - Hewlett-Packard Co.)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
InstallConverter (HKLM-x32\...\InstallConverter) (Version: 1.0 - InstallConverter)
Internet Updater (HKLM-x32\...\InternetUpdater) (Version: 2.6.57 - Parallel Lines Development, LLC) <==== ATTENTION
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Junk Mail filter update (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
LeapFrog Connect (HKLM-x32\...\UPCShell) (Version: 5.3.0.18537 - LeapFrog)
LeapFrog Connect (x32 Version: 5.3.0.18537 - LeapFrog) Hidden
LeapFrog LeapPad Explorer Plugin (x32 Version: 5.2.1.18456 - LeapFrog) Hidden
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
ManyCam 3.0.68 (remove only) (HKLM-x32\...\ManyCam) (Version: 3.0.68 - ManyCam LLC)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Muvic Smartbar (HKLM-x32\...\{AA236AFD-B26E-4BC7-9A13-76BD5F9887AC}) (Version: 10.211.58.15493 - PinWid Ltd.) <==== ATTENTION
Muvic Smartbar Engine (HKCU\...\{d627e63d-483d-4c53-a196-90b8ac6b4b6f}) (Version: 10.211.58.15493 - PinWid Ltd.) <==== ATTENTION
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - JDi Backup Ltd) <==== ATTENTION
NewPlayer (HKLM-x32\...\NewPlayer) (Version: v2.1.1.2 - TUGUU SL) <==== ATTENTION
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
PDF Reader for Windows 7 (HKLM-x32\...\PDF Reader for Windows_is1) (Version:  - PDFLogic Corporation)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Plus-HD-9.5 (HKLM-x32\...\Plus-HD-9.5) (Version: 1.34.3.17 - Plus HD) <==== ATTENTION
Quiknowledge (HKLM-x32\...\Quiknowledge) (Version: 1.9.0.1 - Quiknowledge) <==== ATTENTION
ScorpionSaver (HKLM-x32\...\{9B65F9A3-9D24-452A-B6EF-1457D65E4259}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTION
ScorpionSaver Services (HKLM\...\{6E810AB6-F34E-49A3-A93F-9E503660F718}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.9.40.12 - Conduit) <==== ATTENTION
Search Protection (HKCU\...\Search Protection) (Version: 7.5.0.1 - Spigot, Inc.)
Severe Weather Alerts (HKCU\...\Severe Weather Alerts) (Version: 1.23.0.0 - Weather Notifications, LLC)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.1.15383.6004 - Microsoft Corporation)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.3.0 - Uniblue Systems Limited)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Updater (HKLM-x32\...\{D54E3D9F-FEB8-4D2D-A138-B69A5C80080B}) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM-x32\...\LeapPadExplorerPlugin) (Version:  - LeapFrog)
VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN)
Websteroids (HKLM-x32\...\Websteroids) (Version: 2.6.53 - Creative Island Media, LLC) <==== ATTENTION
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinRAR 5.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 17.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DA}) (Version: 17.5.10480 - WinZip Computing, S.L. )
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
 
==================== Restore Points  =========================
 
04-03-2014 12:25:30 Windows Update
07-03-2014 22:54:38 Windows Update
14-03-2014 16:33:44 Windows Update
15-03-2014 07:00:32 Windows Update
16-03-2014 06:53:05 Removed Zoosk Messenger
16-03-2014 07:20:15 Removed Facebook Video Calling 2.0.0.447
20-03-2014 02:17:19 Windows Update
22-03-2014 18:22:01 Windows Update
23-03-2014 01:57:46 Uniblue SpeedUpMyPC installation
25-03-2014 22:50:43 Windows Update
 
==================== Hosts content: ==========================
 
2009-07-13 22:34 - 2014-03-24 15:51 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {003C672E-1479-4C6F-A725-E562F83DD2D3} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2012-11-13] ()
Task: {03C3459E-2EB2-4D1B-9DA0-4F1C0EE5584D} - System32\Tasks\Plus-HD-9.5-chromeinstaller => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-chromeinstaller.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {2EA11436-058D-446C-A7A3-69F5F5F96ED6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {33B0786C-FF93-4409-B0F0-9B08E4F94D32} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-10] (Uniblue Systems Limited)
Task: {55A7EDCA-8D58-4E7E-BFE4-D8A939625B38} - System32\Tasks\Plus-HD-9.5-firefoxinstaller => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-firefoxinstaller.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {6325F827-0684-4AC2-ABE3-36C5D5801C24} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-165920356-1716568962-1869577169-1000UA => C:\Users\vaio\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: {6E9CD9CC-5393-45B6-A12F-33385FF9E404} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\Updater.exe [2013-10-25] () <==== ATTENTION
Task: {724C6FB0-78CB-4606-AECE-179145FAAF01} - System32\Tasks\Plus-HD-9.5-enabler => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-enabler.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {72A4DA9F-3F8E-461A-AA4D-CB6F87B9CCAA} - System32\Tasks\Plus-HD-9.5-updater => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-updater.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {78B2EC86-0563-43C9-8438-0960B599056C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {84D85EB9-C5C0-4928-A3A3-74BB701A5C17} - System32\Tasks\bench-Updater removing
Task: {A1532758-753C-483A-AFA2-5056B1BE01C0} - System32\Tasks\HPCustParticipation HP Photosmart 5510 series => C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe [2011-09-16] (Hewlett-Packard Co.)
Task: {A356EF35-7546-47A8-A428-F7862D5ADA8F} - System32\Tasks\Plus-HD-9.5-codedownloader => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-codedownloader.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {C3836FAF-2669-4763-AD9D-82EF27F5D608} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-10] (Uniblue Systems Limited)
Task: {C543B5FE-60DB-451A-B76B-5380B1605E6D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {F2AACF2E-3DF0-45C2-8AAB-0497BBCE00CC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-11-15] (AVAST Software)
Task: {FAEEB057-26B5-4614-8355-FAF536E22EE2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-165920356-1716568962-1869577169-1000Core => C:\Users\vaio\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13] (Facebook Inc.)
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-Updater removing.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-165920356-1716568962-1869577169-1000Core.job => C:\Users\vaio\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-165920356-1716568962-1869577169-1000UA.job => C:\Users\vaio\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\Plus-HD-9.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5-enabler.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5-updater.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-12-31 11:20 - 2014-02-05 14:13 - 00658952 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00036384 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-03-10 10:39 - 2014-03-10 10:39 - 00011776 _____ () C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
2014-02-25 11:54 - 2014-02-25 11:54 - 00023072 _____ () C:\Users\vaio\AppData\Local\LPT\srptm.exe
2014-03-24 17:12 - 2014-03-19 06:00 - 01380704 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\opera_crashreporter.exe
2013-12-31 11:20 - 2014-02-05 14:13 - 00486408 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll
2014-03-26 14:15 - 2014-03-26 13:36 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14032602\algo.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00072224 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00023072 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-02-25 11:53 - 2014-02-25 11:53 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2013-12-31 11:20 - 2014-02-05 14:13 - 00019976 _____ () C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetyldr.dll
2013-11-15 07:41 - 2013-11-15 07:41 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00072224 _____ () C:\Users\vaio\AppData\Local\LPT\srpt.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00023072 _____ () C:\Users\vaio\AppData\Local\LPT\srptc.dll
2014-02-25 11:53 - 2014-02-25 11:53 - 00018976 _____ () C:\Users\vaio\AppData\Local\LPT\Smartbar.Common.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00056864 _____ () C:\Users\vaio\AppData\Local\LPT\srut.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00061472 _____ () C:\Users\vaio\AppData\Local\LPT\sppsm.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00154656 _____ () C:\Users\vaio\AppData\Local\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00027168 _____ () C:\Users\vaio\AppData\Local\LPT\Smartbar.Personalization.Common.dll
2014-02-25 11:53 - 2014-02-25 11:53 - 00165408 _____ () C:\Users\vaio\AppData\Local\LPT\Smartbar.Infrastructure.Utilities.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00043552 _____ () C:\Users\vaio\AppData\Local\LPT\srbu.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00025120 _____ () C:\Users\vaio\AppData\Local\LPT\srpdm.dll
2014-02-25 11:54 - 2014-02-25 11:54 - 00036896 _____ () C:\Users\vaio\AppData\Local\LPT\Smartbar.Monetization.Proxy.ProxyService.dll
2014-03-22 22:00 - 2014-03-22 22:00 - 00904704 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2014-03-24 17:12 - 2014-03-19 06:00 - 00908640 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\libglesv2.dll
2014-03-24 17:12 - 2014-03-19 06:00 - 00108896 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\libegl.dll
2014-03-24 17:12 - 2014-03-19 06:00 - 00895328 _____ () C:\Program Files (x86)\Opera\20.0.1387.82\ffmpegsumo.dll
2013-12-11 16:54 - 2013-12-11 16:54 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
Name: PCI Device
Description: PCI Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Ethernet Controller
Description: Ethernet Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/27/2014 11:51:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1722610
 
Error: (03/27/2014 11:51:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1722610
 
Error: (03/27/2014 11:51:57 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/27/2014 11:23:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1638
 
Error: (03/27/2014 11:23:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1638
 
Error: (03/27/2014 11:23:16 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/27/2014 10:27:01 AM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0xdbcc
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3
 
Error: (03/27/2014 08:58:06 AM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0xc304
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3
 
Error: (03/27/2014 08:57:48 AM) (Source: Application Error) (User: )
Description: Faulting application name: taskeng.exe, version: 6.1.7601.17514, time stamp: 0x4ce79d2c
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x00000000000027de
Faulting process id: 0xc96c
Faulting application start time: 0xtaskeng.exe0
Faulting application path: taskeng.exe1
Faulting module path: taskeng.exe2
Report Id: taskeng.exe3
 
Error: (03/27/2014 08:57:27 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 37989129
 
 
System errors:
=============
Error: (03/27/2014 11:51:55 AM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
 
Error: (03/25/2014 06:43:05 PM) (Source: Service Control Manager) (User: )
Description: The Computer Backup (MyPC Backup) service failed to start due to the following error: 
%%1053
 
Error: (03/25/2014 06:43:05 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Computer Backup (MyPC Backup) service to connect.
 
Error: (03/25/2014 06:42:16 PM) (Source: EventLog) (User: )
Description: The previous system shutdown at 6:31:58 PM on ‎3/‎25/‎2014 was unexpected.
 
Error: (03/25/2014 06:41:11 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
 
Error: (03/25/2014 06:41:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.
 
Error: (03/25/2014 06:40:40 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
 
Error: (03/25/2014 06:40:10 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Browser service.
 
Error: (03/25/2014 06:39:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
 
Error: (03/25/2014 06:39:10 PM) (Source: Service Control Manager) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Percentage of memory in use: 48%
Total physical RAM: 3690.9 MB
Available physical RAM: 1909.32 MB
Total Pagefile: 7379.98 MB
Available Pagefile: 4884.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:287.19 GB) (Free:160.83 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 0864B2D6)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
and the last log ASWMBR
 
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-03-27 12:20:35
-----------------------------
12:20:35.137    OS Version: Windows x64 6.1.7601 Service Pack 1
12:20:35.138    Number of processors: 2 586 0x200
12:20:35.144    ComputerName: VAIO-PC  UserName: vaio
12:20:37.340    Initialize success
12:20:41.350    AVAST engine defs: 14032602
12:20:43.824    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:20:43.829    Disk 0 Vendor: Hitachi_HTS543232A7A384 ES2OA90C Size: 305245MB BusType: 11
12:20:43.999    Disk 0 MBR read successfully
12:20:44.005    Disk 0 MBR scan
12:20:44.025    Disk 0 Windows 7 default MBR code
12:20:44.033    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        11061 MB offset 2048
12:20:44.062    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 22654976
12:20:44.081    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       294082 MB offset 22859776
12:20:44.226    Disk 0 scanning C:\Windows\system32\drivers
12:21:00.128    Service scanning
12:21:53.759    Modules scanning
12:21:53.777    Disk 0 trace - called modules:
12:21:53.813    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
12:21:54.175    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004143060]
12:21:54.189    3 CLASSPNP.SYS[fffff880018af43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003bfb060]
12:21:55.186    AVAST engine scan C:\Windows
12:21:58.616    AVAST engine scan C:\Windows\system32
12:26:27.598    AVAST engine scan C:\Windows\system32\drivers
12:26:54.547    AVAST engine scan C:\Users\vaio
12:30:28.373    Disk 0 MBR has been saved successfully to "C:\Users\vaio\Desktop\MBR.dat"
12:30:28.394    The log file has been saved successfully to "C:\Users\vaio\Desktop\aswMBR.txt"
 
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-03-27 12:20:35
-----------------------------
12:20:35.137    OS Version: Windows x64 6.1.7601 Service Pack 1
12:20:35.138    Number of processors: 2 586 0x200
12:20:35.144    ComputerName: VAIO-PC  UserName: vaio
12:20:37.340    Initialize success
12:20:41.350    AVAST engine defs: 14032602
12:20:43.824    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
12:20:43.829    Disk 0 Vendor: Hitachi_HTS543232A7A384 ES2OA90C Size: 305245MB BusType: 11
12:20:43.999    Disk 0 MBR read successfully
12:20:44.005    Disk 0 MBR scan
12:20:44.025    Disk 0 Windows 7 default MBR code
12:20:44.033    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        11061 MB offset 2048
12:20:44.062    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 22654976
12:20:44.081    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       294082 MB offset 22859776
12:20:44.226    Disk 0 scanning C:\Windows\system32\drivers
12:21:00.128    Service scanning
12:21:53.759    Modules scanning
12:21:53.777    Disk 0 trace - called modules:
12:21:53.813    ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys 
12:21:54.175    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004143060]
12:21:54.189    3 CLASSPNP.SYS[fffff880018af43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8003bfb060]
12:21:55.186    AVAST engine scan C:\Windows
12:21:58.616    AVAST engine scan C:\Windows\system32
12:26:27.598    AVAST engine scan C:\Windows\system32\drivers
12:26:54.547    AVAST engine scan C:\Users\vaio
12:30:28.373    Disk 0 MBR has been saved successfully to "C:\Users\vaio\Desktop\MBR.dat"
12:30:28.394    The log file has been saved successfully to "C:\Users\vaio\Desktop\aswMBR.txt"
12:55:04.381    AVAST engine scan C:\ProgramData
13:01:23.404    Scan finished successfully
13:01:31.196    Disk 0 MBR has been saved successfully to "C:\Users\vaio\Desktop\MBR.dat"
13:01:31.208    The log file has been saved successfully to "C:\Users\vaio\Desktop\aswMBR.txt"
 
 

  • 0

#4
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts

Hello :)

Your machine is heavily infected, and we have a lot of work to do, so let's get started.


The Dangers of P2P Programs

I noticed that you have a P2P file sharing program on your computer . I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more likely than not infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

Here are some information sources about the dangers of P2P programs:

FBI - Peer to Peer Scams

USA Today Artticle on P2P Programs

File Sharing Infects 500,000 Computers

I very much recommend you uninstall this program from your machine. If not, I can guarantee you will be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.



Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.


Step 1: Chrome Changes and Program Uninstalls


Changing Chrome's Homepage

We need to change your homepage in Chrome, as it's set to a known malware site. Please follow the instructions below to change it.

  • Open Chrome and type this in the address bar: chrome:settings
  • When the Settings page opens, look under On Startup and then click Open a specific set of pages and click Set Pages
  • When the window opens, type in any page you wish as your new start page.
  • Once you have typed in your new home page, close the window.

 

Remove Chrome Extensions

There are some extensions in Chrome that need to be removed, please follow the instructions below to remove them.

Start Chrome and type this into the address bar: chrome:extensions

This will display a page of all the installed extensions. Please remove the extensions in the list below by clicking the trash can icon beside each one.

If one of the extensions I've asked you to remove is not listed, don't worry about it. Just move on to the next one in the list. :)

  • Funmoods Chat
  • Funmoods
  • Websteroids
  • Plus-HD-9.5

 

Program Uninstalls

Please uninstall the follow programs from your machine:

  • Internet Updater
  • LPT System Updater Service
  • Muvic Smartbar
  • Muvic Smartbar Engine
  • MyPC Backup
  • NewPlayer
  • Plus-HD-9.5
  • Quiknowledge
  • ScorpionSaver
  • ScorpionSaver Services
  • Search Protect
  • Search Protection
  • SpeedUpMyPC
  • Updater
  • Websteroids
  • Yontoo 1.10.02

 

Step 2: FRST Fix

  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. (To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste).
  • Save it on the desktop as fixlist.txt

Start
() C:\Program Files (x86)\LPT\srpts.exe
C:\Program Files (x86)\LPT
(Quiknowledge) C:\Program Files (x86)\Quiknowledge\Service\qksvc.exe
C:\Program Files (x86)\Quiknowledge
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe
C:\Program Files (x86)\Movies Toolbar
(SafetyNut Inc.) C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetynut.exe
() C:\Users\vaio\AppData\Local\LPT\srptm.exe
(WatchDog) C:\ProgramData\RHelpers\ChromeHelper\ChromeHelper.exe
(WatchDog) C:\ProgramData\RHelpers\IEHelper\IeHelper.exe
(Updater) C:\ProgramData\Updater\updater.exe
(WatchDog) C:\ProgramData\RHelpers\FireFoxHelper\FireFoxHelper.exe
C:\ProgramData\RHelpers
C:\ProgramData\Updater
HKLM-x32\...\Run: [ShopAtHomeWatcher] - C:\Users\vaio\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe
C:\Users\vaio\AppData\Roaming\ShopAtHome
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\Updater.exe [486264 2013-12-18] (Updater)
C:\ProgramData\Updater
HKU\.DEFAULT\...\Run: [SearchProtect] - \SearchProtect\bin\cltmng.exe
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [TBHostSupport] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\vaio\AppData\Local\TBHostSupport\TBHostSupport.dll",DLLRunTBHostSupportPlugin <===== ATTENTION
C:\Users\vaio\AppData\Local\TBHostSupport
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [SearchProtection] - C:\Users\vaio\AppData\Roaming\Search Protection\SearchProtection.EXE [832360 2013-09-03] (Spigot, Inc.)
C:\Users\vaio\AppData\Roaming\Search Protection
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
C:\ProgramData\Updater
HKU\S-1-5-21-165920356-1716568962-1869577169-1000\...\Run: [Browser Infrastructure Helper] - C:\Users\vaio\AppData\Local\Smartbar\Application\Muvic.exe [28192 2014-02-25] (Smartbar)
C:\Users\vaio\AppData\Local\Smartbar
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File Not Found
C:\PROGRA~2\SearchProtect
AppInit_DLLs: C:\PROGRA~3\Wincert\WIN64C~1.DLL => C:\ProgramData\Wincert\win64cert.dll [8704 2013-11-04] ()
AppInit_DLLs: C:\PROGRA~2\MOVIES~1\SAFETY~1\x64\SAFETY~2.DLL => C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetyldr.dll [23560 2014-02-05] ()
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => "C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll" File Not Found
AppInit_DLLs-x32: C:\PROGRA~3\Wincert\WIN32C~1.DLL => C:\ProgramData\Wincert\win32cert.dll [7168 2013-11-04] ()
AppInit_DLLs-x32: C:\PROGRA~2\MOVIES~1\SAFETY~1\SAFETY~2.DLL => C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetyldr.dll [19976 2014-02-05] ()
C:\PROGRA~3\Wincert
C:\PROGRA~2\MOVIES~1
C:\PROGRA~3\Wincert
C:\PROGRA~2\MOVIES~1
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
C:\Program Files (x86)\MyPC Backup
Startup: C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ZooskMessenger.lnk
ShortcutTarget: ZooskMessenger.lnk -> C:\Program Files (x86)\ZooskMessenger\ZooskMessenger.exe (No File)
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll [486408 2014-02-05] ()
HKLM\...\AppCertDlls: [x64] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\x64\safetycrt.dll [658952 2014-02-05] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperba...0dxwF7gMawk9Raw,
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms}
SearchScopes: HKLM - DefaultScope {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmood...E&cr=1797656733
SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = http://searchfunmood...E&cr=1797656733
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {B6CFFE22-3D74-4843-8410-CE6E0E7EC9D3}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
BHO: Plus-HD-9.5 - {11111111-1111-1111-1111-110511311166} - C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-bho64.dll (Plus HD)
BHO: Quiknowledge - {323C6E6D-1621-470F-8A52-4FDEC4E75E40} - C:\Program Files\Quiknowledge\IE\QuiknowledgeClientIE.dll (Quiknowledge)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO-x32: Plus-HD-9.5 - {11111111-1111-1111-1111-110511311166} - C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-bho.dll (Plus HD)
BHO-x32: Quiknowledge - {323C6E6D-1621-470F-8A52-4FDEC4E75E40} - C:\Program Files (x86)\Quiknowledge\IE\QuiknowledgeClientIE.dll (Quiknowledge)
BHO-x32: Websteroids - {44ed99e2-16a6-4b89-80d6-5b21cf42e78b} - C:\ProgramData\Websteroids\IE\common.dll (Creative Island Media, LLC)
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - Muvic - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Muvic - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaimdcedbpbcjjbbnfcbbjcngmomic
C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjjkeeamkpihpncmmbgdkhdnjpcfmfb
C:\Users\vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnkgiapbjhdboldbhkagdodklkphaip
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\vaio\AppData\Local\funmoods.crx [2012-10-10]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\vaio\AppData\Local\funmoods-speeddial_sf.crx [2012-10-10]
CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\vaio\AppData\Local\funmoods.crx [2012-10-10]
CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\vaio\AppData\Local\funmoods-speeddial_sf.crx [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [aaaaimdcedbpbcjjbbnfcbbjcngmomic] - C:\Users\vaio\AppData\Local\somotomoviestoolbar1\GC\toolbar.crx [2013-08-19]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\vaio\AppData\Local\funmoods.crx [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\vaio\AppData\Local\funmoods-speeddial_sf.crx [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [igjjkeeamkpihpncmmbgdkhdnjpcfmfb] - C:\ProgramData\Websteroids\Chrome\common.crx [2013-12-18]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-03-14] (Just Develop It)
R2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-14] (Parallel Lines Development, LLC)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [36384 2014-02-25] ()
R2 NewPlayerUpdaterService; C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-03-10] ()
R2 qksvc; C:\Program Files (x86)\Quiknowledge\Service\qksvc.exe [273000 2014-02-05] (Quiknowledge)
R2 SafetyNutManager2; C:\Program Files (x86)\Movies Toolbar\SafetyNut\SafetyNutManager.exe [3449864 2014-02-05] (SafetyNut Inc.)
C:\ProgramData\InternetUpdater
C:\Program Files (x86)\NewPlayer
R1 qknfd; C:\Windows\System32\drivers\qknfd.sys [58256 2014-02-05] (Quiknowledge)
C:\Windows\System32\drivers\qknfd.sys
2014-03-22 22:00 - 2014-03-27 12:01 - 00000276 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-03-22 22:00 - 2014-03-27 10:00 - 00001506 _____ () C:\Windows\Tasks\Plus-HD-9.5-updater.job
2014-03-22 22:00 - 2014-03-27 10:00 - 00001468 _____ () C:\Windows\Tasks\Plus-HD-9.5-codedownloader.job
2014-03-22 22:00 - 2014-03-27 10:00 - 00001366 _____ () C:\Windows\Tasks\Plus-HD-9.5-enabler.job
2014-03-22 22:00 - 2014-03-22 22:00 - 00004536 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-updater
2014-03-22 22:00 - 2014-03-22 22:00 - 00004498 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-codedownloader
2014-03-22 22:00 - 2014-03-22 22:00 - 00004396 _____ () C:\Windows\System32\Tasks\Plus-HD-9.5-enabler
2014-03-22 22:00 - 2014-03-22 22:00 - 00003210 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Maintenance
2014-03-22 22:00 - 2014-03-22 22:00 - 00002498 _____ () C:\Windows\System32\Tasks\SpeedUpMyPC Startup
2014-03-22 22:00 - 2014-03-22 22:00 - 00001969 _____ () C:\Users\vaio\Desktop\Sync Folder.lnk
2014-03-22 22:00 - 2014-03-22 22:00 - 00001113 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\Tuguu_SL
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\Smartbar
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\newplayer
2014-03-22 22:00 - 2014-03-22 22:00 - 00000000 ____D () C:\Users\vaio\AppData\Local\LPT
2014-03-22 21:59 - 2014-03-27 10:00 - 00002330 _____ () C:\Windows\Tasks\Plus-HD-9.5-firefoxinstaller.job
2014-03-22 21:59 - 2014-03-25 18:51 - 00000270 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-03-22 21:59 - 2014-03-22 21:59 - 00001087 _____ () C:\Users\vaio\Desktop\MyPC Backup.lnk
2014-03-22 21:59 - 2014-03-22 21:59 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-22 21:58 - 2014-03-27 09:58 - 00003090 _____ () C:\Windows\Tasks\Plus-HD-9.5-chromeinstaller.job
2014-03-22 21:58 - 2014-03-22 22:00 - 00000000 ____D () C:\Program Files (x86)\Plus-HD-9.5
2014-03-22 21:58 - 2014-03-22 22:00 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-03-22 21:58 - 2014-03-22 21:58 - 00001165 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-03-22 21:58 - 2014-03-22 21:58 - 00000000 ____D () C:\Users\vaio\AppData\Roaming\Uniblue
2014-03-22 21:58 - 2014-03-22 21:58 - 00000000 ____D () C:\Program Files (x86)\Uniblue
2014-03-22 21:56 - 2013-03-04 18:52 - 00000000 _____ () C:\END
Task: {33B0786C-FF93-4409-B0F0-9B08E4F94D32} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-10] (Uniblue Systems Limited)
Task: {55A7EDCA-8D58-4E7E-BFE4-D8A939625B38} - System32\Tasks\Plus-HD-9.5-firefoxinstaller => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-firefoxinstaller.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {6E9CD9CC-5393-45B6-A12F-33385FF9E404} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\Updater.exe [2013-10-25] () <==== ATTENTION
Task: {724C6FB0-78CB-4606-AECE-179145FAAF01} - System32\Tasks\Plus-HD-9.5-enabler => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-enabler.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {72A4DA9F-3F8E-461A-AA4D-CB6F87B9CCAA} - System32\Tasks\Plus-HD-9.5-updater => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-updater.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {84D85EB9-C5C0-4928-A3A3-74BB701A5C17} - System32\Tasks\bench-Updater removing
Task: {A356EF35-7546-47A8-A428-F7862D5ADA8F} - System32\Tasks\Plus-HD-9.5-codedownloader => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-codedownloader.exe [2014-03-22] (Plus HD) <==== ATTENTION
Task: {C3836FAF-2669-4763-AD9D-82EF27F5D608} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-03-10] (Uniblue Systems Limited)
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-Updater removing.job => ?
Task: C:\Windows\Tasks\Plus-HD-9.5-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5-codedownloader.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5-enabler.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-9.5-updater.job => C:\Program Files (x86)\Plus-HD-9.5\Plus-HD-9.5-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe
C:\Users\vaio\AppData\Local\LPT
End


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.


Step 3: AdwCleaner


Download ADWcleaner by clicking here. Please save it to your Desktop


adwcleaner2_zps680e0e15.jpg

  • Double click (Vista and 7 Users)right click the adwcleaner.exe file and click Run as Adminstrator and accept the UAC prompt to run AdwCleaner
  • Close any open windows or browsers.
  • Pause your Anti-Virus program if it is running.
  • Once it starts, click on the Scan button.
  • Let the scan complete itself. This may take a few minutes.
  • Once the scan has finished, it will say "Pending, uncheck elements you don't want to remove.", don't worry about unchecking anything and then click the Clean button. When finished, it will ask to reboot. Please reboot.
  • When the machine has rebooted, a log will be produced. Please copy/paste that in your next reply. Here's how:This report is also saved at C:\AdwCleaner[R0].txt
    • Click the Report button and the log will open. Copy and Paste the contents of the log file into your next reply.

 

 

Step 3: Junkware Removal Tool


thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Step 4: Temporary File Cleaner


Clear Cache/Temp Files
Download TFC by OldTimer to your desktop

  • Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.

 

Step 5: FRST Scan

Start FRST and press the Scan button. FRST will scan your system and produce one log. Please post it in your next reply.


Things I need to see in your next post:

FRST Fix Log

AdwCleaner Log

Junkware Removal Tool Log

New FRST Scan Log

Question: How is the machine running now?


  • 0

#5
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,886 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP